diff --git a/kippo/commands/wget.py b/kippo/commands/wget.py index 84cf1eb..4086d05 100644 --- a/kippo/commands/wget.py +++ b/kippo/commands/wget.py @@ -12,8 +12,10 @@ import random import re import exceptions -import os.path +import os import getopt +import hashlib +import shutil commands = {} @@ -93,13 +95,15 @@ def start(self): if cfg.has_option('honeypot', 'download_limit_size'): self.limit_size = int(cfg.get('honeypot', 'download_limit_size')) + self.download_path = cfg.get('honeypot', 'download_path') + self.safeoutfile = '%s/%s_%s' % \ - (cfg.get('honeypot', 'download_path'), + (self.download_path, time.strftime('%Y%m%d%H%M%S'), re.sub('[^A-Za-z0-9]', '_', url)) self.deferred = self.download(url, outfile, self.safeoutfile) if self.deferred: - self.deferred.addCallback(self.success) + self.deferred.addCallback(self.success, outfile) self.deferred.addErrback(self.error, url) def download(self, url, fakeoutfile, outputfile, *args, **kwargs): @@ -137,7 +141,30 @@ def ctrl_c(self): self.writeln('^C') self.connection.transport.loseConnection() - def success(self, data): + def success(self, data, outfile): + if not os.path.isfile(self.safeoutfile): + print "there's no file " + self.safeoutfile + self.exit() + + shasum = hashlib.sha256(open(self.safeoutfile, 'rb').read()).hexdigest() + hash_path = '%s/%s' % (self.download_path, shasum) + + msg = 'SHA sum %s of URL %s in file %s' % \ + (shasum, self.url, self.fileName) + print msg + self.honeypot.logDispatch(msg) + + if not os.path.exists(hash_path): + print "moving " + self.safeoutfile + " -> " + hash_path + shutil.move(self.safeoutfile, hash_path) + else: + print "deleting " + self.safeoutfile + " SHA sum: " + shasum + os.remove(self.safeoutfile) + self.safeoutfile = hash_path + + print "Updating realfile to " + hash_path + f = self.fs.getfile(outfile) + f[9] = hash_path self.exit() def error(self, error, url): @@ -257,6 +284,8 @@ def pageEnd(self): self.wget.fs.update_realfile( self.wget.fs.getfile(self.fakeoutfile), self.wget.safeoutfile) + + self.wget.fileName = self.fileName return client.HTTPDownloader.pageEnd(self) # vim: set sw=4 et: diff --git a/kippo/core/dblog.py b/kippo/core/dblog.py index 6983d04..05f2980 100644 --- a/kippo/core/dblog.py +++ b/kippo/core/dblog.py @@ -32,6 +32,10 @@ def __init__(self, cfg): self.handleUnknownCommand), ('^:dispatch: Saving URL \((?P.*)\) to (?P.*)$', self.handleFileDownload), + ('^:dispatch: SHA sum (?P.*) of URL (?P.*) in file (?P.*)$', + self.handleShaSum), + ('^:dispatch: Updated outfile (?P.*) to (?P.*) with SHA sum (?P.*)$', + self.handleUpdatedFile), ('^INPUT \((?P[a-zA-Z0-9]+)\): (?P.*)$', self.handleInput), ('^Terminal size: (?P[0-9]+) (?P[0-9]+)$', @@ -145,4 +149,12 @@ def handleClientVersion(self, session, args): def handleFileDownload(self, session, args): pass + # args has: shasum, url, outfile + def handleShaSum(self, session, args): + pass + + # args has: outfile, dl_file, shasum + def handleUpdatedFile(self, session, args): + pass + # vim: set sw=4 et: diff --git a/kippo/dblog/mysql.py b/kippo/dblog/mysql.py index 1245387..a47e890 100644 --- a/kippo/dblog/mysql.py +++ b/kippo/dblog/mysql.py @@ -146,4 +146,9 @@ def handleFileDownload(self, session, args): ' VALUES (%s, FROM_UNIXTIME(%s), %s, %s)', (session, self.nowUnix(), args['url'], args['outfile'])) + def handleShaSum(self, session, args): + self.simpleQuery('UPDATE `downloads` SET `shasum` = %s' + \ + ' WHERE `outfile` = %s', + (args['shasum'], args['outfile'])) + # vim: set sw=4 et: diff --git a/kippo/dblog/textlog.py b/kippo/dblog/textlog.py index 383cef7..b17776e 100644 --- a/kippo/dblog/textlog.py +++ b/kippo/dblog/textlog.py @@ -56,4 +56,12 @@ def handleFileDownload(self, session, args): self.write(session, 'File download: [%s] -> %s' % \ (args['url'], args['outfile'])) + def handleShaSum(self, session, args): + self.write(session, 'File SHA sum: %s [%s] -> %s' % \ + (args['shasum'], args['url'], args['outfile'])) + + def handleUpdatedFile(self, session, args): + self.write(session, 'Updated wget outfile %s to %s' % \ + (args['outfile'], args['dl_file'])) + # vim: set sw=4 et: