This repository was archived by the owner on Jul 25, 2025. It is now read-only.
forked from pwnlandia/shockpot
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathshockpot.py
More file actions
94 lines (78 loc) · 3.15 KB
/
shockpot.py
File metadata and controls
94 lines (78 loc) · 3.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
import logger
logger.logging_setup()
from logger import LOGGER
import bottle
from bottle import request, response
import json
from util import get_hpfeeds_client, get_ext_ip
from util import get_postgresql_handler
from commands import perform_commands
import re
import datetime
import urlparse
shellshock_re = re.compile(r'\(\s*\)\s*{')
# this is the default apache page
page_template = '''<html><body><h1>{{title}}</h1>
<p>This is the default web page for this server.</p>
<p>The web server software is running but no content has been added, yet.</p>
</body></html>
'''
app = bottle.default_app()
LOGGER.info( 'Loading config file shockpot.conf ...')
app.config.load_config('shockpot.conf')
hpclient = get_hpfeeds_client(app.config)
dbh = get_postgresql_handler(app.config)
public_ip = None
if app.config['fetch_public_ip.enabled'].lower() == 'true':
public_ip = get_ext_ip(json.loads(app.config['fetch_public_ip.urls']))
print 'public_ip =', public_ip
def is_shellshock(headers):
for name, value in headers:
if shellshock_re.search(value):
return True
return False
def get_request_record():
headers = [[name, value,] for name, value in request.headers.items()]
is_shellshock_check = is_shellshock(headers)
command, data = None, None
if is_shellshock_check:
command, data = perform_commands(headers)
if public_ip:
dest_host = public_ip
else:
dest_host = urlparse.urlparse(request.url).netloc.split(':',1)[0]
return {
'method': request.method,
'url': request.url,
'path': request.path,
'query_string': request.query_string,
'headers': headers,
'source_ip': request.environ.get('REMOTE_ADDR'),
'dest_port': request.environ.get('SERVER_PORT'),
'dest_host': dest_host,
'is_shellshock': is_shellshock_check,
'command': command,
'command_data': data,
'timestamp': str(datetime.datetime.now())
}
def log_request(record):
global hpclient
global dbh
req = json.dumps(record)
LOGGER.info(req)
if hpclient and record['is_shellshock']:
hpclient.publish(app.config['hpfeeds.channel'], req)
if dbh and record['is_shellshock']:
cursor = dbh.cursor()
cursor.execute("INSERT INTO connections (method, url, path, query_string, headers, source_ip, source_port, dest_host, dest_port, is_shellshock, command, command_data, timestamp) VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)",
(record['method'], record['url'], record['path'], record['query_string'], str(record['headers']), record['source_ip'],request.environ.get('REMOTE_PORT'), record['dest_host'], record['dest_port'], record['is_shellshock'], record['command'], record['command_data'], record['timestamp']) )
dbh.commit()
@app.route('/')
@app.route('/<path:re:.+>')
@app.route('/', method="POST")
@app.route('/<path:re:.+>', method="POST")
def func(**kwargs):
log_request(get_request_record())
response.set_header('Server', app.config['headers.server'])
return bottle.template(page_template, title='It works!')
bottle.run(host=app.config['server.host'], port=int(app.config['server.port']))