working on tracking commands and sessions, not working yet
This commit is contained in:
parent
0ef0ea1817
commit
0832d8e423
@ -8,7 +8,7 @@ var RPCHost string = "127.0.0.1"
|
||||
var cowPipe string = "/tmp/sh0rtbus.cowrie.fifo"
|
||||
/////////
|
||||
/// IRC
|
||||
var ircHost string = "10.8.0.1"
|
||||
var ircHost string = "br3ircdrchatmfsk.onion"
|
||||
var ircPort int = 6667
|
||||
var ircSSL bool = false
|
||||
var ircFlood bool = true
|
||||
@ -21,12 +21,13 @@ var ircNick string = "sh0rtbus"
|
||||
var ircUser string
|
||||
var ircPass string // username:pasword defined in auth.text
|
||||
// Proxy
|
||||
var proxyProto string = "false" // "false" to disable proxy
|
||||
var proxyProto string = "SOCKS5" // "false" to disable proxy
|
||||
var proxyHost string = "127.0.0.1"
|
||||
var proxyPort string = "9050"
|
||||
//// Cowrie
|
||||
var cowVerbose bool = false
|
||||
var cowVerbose int = 0
|
||||
var cowLogs string = "/home/cowrie/cowrie/var/log/cowrie"
|
||||
var cowPings string = "kayos hgc Civil Xair nameless moony Glock kuntz w00dsman"
|
||||
// Cowrie SQL
|
||||
//var sqlHost string = "127.0.0.1"
|
||||
//var sqlPort string = "3306"
|
||||
@ -36,4 +37,5 @@ var cowLogs string = "/home/cowrie/cowrie/var/log/cowrie"
|
||||
///////////////////
|
||||
//var db *sql.DB
|
||||
var err error
|
||||
var cowSesh []string
|
||||
//////////////////
|
||||
|
32
ircbot.go
32
ircbot.go
@ -239,40 +239,28 @@ func ircbot() {
|
||||
|
||||
case "!cowrie":
|
||||
if (len(thyWill) < 3) {
|
||||
cowSay(c,"Cowrie","-v [0/1] verbose on/off ")
|
||||
cowSay(c,"Usage","-v [0/1/2]","0 = off | 1 = output successful logins | 2 = REEEEEEE")
|
||||
return
|
||||
}
|
||||
|
||||
if thyWill[1] == "-v" {
|
||||
if thyWill[2] == "0" {
|
||||
cowVerbose = false
|
||||
cowSay(c,"Aight, den.", "Cowrie verbose log output stopped")
|
||||
cowVerbose = 0
|
||||
cowSay(c,"Aight, den.", "Cowrie output stopped","0")
|
||||
}
|
||||
if thyWill[2] == "1" {
|
||||
cowVerbose = true
|
||||
cowSay(c,"I seent em!", "Cowrie verbose log output started")
|
||||
cowVerbose = 1
|
||||
cowSay(c,"For the giggles :^)", "Cowrie session log output started","I'll ping you when some retards show up :^)")
|
||||
}
|
||||
if thyWill[2] == "2" {
|
||||
cowVerbose = 2
|
||||
cowSay(c,"I seent em!", "Cowrie verbose log output started","{green}Less goooooooo{c}")
|
||||
}
|
||||
}
|
||||
|
||||
case "!telnet":
|
||||
if (len(thyWill) < 3) {
|
||||
Phone(c,"not even sure")
|
||||
return
|
||||
}
|
||||
|
||||
if thyWill[1] == "add" {
|
||||
for i, t := range thyWill {
|
||||
if i < 3 { continue }
|
||||
Phone(c,t)
|
||||
}
|
||||
if thyWill[2] == "0" {
|
||||
cowVerbose = false
|
||||
cowSay(c,"Aight, den.", "Cowrie verbose log output stopped")
|
||||
}
|
||||
}
|
||||
|
||||
default:
|
||||
Phone(c,"what")
|
||||
Phone(c,"Not sure what the shit you're on about, m8!")
