Rooba
/
cowrie
mirror of https://github.com/cowrie/cowrie.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
394 Commits 3 Branches 21 Tags 58 MiB
Commit Graph

252 Commits

Author SHA1 Message Date
Michel Oosterhof 4cfa58e73d support additional emacs ctrl keys (c-a, c-b, c-f, c-p, c-n, c-e) 2014-11-09 16:26:09 +04:00
Michel Oosterhof b697334549 add chattr 2014-11-08 18:34:24 +00:00
Michel Oosterhof 5a6d30215a Remove unused modules from textlog 2014-11-08 18:32:25 +00:00
Michel Oosterhof 42fd8a9ee4 Do not reset terminal after user logs out 2014-11-08 18:30:30 +00:00
Michel Oosterhof 376015c6b0 catch and log full X11 request and catch agent requests. 2014-11-05 11:34:56 +04:00
Michel Oosterhof 3b79c6e861 friendly logging of request_env 2014-11-05 11:10:16 +04:00
Michel Oosterhof 8b8651822f check for existence of /etc/ssh/moduli before using it 2014-11-05 10:43:39 +04:00
Michel Oosterhof bd557ade12 better logging direct-tcp, shuffle imports. 2014-11-04 14:16:35 +00:00
Michel Oosterhof 8979177a33 reverse default exit_jail behavior if option is not specified 2014-11-04 10:51:28 +00:00
Michel Oosterhof 41bc8b65e4 Switch from uuid1 to uuid4. uuid4 does not leak ip address 2014-11-04 10:42:08 +00:00
Michel Oosterhof 43b915f68e added simple unstructured JSON logging 2014-11-04 10:31:26 +00:00
Michel Oosterhof 7aa3505adc we need the full re.split for the field limitation 2014-11-02 08:51:52 +00:00
Michel Oosterhof 091197d92a split on && and newline 2014-10-31 11:59:23 +00:00
Michel Oosterhof 806dfa194d add support for '-c' option. option has no effect 2014-10-26 07:38:20 +00:00
Michel Oosterhof 636b31cd27 last log import 2014-10-05 21:20:06 +00:00
Michel Oosterhof d61ed77be4 more twisted.python.log imports 2014-10-05 21:16:10 +00:00
Michel Oosterhof 6c0695ea4c move from implements to @implementer 2014-10-05 21:15:14 +00:00
Michel Oosterhof c4efff1283 add imports for logging, disable logging from fs.py 2014-10-05 21:02:24 +00:00
Michel Oosterhof 4ace22db76 convert all 'print' calls to 'log.msg' 2014-10-05 20:54:14 +00:00
Michel Oosterhof 9b8f3d02ca improved ip address regex match in ping 2014-10-05 08:31:26 +00:00
Michel Oosterhof c9c1792456 remove non-port 80 restriction 2014-10-05 06:43:48 +00:00
Michel Oosterhof 3fbf21dc5c Merge branch 'exitjail' of https://github.com/g0tmi1k/kippo 2014-10-04 19:19:14 +00:00
Michel Oosterhof e75fed058f only log stdin to separate file when using execcmd 2014-10-04 13:15:06 +00:00
Michel Oosterhof 27304ba9d8 log keystrokes in loggingserver, not in protocol 2014-10-04 12:53:40 +00:00
Michel Oosterhof c01ef07be1 log stdin when 2014-10-04 12:43:24 +00:00
Michel Oosterhof a3503afc71 Merge branch 'diffie-hellman-group-exchange-sha1' 2014-10-04 11:03:15 +00:00
Michel Oosterhof 721cb7ce8d import primes function 2014-10-04 11:02:50 +00:00
Michel Oosterhof 8d95f15202 reorder cipher negotiation to resemble current openssh more 2014-10-04 10:57:19 +00:00
Michel Oosterhof fd4ca2bcf6 load module for diffie-hellman-group-exchange-sha1 2014-10-04 10:53:55 +00:00
Michel Oosterhof c93b2ab586 Merge branch 'direct-tcpip' of https://github.com/micheloosterhof/kippo 2014-09-25 07:28:06 +00:00
Michel Oosterhof 44c6fba349 add logging for direct-tcpip connections 2014-08-20 15:24:43 +02:00
Michel Oosterhof c83fd45c87 less verbose logging 2014-08-18 15:14:50 +02:00
Michel Oosterhof 1b1f4c4882 less verbose logging at fs level. working imports 2014-08-18 14:53:15 +02:00
