Add "env" command

kippo/commands/__init__.py

@@ -14,4 +14,5 @@
     'last',
     'fs',
     'malware',
+    'env',
     ]

kippo/commands/env.py

@@ -0,0 +1,31 @@
+from kippo.core.honeypot import HoneyPotCommand
+
+commands = {}
+
+class command_env(HoneyPotCommand):
+    def call(self):
+        self.defaultenv = {
+            'TERM':            'xterm-256color',
+            'SHELL':           '/bin/bash',
+            'SSH_TTY':         '/dev/pts/0',
+            'USER':            self.honeypot.user.username,
+            'MAIL':            '/var/mail/%s' % self.honeypot.user.username,
+            'PATH':            '/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin',
+            'PWD':             self.honeypot.cwd,
+            'LANG':            'en_US.UTF-8',
+            'SHLVL':           '1',
+            'HOME':            '/root',
+            'LANGUAGE':        'en_GB:en',
+            'LOGNAME':         self.honeypot.user.username,
+            '_':               '/usr/bin/env',
+        }
+
+        if self.env and len(self.env) > 0:
+            self.defaultenv.update(self.env)
+
+        for key, value in self.defaultenv.iteritems():
+            self.writeln("%s=%s" % (key, value))
+
+commands['/usr/bin/env'] = command_env
+
+# vim: set sw=4 et tw=0:

kippo/core/honeypot.py

@@ -21,9 +21,10 @@
 import ConfigParser
 
 class HoneyPotCommand(object):
-    def __init__(self, honeypot, *args):
+    def __init__(self, honeypot, *args, **kwargs):
         self.honeypot = honeypot
         self.args = args
+        self.env = kwargs
         self.writeln = self.honeypot.writeln
         self.write = self.honeypot.terminal.write
         self.nextLine = self.honeypot.terminal.nextLine
@@ -124,7 +125,11 @@ def runOrPrompt():
         if cmdclass:
             print 'Command found: %s' % (line,)
             self.honeypot.logDispatch('Command found: %s' % (line,))
-            self.honeypot.call_command(cmdclass, *rargs)
+
+            if getattr(cmdclass, 'resolve_args', False):
+                self.honeypot.call_command(cmdclass, *rargs, **envvars)
+            else:
+                self.honeypot.call_command(cmdclass, *args, **envvars)
         else:
             self.honeypot.logDispatch('Command not found: %s' % (line,))
             print 'Command not found: %s' % (line,)
@@ -137,10 +142,16 @@ def resume(self):
         self.runCommand()
 
     def showPrompt(self):
+        # Example: nas3:~#
+        #prompt = '%s:%%(path)s' % self.honeypot.hostname
+        # Example: root@nas3:~#     (More of a "Debianu" feel)
+        prompt = '%s@%s:%%(path)s' % (self.honeypot.user.username, self.honeypot.hostname,)
+        # Example: [root@nas3 ~]#   (More of a "CentOS" feel)
+        #prompt = '[%s@%s %%(path)s]' % (self.honeypot.user.username, self.honeypot.hostname,)
         if not self.honeypot.user.uid:
-            prompt = '%s:%%(path)s# ' % self.honeypot.hostname
+            prompt += '# '    # "Root" user
         else:
-            prompt = '%s:%%(path)s$ ' % self.honeypot.hostname
+            prompt += '$ '    # "Non-Root" user
 
         path = self.honeypot.cwd
         homelen = len(self.honeypot.user.home)
@@ -149,6 +160,11 @@ def showPrompt(self):
         elif len(path) > (homelen+1) and \
                 path[:(homelen+1)] == self.honeypot.user.home + '/':
             path = '~' + path[homelen:]
+        # Uncomment the three lines below for a 'better' CenOS look.
+        # Rather than '[root@nas3 /var/log]#' is shows '[root@nas3 log]#'.
+        #path = path.rsplit('/', 1)[-1]
+        #if not path:
+        #    path = '/'
 
         attrs = {'path': path}
         self.honeypot.terminal.write(prompt % attrs)
@@ -357,8 +373,8 @@ def writeln(self, data):
         self.terminal.write(data)
         self.terminal.nextLine()
 
-    def call_command(self, cmd, *args):
-        obj = cmd(self, *args)
+    def call_command(self, cmd, *args, **kwargs):
+        obj = cmd(self, *args, **kwargs)
         self.cmdstack.append(obj)
         self.setTypeoverMode()
         obj.start()