|
||||
fmt.Println("[IRC] Unknown bot command issued: " + thyWill[0])
|
||||
}
|
||||
}
|
||||
|
51
sh0rtbus.go
51
sh0rtbus.go
@ -1,7 +1,9 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
// "database/sql"
|
||||
"github.com/lrstanley/girc"
|
||||
"strings"
|
||||
"syscall"
|
||||
"bytes"
|
||||
"fmt"
|
||||
@ -29,7 +31,7 @@ import (
|
||||
func Cowrie(c *girc.Client) error {
|
||||
syscall.Mkfifo(cowPipe, 0600)
|
||||
for {
|
||||
fmt.Println("[IPC] Opening named pipe for reading")
|
||||
// fmt.Println("[IPC] Opening named pipe for reading")
|
||||
stdout, err := os.OpenFile(cowPipe, os.O_RDONLY, 0600)
|
||||
var buff bytes.Buffer
|
||||
|
||||
@ -41,9 +43,36 @@ func Cowrie(c *girc.Client) error {
|
||||
|
||||
io.Copy(&buff, stdout)
|
||||
stdout.Close()
|
||||
|
||||
dataStr := buff.String()
|
||||
if cowVerbose == true {
|
||||
|
||||
if (cowVerbose == 1 && strings.Contains(dataStr, "CMD:")) {
|
||||
|
||||
fmt.Println("CMD detected!")
|
||||
|
||||
cowSlice := strings.Split(dataStr,"]")
|
||||
cowPrefix := cowSlice[0]
|
||||
cowString := strings.Split(cowPrefix, ")")
|
||||
cowString = strings.Split(cowString[0], ")")
|
||||
cowSession := cowString[0]
|
||||
cowIPstr := strings.Split(cowPrefix,",")
|
||||
cowIP := cowIPstr[0]
|
||||
cowCmd := "["+cowIP+"]["+cowSession+"] " + cowSlice[1]
|
||||
|
||||
fmt.Println(cowCmd)
|
||||
|
||||
if !contains(cowSesh,cowSession) {
|
||||
Phone(c,"(new) Retard alert! Attn:")
|
||||
PhoneOwner(c,"Retard alert!")
|
||||
Phone(c,cowPings)
|
||||
Phone(c,"-----------------")
|
||||
cowSesh = append(cowSesh,cowSession)
|
||||
printSlice(cowSesh)
|
||||
}
|
||||
|
||||
Phone(c,dataStr)
|
||||
}
|
||||
|
||||
if cowVerbose == 2 {
|
||||
fmt.Printf("[IPC] sending data to [IRC]: %s\n", dataStr)
|
||||
Phone(c,dataStr)
|
||||
}
|
||||
@ -51,18 +80,23 @@ func Cowrie(c *girc.Client) error {
|
||||
}
|
||||
|
||||
|
||||
func cowSay(c *girc.Client, str0 string, str1 string) {
|
||||
func cowSay(c *girc.Client, str0 string, str1 string, str2 string) {
|
||||
Phone(c," __,._{i} " + str0)
|
||||
Phone(c," / _ \\ ")
|
||||
if cowVerbose == false {
|
||||
if (cowVerbose == 0) {
|
||||
Phone(c," | 6 \\ \\ {red}oo{c} ")
|
||||
} else {
|
||||
} else if cowVerbose == 1 {
|
||||
Phone(c," | 6 \\ \\ {green}oo{c} ")
|
||||
} else {
|
||||
Phone(c," {yellow}REEE{c} | 6 \\ \\ {green}$${c} ")
|
||||
}
|
||||
Phone(c," \\___/ .|__|| ")
|
||||
Phone(c," __,..=\"^ . , \" ,\\ ")
|
||||
Phone(c,"<.__________________/ ")
|
||||
Phone(c,"{white}" + str1)
|
||||
if str2 != "0" {
|
||||
Phone(c,"{white}" + str2)
|
||||
}
|
||||
}
|
||||
|
||||
func Phone(c *girc.Client, Msg string) {
|
||||
@ -70,6 +104,11 @@ func Phone(c *girc.Client, Msg string) {
|
||||
c.Cmd.Message(target, girc.Fmt(Msg))
|
||||
}
|
||||
|
||||
func PhoneOwner(c *girc.Client, Msg string) {
|
||||
target := ircOwner
|
||||
c.Cmd.Message(target, girc.Fmt(Msg))
|
||||
}
|
||||
|
||||
func ircBanner(c *girc.Client) {
|
||||
c.Cmd.Message(ircHome, girc.Fmt("{purple,black} {green,black} ___ {purple,black} {c}"))
|
||||
c.Cmd.Message(ircHome, girc.Fmt("{purple,black} | {green,black}| /|{purple,black} | | {silver,black}v0.1{c}{red,black}a {c}"))
|
||||
|
12
util.go
12
util.go
@ -17,3 +17,15 @@ func conBanner() {
|
||||
return
|
||||
}
|
||||
|
||||
func contains(s []string, v string) bool {
|
||||
for _, a := range s {
|
||||
if a == v {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func printSlice(s []string) {
|
||||
fmt.Printf("len=%d cap=%d %v\n", len(s), cap(s), s)
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user