Browse Source

working on moin user extraction

main
Holger Frey 7 years ago
parent
commit
aeb3b47c9c
  1. 2
      development.ini
  2. 137
      honeypot/__init__.py
  3. 32
      honeypot/utils.py

2
development.ini

@ -12,6 +12,8 @@ pyramid.debug_notfound = false @@ -12,6 +12,8 @@ pyramid.debug_notfound = false
pyramid.debug_routematch = false
pyramid.default_locale_name = en
moin.config_path = /var/www/moin/config/
# By default, the toolbar only appears for clients from IP addresses
# '127.0.0.1' and '::1'.
# debugtoolbar.hosts = 127.0.0.1 ::1

137
honeypot/__init__.py

@ -7,89 +7,76 @@ from pyramid.config import Configurator @@ -7,89 +7,76 @@ from pyramid.config import Configurator
from pyramid.response import Response
from pyramid.view import view_config
from . import utils
class RootResource:
''' A simple 'catch all' resource '''
moin_config_dir = None
moin_wiki_defs = []
def __init__(self, request):
''' initialization '''
pass
self.request = request
def __getitem__(self, key):
''' no child resource lookup, only one view used'''
return self
def _dict_helper(dict_like):
return [' %s: %s' % (k, v) for k, v in dict_like.items()]
def raw_wiki_definition(line):
for quote in ('"', "'"):
parts = line.split(quote)
if len(parts) == 5:
return parts
return None
def get_moin_wikis(request):
moin_config_path = '/var/www/moin/config/farmconfig.py'
wiki_definitions = []
with open(moin_config_path, 'r') as fh:
for line in fh:
if line.startwith('wikis = [')
break
for line in fh:
if ']' in line:
return wiki_definitions
parts = raw_wiki_definition(line)
if parts is None:
continue
_, wiki_name, _, wiki_url, _ = parts
wiki_definitions.append( (wiki_name, wiki_url) )
return wiki_definitions
def get_wiki_name(request, wiki_definitions):
for wiki_name, wiki_url in wiki_definitions:
if re.match(wiki_url, request.url):
return wiki_name
def get_session_dir(request, wiki_definitions):
base_path = '/var/www/moin/wikis'
wiki_name = get_wiki_name(request, wiki_definitions)
sub_path = 'data/cache/__session__'
return os.path.join(base_path, wiki_name, sub_path)
def get_session_path(request, wiki_definitions):
session_dir = get_session_dir(request, wiki_definitions)
for key, value in request.cookies.items():
if key.lower().startswith('moin'):
session_path = os.path.join(sesssion_dir, value)
if os.path.is_file(session_path):
return session_path
return None
def get_moin_user_id(request, wiki_definitions):
session_path = get_session_path(request, wiki_definitions)
if session_path is not None:
with open(session_path, 'rb') as fh
@classmethod
def pre_init(cls, moin_config_dir):
cls.moin_config_dir = moin_config_dir
moin_farmconfig = os.path.join(moin_config_dir, 'farmconfig.py')
with open(moin_farmconfig, 'r') as fh:
cls.moin_wiki_defs = list(utils.extract_wiki_definitions(fh))
def get_moin_user(self):
email, name = '', ''
try:
moin_data_dir = self._get_wiki_data_dir()
moin_session_dir = os.path.join(
moin_data_dir,
'cache',
'__session__'
)
moin_user_id = self._get_user_id(moin_session_dir)
moin_user_file = os.path.join(moin_data_dir, 'user', moin_user_id)
with open(moin_user_file, 'r') as fh:
if 'email=' in line:
email = line.split('=', 1)[1]
if 'name=' in line:
name = line.split('=', 1)[1]
except:
pass
return email, name
def _get_wiki_data_dir(self):
wiki_name = self._get_wiki_name()
wiki_config = os.path.join(cls.moin_config_dir, wiki_name + '.py')
with open(wiki_config, 'r') as fh:
data_dir = utils.extract_data_dir(fh)
return data_dir
def _get_wiki_name(self):
for name, re_url in self.moin_wiki_defs:
if re.match(re_url, self.request.url):
return name
def _get_user_id(self, session_dir):
session_path = self._get_session_path(session_dir)
with open(session_path, 'rb') as fh:
session_data = pickle.load(fh)
return session_data.get('user.id')
return None
def get_moin_user_name(request, wiki_definitions):
user_id = get_moin_user_id(request, wiki_definitions)
path = os.path.join('/var/www/moin/wikis/cpi/data/user', user_id)
with open(path, 'r') as fh:
if line.startwith('email='):
email = line.split('=', 1)[1]
if line.statswith('name='):
name = line.split('=', 1)[1]
return email, name
def _get_session_path(self, session_dir):
for key, value in self.request.cookies.items():
if key.lower().startswith('moin'):
session_path = os.path.join(sesssion_dir, value)
if os.path.is_file(session_path):
return session_path
return None
@view_config(context=RootResource)
@ -110,14 +97,18 @@ def the_view(context, request): @@ -110,14 +97,18 @@ def the_view(context, request):
'headers:'
]
body.extend(_dict_helper(request.headers))
body.extend(utils.dict_helper(request.headers))
body.extend(['', 'cookies:'])
if request.cookies:
body.extend(_dict_helper(request.cookies))
body.extend(utils.dict_helper(request.cookies))
else:
body.append(' (no cookies)')
email, name = context.get_moin_user()
if email or name:
body.extend(['', 'MoinMoin user: %s, %s' % (email, name) ])
return Response(body='\n'.join(body), content_type='text/plain')
@ -125,7 +116,11 @@ def the_view(context, request): @@ -125,7 +116,11 @@ def the_view(context, request):
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
print(settings)
RootResource.pre_init(settings['moin.config_path'])
config = Configurator(settings=settings)
config.set_root_factory(RootResource)
config.scan()
return config.make_wsgi_app()

32
honeypot/utils.py

@ -0,0 +1,32 @@ @@ -0,0 +1,32 @@
def extract_wiki_definitions(file_handle):
for line in fh:
if line.startswith('wikis = ['):
break
for line in fh:
if line.startswith(']'):
raise StopIteration
parts = split_wiki_definitions(line)
if parts is not None:
yield parts[1], parts[3]
def split_wiki_definitions(line):
for quote in ('"', "'"):
parts = line.split(quote)
if len(parts) == 5:
return parts
return None
def extract_data_dir(fh):
for line in fh:
parts = line.split('=', 1)
if len(parts) == 2:
name, value = parts
if name.strip() == 'data_dir':
value = value.strip()
return value[1:-1]
def dict_helper(dict_like):
return [' %s: %s' % (k, v) for k, v in dict_like.items()]
Loading…
Cancel
Save