working on tracking commands and sessions, not working yet

config.go

@@ -8,7 +8,7 @@ var RPCHost string        = "127.0.0.1"
 var cowPipe string        = "/tmp/sh0rtbus.cowrie.fifo"
 /////////
 /// IRC
-var ircHost string        = "10.8.0.1"
+var ircHost string        = "br3ircdrchatmfsk.onion"
 var ircPort int           = 6667
 var ircSSL bool           = false
 var ircFlood bool         = true
@@ -21,12 +21,13 @@ var ircNick string        = "sh0rtbus"
 var ircUser string
 var ircPass string        // username:pasword defined in auth.text
 // Proxy
-var proxyProto string     = "false" // "false" to disable proxy
+var proxyProto string     = "SOCKS5" // "false" to disable proxy
 var proxyHost string      = "127.0.0.1"
 var proxyPort string      = "9050"
 //// Cowrie
-var cowVerbose bool       = false
+var cowVerbose int        = 0
 var cowLogs string        = "/home/cowrie/cowrie/var/log/cowrie"
+var cowPings string	  = "kayos hgc Civil Xair nameless moony Glock kuntz w00dsman"
 // Cowrie SQL
 //var sqlHost string      = "127.0.0.1"
 //var sqlPort string      = "3306"
@@ -36,4 +37,5 @@ var cowLogs string        = "/home/cowrie/cowrie/var/log/cowrie"
 ///////////////////
 //var db *sql.DB
 var err error
+var cowSesh []string
 //////////////////

ircbot.go

@@ -239,40 +239,28 @@ func ircbot() {
 
 				case "!cowrie":
 					if (len(thyWill) < 3) {
-						cowSay(c,"Cowrie","-v [0/1] verbose on/off ")
+						cowSay(c,"Usage","-v [0/1/2]","0 = off | 1 = output successful logins | 2 = REEEEEEE")
 						return
 					}
 
 					if thyWill[1] == "-v" {
 						if thyWill[2] == "0" {
-							cowVerbose = false
-							cowSay(c,"Aight, den.", "Cowrie verbose log output stopped")
+							cowVerbose = 0
+							cowSay(c,"Aight, den.", "Cowrie output stopped","0")
 						}
 						if thyWill[2] == "1" {
-							cowVerbose = true
-							cowSay(c,"I seent em!", "Cowrie verbose log output started")
+							cowVerbose = 1
+							cowSay(c,"For the giggles :^)", "Cowrie session log output started","I'll ping you when some retards show up :^)")
+						}
+						if thyWill[2] == "2" {
+							cowVerbose = 2
+							cowSay(c,"I seent em!", "Cowrie verbose log output started","{green}Less goooooooo{c}")
 						}
 					}
 
-				case "!telnet":
-					if (len(thyWill) < 3) {
-						Phone(c,"not even sure")
-						return
-					}
-
-					if thyWill[1] == "add" {
-						for i, t := range thyWill {
-							if i < 3 { continue }
-							Phone(c,t)
-						}
-						if thyWill[2] == "0" {
-							cowVerbose = false
-							cowSay(c,"Aight, den.", "Cowrie verbose log output stopped")
-						}
-					}
 
 				default:
-					Phone(c,"what")
+					Phone(c,"Not sure what the shit you're on about, m8!")
 					fmt.Println("[IRC] Unknown bot command issued: " + thyWill[0])
 			}
 		}

sh0rtbus.go

@@ -1,7 +1,9 @@
 package main
+
 import (
 //	"database/sql"
 	"github.com/lrstanley/girc"
+	"strings"
 	"syscall"
 	"bytes"
 	"fmt"
@@ -29,7 +31,7 @@ import (
 func Cowrie(c *girc.Client) error {
 	syscall.Mkfifo(cowPipe, 0600)
 	for {
-		fmt.Println("[IPC] Opening named pipe for reading")
+//		fmt.Println("[IPC] Opening named pipe for reading")
 		stdout, err := os.OpenFile(cowPipe, os.O_RDONLY, 0600)
 		var buff bytes.Buffer
 