Michel Oosterhof c529cb1f84 sftp protocol support 2014-08-18 14:35:35 +02:00
Michel Oosterhof 46fc2d3cc7 file system functions to enable sftp support. 2014-08-18 14:29:15 +02:00
Upi Tamminen b321ef1098 quick fixes: 
- txtcmd broken since HoneyPotCommand wasn't found (fixes #147)
- tab completion broken since os wasn't imported
 2014-08-13 08:19:51 +03:00
Upi Tamminen dbf0ca7a48 call getPeer() from another transport, fixes #146 2014-08-12 20:21:55 +03:00
Upi Tamminen c3c09adb02 restructuring and cleanup 2014-08-09 23:55:20 +03:00
Upi Tamminen 6c8596930e change exec handling so the command is allowed to run long enough for wget to 
work
 2014-08-09 19:19:05 +03:00
Upi Tamminen e1e3acb850 we don't need recvline.HistoricRecvLine for execCommand, 
so branch off the protocol into two protocols
 2014-08-09 18:29:17 +03:00
Upi Tamminen 641c08cf7c code style changes 2014-08-09 15:48:33 +03:00
Upi Tamminen 9bd02f780c when using execCommand, ls breaks without windowSize 2014-08-09 15:39:47 +03:00
Upi Tamminen 4e8ad9c92c Merge branch 'pr/111' into review-pr-111 
Conflicts:
	kippo.cfg.dist
	kippo/core/honeypot.py
 2014-08-09 15:37:58 +03:00
Upi Tamminen 14fd2fec32 cleanup key generation 2014-08-09 15:20:10 +03:00
Upi Tamminen 6e6a8aa4c1 [i] does not generally mean anything in kippo 2014-08-09 15:01:58 +03:00
Upi Tamminen baeda78839 Merge branch 'pr/108' into review-pr-108 2014-08-09 15:00:38 +03:00
Upi Tamminen a0b1f2a138 add bash -c (Closes #104) 2014-08-09 14:49:00 +03:00
desaster acbb5dbb3c Merge pull request #96 from g0tmi1k/protocolmismatch 
Fix "protocol mismatch" issue
 2014-08-09 13:52:13 +03:00
Katarina Durechova 28089ce81e Add php 2014-07-30 17:25:46 +01:00
Katarina Durechova 23437c08ee Add perl 2014-07-30 17:20:05 +01:00
Upi Tamminen 9e09235cfd add support for -O parameter (fixes #131) 2014-07-26 12:02:12 +03:00
g0tmi1k 5f06a22fca Silence "chown", "chgrp" and "chattr" commands 2014-06-13 18:33:13 +03:00
Upi Tamminen e8e33cd03f fix wget url parsing, Fixes #91 2014-06-13 18:25:55 +03:00
Upi Tamminen 36f2bc43b6 don't let user set password to '*' 2014-06-13 18:15:51 +03:00
g0tmi1k 4b4ae526d5 Accept "any" (*) password if desired 
Credit: https://github.com/micheloosterhof/kippo
 2014-06-13 18:13:41 +03:00
Upi Tamminen 9203c8ff17 coding style tweaks 2014-06-13 18:09:48 +03:00
Upi Tamminen e4d4ea4b2e Merge branch 'bash' of https://github.com/g0tmi1k/kippo into g0tmi1k-bash 2014-06-13 18:07:41 +03:00
Upi Tamminen a71d6e0305 tweak chmod code style 2014-06-13 18:04:07 +03:00
g0tmi1k 96f6d11c03 Improved chmod - checks to see if file exists 
:x
 2014-06-13 18:00:29 +03:00
g0tmi1k a3d965e824 The option to disable fake local shell on exit 2014-06-02 16:20:22 +01:00
g0tmi1k 7791dd2821 Updated some bash error output 2014-06-01 14:27:51 +01:00
g0tmi1k ed5161f177 Added basic support for 'cd -' 
Could be improved to actually function, rather than a static message
 2014-06-01 14:26:46 +01:00
g0tmi1k a7b6247701 Added support for 'cd ~' 
Will now return back to user's home folder
 2014-06-01 14:25:52 +01:00
g0tmi1k 5027e361b6 Added '--all' response to 'uname' 
Seen it used in the wild
 2014-06-01 14:25:14 +01:00
g0tmi1k 5b3482b356 Changed default hostname 
...You may wish to alter this again (decrease chance of detection)
 2014-06-01 14:16:48 +01:00
g0tmi1k 52d3984755 Added "execCommand" support 
Credit: https://github.com/micheloosterhof/kippo/
