kippo icon indicating copy to clipboard operation
kippo copied to clipboard

Published 20 hours ago verified publisher icon desaster

Command lines are resolved

Open ghost opened this issue 10 years ago • 1 comments

From basstottelaar on November 10, 2012 13:00:52

What steps will reproduce the problem? 1. Start session 2. Touch file in current directory 3. Start command with filename as argument What is the expected output? What do you see instead? From the log file:

False: 2012-11-10 11:46:19+0100 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx] CMD: touch c 2012-11-10 11:46:19+0100 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx Command found: touch c 2012-11-10 11:46:21+0100 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx] CMD: which c 2012-11-10 11:46:21+0100 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx] Command found: which c 2012-11-10 11:46:21+0100 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx] {'PATH': '/bin:/usr/bin:/sbin:/usr/sbin'} <--- self.env 2012-11-10 11:46:21+0100 SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx <--- self.args

Correct: 2012-11-10 11:47:23+0100 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx] CMD: touch c 2012-11-10 11:47:23+0100 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx] Command found: touch c 2012-11-10 11:47:24+0100 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx] CMD: which c 2012-11-10 11:47:24+0100 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx] Command found: which c 2012-11-10 11:47:24+0100 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx] {'PATH': '/bin:/usr/bin:/sbin:/usr/sbin'} <--- self.env 2012-11-10 11:47:24+0100 SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,0,xx.xx.xx.xx <--- self.args What version of the product are you using? On what operating system? Kippo- r220 on Debian5 with Python 2.6 Please provide any additional information below. This behavior may be correct for some programs, but as I have implemented the 'which' command (and other commands), I do not want arguments to be resolved. I have created a patch which makes this behavior selectable by providing an optional class variable for commands called 'resolve_args'.

This patch also provides the ENV vars to commands. This was required for the 'which' command. https://github.com/basilfx/kippo-commands (work in progress)

Attachment: honeypot.py.patch

Original issue: http://code.google.com/p/kippo/issues/detail?id=59

ghost avatar May 27 '14 20:05 ghost

From desaster on November 28, 2012 22:33:53

Sorry I haven't responded to this earlier - my mind is totally away from kippo these days.

I did look at your patch, and indeed it fixes the old problem with resolving, but only optionally. After I saw your patch, I looked into "fixing" the whole resolving thing at a lower level, since right now the kippo implementation is just crude. However nothing came of that at the time.

I will try to add your patch in one way or another soon anyway.

Status: Accepted

ghost avatar May 27 '14 20:05 ghost