@@ -41,9 +43,36 @@ func Cowrie(c *girc.Client) error {
 
 		io.Copy(&buff, stdout)
 		stdout.Close()
-
 		dataStr := buff.String()
-		if cowVerbose == true {
+
+		if (cowVerbose == 1 && strings.Contains(dataStr, "CMD:")) {
+
+			fmt.Println("CMD detected!")
+
+			cowSlice := strings.Split(dataStr,"]")
+			cowPrefix := cowSlice[0]
+			cowString := strings.Split(cowPrefix, ")")
+			cowString = strings.Split(cowString[0], ")")
+			cowSession := cowString[0]
+			cowIPstr := strings.Split(cowPrefix,",")
+			cowIP := cowIPstr[0]
+			cowCmd := "["+cowIP+"]["+cowSession+"] " + cowSlice[1]
+
+			fmt.Println(cowCmd)
+
+			if !contains(cowSesh,cowSession) {
+				Phone(c,"(new) Retard alert! Attn:")
+				PhoneOwner(c,"Retard alert!")
+				Phone(c,cowPings)
+				Phone(c,"-----------------")
+				cowSesh = append(cowSesh,cowSession)
+				printSlice(cowSesh)
+			}
+
+			Phone(c,dataStr)
+		}
+
+		if cowVerbose == 2 {
 			fmt.Printf("[IPC] sending data to [IRC]: %s\n", dataStr)
 			Phone(c,dataStr)
 		}
@@ -51,18 +80,23 @@ func Cowrie(c *girc.Client) error {
 }
 
 
-func cowSay(c *girc.Client, str0 string, str1 string) {
+func cowSay(c *girc.Client, str0 string, str1 string, str2 string) {
 	Phone(c,"        __,._{i} " + str0)
 	Phone(c,"       /  _  \\          ")
-	if cowVerbose == false {
+	if (cowVerbose == 0) {
 		Phone(c,"      |  6 \\  \\   {red}oo{c}    ")
-	} else {
+	} else if cowVerbose == 1 {
 		Phone(c,"      |  6 \\  \\   {green}oo{c}    ")
+	} else {
+		Phone(c," {yellow}REEE{c} |  6 \\  \\   {green}$${c}    ")
 	}
 	Phone(c,"        \\___/ .|__||     ")
 	Phone(c," __,..=\"^  . , \"  ,\\    ")
 	Phone(c,"<.__________________/    ")
 	Phone(c,"{white}" + str1)
+	if str2 != "0" {
+		Phone(c,"{white}" + str2)
+	}
 }
 
 func Phone(c *girc.Client, Msg string) {
@@ -70,6 +104,11 @@ func Phone(c *girc.Client, Msg string) {
 		c.Cmd.Message(target, girc.Fmt(Msg))
 }
 
+func PhoneOwner(c *girc.Client, Msg string) {
+		target := ircOwner
+		c.Cmd.Message(target, girc.Fmt(Msg))
+}
+
 func ircBanner(c *girc.Client) {
         c.Cmd.Message(ircHome, girc.Fmt("{purple,black}       {green,black} ___ {purple,black}                  {c}"))
         c.Cmd.Message(ircHome, girc.Fmt("{purple,black}   |   {green,black}|  /|{purple,black}     |  |  {silver,black}v0.1{c}{red,black}a  {c}"))

util.go

@@ -17,3 +17,15 @@ func conBanner() {
         return
 }
 
+func contains(s []string, v string) bool {
+    for _, a := range s {
+        if a == v {
+            return true
+        }
+    }
+    return false
+}
+
+func printSlice(s []string) {
+	fmt.Printf("len=%d cap=%d %v\n", len(s), cap(s), s)
+}