forked from mushorg/conpot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconpot_cloner
163 lines (151 loc) · 6.97 KB
/
conpot_cloner
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
# modified by Sooky Peter <[email protected]>
# Brno University of Technology, Faculty of Information Technology
import modbus_tk.defines as cst
import modbus_tk.modbus_tcp as modbus_tcp
from conpot.tests.helpers import snmp_client
from pysnmp.proto.rfc1905 import EndOfMibView
import gevent
from gevent.pool import Pool
class ConpotCloner(object):
def __init__(self):
self.modbus_slave_range = range(1, 247)
self.snmp_OIDs = {
# General
'1.3.6.1.2.1.1.5.0': "Hostname",
'1.3.6.1.2.1.1.1.0': "Description",
'1.3.6.1.2.1.1.4.0': "Contact",
'1.3.6.1.2.1.1.6.0': "Location",
'1.3.6.1.2.1.1.3.0': "Uptime system",
'1.3.6.1.2.1.25.1.1.0': "Uptime snmp",
'1.3.6.1.2.1.25.1.2.0': "System date",
# Windows related
'1.3.6.1.4.1.77.1.4.1.0': "Domain",
"1.3.6.1.4.1.77.1.2.25.1.1": "User accounts",
"1.3.6.1.4.1.77.1.2.25.1": "User accounts",
# Network
'1.3.6.1.2.1.4.1.0': "IP forwarding enabled", # 1 is yes
'1.3.6.1.2.1.4.2.0': "Default TTL",
'1.3.6.1.2.1.6.10.0': "TCP segments received",
'1.3.6.1.2.1.6.11.0': "TCP segments sent",
'1.3.6.1.2.1.6.12.0': "TCP segments retrans",
'1.3.6.1.2.1.4.3.0': "Input datagrams",
'1.3.6.1.2.1.4.9.0': "Delivered datagrams",
'1.3.6.1.2.1.4.10.0': "Output datagrams",
"1.3.6.1.2.1.2.2.1.1": "If Id",
"1.3.6.1.2.1.2.2.1.2": "Interface",
"1.3.6.1.2.1.2.2.1.6": "Mac Address",
"1.3.6.1.2.1.2.2.1.3": "If Type",
"1.3.6.1.2.1.2.2.1.4": "MTU",
"1.3.6.1.2.1.2.2.1.5": "Speed Mbps",
"1.3.6.1.2.1.2.2.1.10": "In octets",
"1.3.6.1.2.1.2.2.1.16": "Out octets",
"1.3.6.1.2.1.2.2.1.7": "If Status",
"1.3.6.1.2.1.4.20.1.2": "Network Id",
"1.3.6.1.2.1.4.20.1.1": "IP Address",
"1.3.6.1.2.1.4.20.1.3": "Netmask",
"1.3.6.1.2.1.4.20.1.4": "Broadcast",
"1.3.6.1.2.1.4.21.1.1": "Routing Destination",
"1.3.6.1.2.1.4.21.1.7": "Routing Next hop",
"1.3.6.1.2.1.4.21.1.11": "Routing Mask",
"1.3.6.1.2.1.4.21.1.3": "Routing Metric",
"1.3.6.1.2.1.6.13.1.2": "Local address",
"1.3.6.1.2.1.6.13.1.3": "Local port",
"1.3.6.1.2.1.6.13.1.4": "Remote address",
"1.3.6.1.2.1.6.13.1.5": "Remote port",
"1.3.6.1.2.1.6.13.1.1": "Connection State",
"1.3.6.1.2.1.7.5.1.1": "Listen UDP local address",
"1.3.6.1.2.1.7.5.1.2": "Listen UDP local port",
# IIS server information
"1.3.6.1.4.1.77.1.2.3.1.1": "Network Service Index",
"1.3.6.1.4.1.77.1.2.3.1.2": "Network Service Name",
"1.3.6.1.4.1.77.1.2.27.1.1": "Share Name",
"1.3.6.1.4.1.77.1.2.27.1.2": "Share Path",
"1.3.6.1.4.1.77.1.2.27.1.3": "Share Comment",
'1.3.6.1.4.1.311.1.7.3.1.2.0': "TotalBytesSentLowWord",
'1.3.6.1.4.1.311.1.7.3.1.4.0': "TotalBytesReceivedLowWord",
'1.3.6.1.4.1.311.1.7.3.1.5.0': "TotalFilesSent",
'1.3.6.1.4.1.311.1.7.3.1.6.0': "CurrentAnonymousUsers",