 2014-06-01 11:30:26 +01:00
desaster 60d49cc9db Merge pull request #103 from g0tmi1k/alias 
Silence the "alias" command
 2014-05-31 00:10:05 +03:00
desaster cde75a2c6a Merge pull request #105 from g0tmi1k/umask 
Silence the "umask" command
 2014-05-31 00:08:20 +03:00
g0tmi1k 2e0c2cd4d0 Add DSA support, move location & increase key size 
Credit: https://github.com/micheloosterhof/kippo/
Add DSA SSH key support
Move from: “./public.key” to “./data/ssh_host_rsa_key.pub“
Increase key size from 1024 to 2048 bits
 2014-05-30 05:19:23 +01:00
g0tmi1k e64aad4e94 Silence the "umask" command 
Credit: https://github.com/micheloosterhof/kippo
 2014-05-30 04:56:08 +01:00
g0tmi1k dce37f5e90 Silence the "alias" command 
Looks “odd” when it say “not found”.
 2014-05-30 04:17:18 +01:00
desaster de33d7250d Merge pull request #98 from g0tmi1k/shellprompt 
Updated "shell prompt" (to give a Debian feel)
 2014-05-29 12:12:56 +03:00
g0tmi1k 19d3fa1349 Updated "shell prompt" (to give a Debian feel) 
Looks more like Debian/Ubuntu (which is the default base OS).
Check comments for CentOS version.
 2014-05-29 08:38:43 +01:00
g0tmi1k f871adc6d5 Add "apt-get moo" response 
Possible method of trying to detect a honeypot
 2014-05-29 00:48:56 +01:00
g0tmi1k 40b65278c3 Fix "protocol mismatch" issue 
Credit: http://kbyte.snowpenguin.org/portal/2013/04/30/kippo-protocol-mismatch-workaround/
 2014-05-28 19:06:19 +01:00
g0tmi1k 9737a8fdb6 Fixed formatting issues 2014-05-28 05:26:13 +01:00
g0tmi1k 74d5cb0825 Removed all trailing spaces 2014-05-28 05:13:55 +01:00
desaster 5359da0ab7 limit shell input a bit 
git-svn-id: https://kippo.googlecode.com/svn/trunk@248 951d7100-d841-11de-b865-b3884708a8e2
 2014-05-18 16:53:32 +00:00
desaster@gmail.com 42585c44c9 Make ourVersionString configurable (Resolves issue #54) 
git-svn-id: https://kippo.googlecode.com/svn/trunk@247 951d7100-d841-11de-b865-b3884708a8e2
 2014-02-16 09:50:41 +00:00
desaster 1a78b7c30a fix #75 
git-svn-id: https://kippo.googlecode.com/svn/trunk@246 951d7100-d841-11de-b865-b3884708a8e2
 2013-04-08 19:40:25 +00:00
desaster b69c2c3341 fix syntax 
git-svn-id: https://kippo.googlecode.com/svn/trunk@239 951d7100-d841-11de-b865-b3884708a8e2
 2013-03-31 13:15:35 +00:00
desaster 0b134dbf3f Add text based dblog module, for demonstration purposes or whatever 
git-svn-id: https://kippo.googlecode.com/svn/trunk@238 951d7100-d841-11de-b865-b3884708a8e2
 2013-03-29 15:04:52 +00:00
desaster 372f8fc52f fix syntax on the latest fix 
git-svn-id: https://kippo.googlecode.com/svn/trunk@237 951d7100-d841-11de-b865-b3884708a8e2
 2013-03-28 23:00:48 +00:00
desaster 5715a915c7 fix disastrous mysql logging breakage introduced in r229 
git-svn-id: https://kippo.googlecode.com/svn/trunk@236 951d7100-d841-11de-b865-b3884708a8e2
 2013-03-28 22:55:25 +00:00
desaster 248dd56ed7 fix twisted version comparision for premature key exchange fix 
git-svn-id: https://kippo.googlecode.com/svn/trunk@234 951d7100-d841-11de-b865-b3884708a8e2
 2013-02-04 17:10:09 +00:00
desaster 8e9fe0605c Workaround so the premature key exchange workaround works on twisted >= 11 
git-svn-id: https://kippo.googlecode.com/svn/trunk@233 951d7100-d841-11de-b865-b3884708a8e2
 2013-02-04 11:44:42 +00:00
desaster 3912ffb603 Remove connection limit support for now, since adding a protocol wrapper 
changes the logging in newer twisted versions, and breaks dblog.