'1.3.6.1.4.1.311.1.7.3.1.7.0': "CurrentNonAnonymousUsers",
'1.3.6.1.4.1.311.1.7.3.1.8.0': "TotalAnonymousUsers",
'1.3.6.1.4.1.311.1.7.3.1.9.0': "TotalNonAnonymousUsers",
'1.3.6.1.4.1.311.1.7.3.1.10.0': "MaxAnonymousUsers",
'1.3.6.1.4.1.311.1.7.3.1.11.0': "MaxNonAnonymousUsers",
'1.3.6.1.4.1.311.1.7.3.1.12.0': "CurrentConnections",
'1.3.6.1.4.1.311.1.7.3.1.13.0': "MaxConnections",
'1.3.6.1.4.1.311.1.7.3.1.14.0': "ConnectionAttempts",
'1.3.6.1.4.1.311.1.7.3.1.15.0': "LogonAttempts",
'1.3.6.1.4.1.311.1.7.3.1.16.0': "Gets",
'1.3.6.1.4.1.311.1.7.3.1.17.0': "Posts",
'1.3.6.1.4.1.311.1.7.3.1.18.0': "Heads",
'1.3.6.1.4.1.311.1.7.3.1.19.0': "Others",
'1.3.6.1.4.1.311.1.7.3.1.20.0': "CGIRequests",
'1.3.6.1.4.1.311.1.7.3.1.21.0': "BGIRequests",
'1.3.6.1.4.1.311.1.7.3.1.22.0': "NotFoundErrors"
}
def mock_callback(self, sendRequestHandle, errorIndication,
errorStatus, errorIndex, varBindTable, cbCtx):
# return values are used for signaling the I/O dispatcher
# (0=stop; 1=continue)
if not hasattr(self, 'result'):
self.result = ""
if errorIndication:
print(errorIndication)
return
if errorStatus and errorStatus != 2:
print('%s at %s' % (
errorStatus.prettyPrint(),
errorIndex and varBindTable[-1][int(errorIndex) - 1] or '?'
)
)
return
for varBindRow in varBindTable:
# walk command
if type(varBindRow) is list:
for oid, val in varBindRow:
if isinstance(val, EndOfMibView):
self.result += '%s\n' % (val.prettyPrint())
return 0
self.result += '%s = %s\n' % \
(oid.prettyPrint(), val.prettyPrint())
# get command
elif type(varBindRow) is tuple:
oid, val = varBindRow
if isinstance(val, EndOfMibView):
self.result += '%s\n' % (val.prettyPrint())
return 0
self.result += '%s = %s\n' % \
(oid.prettyPrint(), val.prettyPrint())
return 1
def modbus_read_coils(self, master, slave=1):
try:
actual_bits = master.execute(slave=slave,
function_code=cst.READ_COILS,
starting_address=1, quantity_of_x=128)
except Exception:
pass
else:
print(actual_bits)
def modbus_worker(self, workers=10):
pool = Pool(workers)
master = modbus_tcp.TcpMaster(host='127.0.0.1', port=502)
master.set_timeout(1.0)
with gevent.Timeout(2, False):
for slave in self.modbus_slave_range:
pool.spawn(self.modbus_read_coils, master, slave)
pool.join()
def snmp_get(self):
client = snmp_client.SNMPClient(host='127.0.0.1', port=161)
OID = ((1, 3, 6, 1, 2, 1, 1, 1, 0), None)
client.get_command(OID, callback=self.mock_callback)
print(self.result)
def snmp_walk(self):
client = snmp_client.SNMPClient(host='127.0.0.1', port=161)
OID = ((1, 3, 6, 1, 2, 1, 1, 1, 0), None)
client.walk_command(OID, callback=self.mock_callback)
client.snmpEngine.transportDispatcher.runDispatcher()
print(self.result)
client.snmpEngine.transportDispatcher.closeDispatcher()
if __name__ == "__main__":
cloner = ConpotCloner()
# cloner.modbus_worker()
cloner.snmp_walk()