git-svn-id: https://kippo.googlecode.com/svn/trunk@232 951d7100-d841-11de-b865-b3884708a8e2
 2013-01-21 12:41:41 +00:00
desaster 9378c6ba22 Limit total number of concurrent connections. Configurable with 
connection_limit (default 50).

Also fix logging downloads.



git-svn-id: https://kippo.googlecode.com/svn/trunk@229 951d7100-d841-11de-b865-b3884708a8e2
 2013-01-08 21:40:19 +00:00
desaster d0ed22736d Limit number of new files on a filesystem to 10000 
git-svn-id: https://kippo.googlecode.com/svn/trunk@228 951d7100-d841-11de-b865-b3884708a8e2
 2013-01-08 20:01:25 +00:00
desaster 92f1dec5d6 Add support for limiting the file size of files downloaded with wget. 
new kippo.cfg option: download_limit_size

as discussed @ issue 35


git-svn-id: https://kippo.googlecode.com/svn/trunk@227 951d7100-d841-11de-b865-b3884708a8e2
 2013-01-08 19:31:20 +00:00
desaster bff1829e3c further fixing on issue 55 - do not set the initial cwd if the path doesn't exist 
git-svn-id: https://kippo.googlecode.com/svn/trunk@226 951d7100-d841-11de-b865-b3884708a8e2
 2013-01-08 17:52:21 +00:00
desaster 41363db9d4 Add support for specifying MySQL port (issue #61) 
git-svn-id: https://kippo.googlecode.com/svn/trunk@225 951d7100-d841-11de-b865-b3884708a8e2
 2013-01-08 17:39:02 +00:00
desaster 3a7bcc0ff5 Add support for logging downloaded files via dblog 
New mysql table "downloads", see doc/sql/update7.sql



git-svn-id: https://kippo.googlecode.com/svn/trunk@224 951d7100-d841-11de-b865-b3884708a8e2
 2013-01-08 17:31:29 +00:00
desaster 96265ebe03 Fix #55 - don't try to change cwd to a directory that doesn't exist 
git-svn-id: https://kippo.googlecode.com/svn/trunk@222 951d7100-d841-11de-b865-b3884708a8e2
 2012-11-10 16:07:13 +00:00
desaster 4fac0ac51e Make exxxit only available if the client IP is 127.0.0.* 
git-svn-id: https://kippo.googlecode.com/svn/trunk@221 951d7100-d841-11de-b865-b3884708a8e2
 2012-11-10 14:44:50 +00:00
desaster b53e8a65d1 Don't send key exchange prematurely 
git-svn-id: https://kippo.googlecode.com/svn/trunk@220 951d7100-d841-11de-b865-b3884708a8e2
 2012-07-08 16:30:32 +00:00
desaster 15777aca0e Another quick interact fix for Putty 
git-svn-id: https://kippo.googlecode.com/svn/trunk@219 951d7100-d841-11de-b865-b3884708a8e2
 2012-04-13 05:58:58 +00:00
desaster f756438e51 Fix the interact feature to correctly handle line returns when using windows 
telnet or putty


git-svn-id: https://kippo.googlecode.com/svn/trunk@218 951d7100-d841-11de-b865-b3884708a8e2
 2012-04-13 05:46:16 +00:00
desaster 0eaf51c48e Update the uptime command to display real uptime of the honeypot, and zero 
load. This closes issue #47

Also added a small change to ps output.


git-svn-id: https://kippo.googlecode.com/svn/trunk@217 951d7100-d841-11de-b865-b3884708a8e2
 2012-04-08 16:41:34 +00:00
desaster ace3015574 experiment: print out passed environment variables to the log 
git-svn-id: https://kippo.googlecode.com/svn/trunk@216 951d7100-d841-11de-b865-b3884708a8e2
 2012-03-27 07:05:28 +00:00