honeycomb 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +22 -0
- data/Gemfile +3 -21
- data/LICENSE.txt +22 -675
- data/README.md +29 -0
- data/Rakefile +1 -51
- data/honeycomb.gemspec +23 -0
- data/lib/honeycomb.rb +4 -23
- data/lib/honeycomb/version.rb +3 -0
- metadata +54 -214
- data/.document +0 -5
- data/.rspec +0 -1
- data/Gemfile.lock +0 -75
- data/README.rdoc +0 -72
- data/VERSION +0 -1
- data/data/binaries/example_data +0 -0
- data/data/logsql/honeypot.sqlite +0 -0
- data/etc/config.yml.example +0 -11
- data/lib/honeycomb/database.rb +0 -20
- data/lib/honeycomb/database/interact.rb +0 -71
- data/lib/honeycomb/default_setup.rb +0 -28
- data/lib/honeycomb/environment.rb +0 -64
- data/lib/honeycomb/honeypot.rb +0 -20
- data/lib/honeycomb/honeypot/manage.rb +0 -204
- data/lib/honeycomb/interact.rb +0 -20
- data/lib/honeycomb/model.rb +0 -82
- data/lib/honeycomb/model/connections.rb +0 -77
- data/lib/honeycomb/model/dcerpcbinds.rb +0 -47
- data/lib/honeycomb/model/dcerpcrequests.rb +0 -46
- data/lib/honeycomb/model/dcerpcserviceops.rb +0 -48
- data/lib/honeycomb/model/dcerpcservices.rb +0 -44
- data/lib/honeycomb/model/downloads.rb +0 -47
- data/lib/honeycomb/model/emu_profiles.rb +0 -44
- data/lib/honeycomb/model/emu_services.rb +0 -44
- data/lib/honeycomb/model/logins.rb +0 -46
- data/lib/honeycomb/model/mssql_commands.rb +0 -46
- data/lib/honeycomb/model/mssql_fingerprints.rb +0 -48
- data/lib/honeycomb/model/offers.rb +0 -44
- data/lib/honeycomb/model/p0fs.rb +0 -58
- data/lib/honeycomb/model/resolves.rb +0 -48
- data/lib/honeycomb/model/virustotals.rb +0 -47
- data/lib/honeycomb/model/virustotalscans.rb +0 -46
- data/scripts/honeycomb_libpath.rb +0 -2
- data/spec/honeycomb_spec.rb +0 -7
- data/spec/spec_helper.rb +0 -12
- data/tasks/irb.rake +0 -8
data/README.rdoc
DELETED
@@ -1,72 +0,0 @@
|
|
1
|
-
= honeycomb
|
2
|
-
Josh Grunzweig - jgrunzweig at trustwave dot com
|
3
|
-
|
4
|
-
== Introduction
|
5
|
-
|
6
|
-
Tool to manage and analyze data from the Dionaea Honeypot Project
|
7
|
-
|
8
|
-
The Dionaea Project is a great honeypot which originated from the Google Summer
|
9
|
-
of Code. The project aims at obtaining malware samples by emulating Microsoft
|
10
|
-
Windows services, however, has branched out since its create to emulate other
|
11
|
-
services as well, such as MySQL. This project was created out of the necessity
|
12
|
-
to monitor and manage multiple instances of the Dionaea on honeypots located
|
13
|
-
around the world.
|
14
|
-
|
15
|
-
You can view more information about the Dionaea at the following address:
|
16
|
-
http://dionaea.carnivore.it/
|
17
|
-
|
18
|
-
|
19
|
-
== Usage
|
20
|
-
|
21
|
-
# basic example... See how much disk space is located on all honeypots
|
22
|
-
|
23
|
-
require 'honeycomb'
|
24
|
-
|
25
|
-
all_pots = Honeycomb::Honeypot::Manage.new
|
26
|
-
|
27
|
-
all_pots.check_diskspace
|
28
|
-
|
29
|
-
|
30
|
-
# another example... See how many instances of a specific md5 there are
|
31
|
-
|
32
|
-
require 'honeycomb'
|
33
|
-
|
34
|
-
all_pots = Honeycomb::Database::Interact.new
|
35
|
-
|
36
|
-
all_pots.all{Honeycomb::Download.all(:download_md5_hash => "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")}
|
37
|
-
|
38
|
-
== Versioning
|
39
|
-
The current version of honeycomb at the time of writing is 0.0.1. Code will be
|
40
|
-
buggy. Features may be lacking. However, in time I hope to make this a pretty
|
41
|
-
functional/useful tool.
|
42
|
-
|
43
|
-
|
44
|
-
== Requirements
|
45
|
-
There is, unfortunately, a number of gem pre-requisites. Apologies for this,
|
46
|
-
but it's the only way I could do it.
|
47
|
-
|
48
|
-
* bundler
|
49
|
-
|
50
|
-
After bundler is installed, do a "bundle install" to get everything installed.
|
51
|
-
|
52
|
-
|
53
|
-
== Copyright
|
54
|
-
honeycomb - Tool to manage and analyze data from the Dionaea Honeypot Project
|
55
|
-
Josh Grunzweig
|
56
|
-
Copyright (C) 2011 Trustwave Holdings
|
57
|
-
|
58
|
-
This program is free software: you can redistribute it and/or modify it
|
59
|
-
under the terms of the GNU General Public License as published by the
|
60
|
-
Free Software Foundation, either version 3 of the License, or (at your
|
61
|
-
option) any later version.
|
62
|
-
|
63
|
-
This program is distributed in the hope that it will be useful, but
|
64
|
-
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
65
|
-
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
66
|
-
for more details.
|
67
|
-
|
68
|
-
You should have received a copy of the GNU General Public License along
|
69
|
-
with this program. If not, see <http://www.gnu.org/licenses/>.
|
70
|
-
|
71
|
-
See LICENSE.txt
|
72
|
-
|
data/VERSION
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
0.0.3
|
data/data/binaries/example_data
DELETED
File without changes
|
data/data/logsql/honeypot.sqlite
DELETED
File without changes
|
data/etc/config.yml.example
DELETED
@@ -1,11 +0,0 @@
|
|
1
|
-
honey_config:
|
2
|
-
servers: ['honeypot1', 'honeypot2']
|
3
|
-
username: 'r00t'
|
4
|
-
key: 'path/to/key'
|
5
|
-
password: 'sekret' # Not used at the moment, need to implement
|
6
|
-
path: 'path/to/dionaea'
|
7
|
-
# Uncomment to following to change default directory of
|
8
|
-
# download_binaries - install_path/honeycomb/data/binaries
|
9
|
-
# download_databases - install_path/honeycomb/data/logsql
|
10
|
-
#download_binaries: '/where/to/store/binaries/'
|
11
|
-
#download_databases: '/where/to/store/databases/'
|
data/lib/honeycomb/database.rb
DELETED
@@ -1,20 +0,0 @@
|
|
1
|
-
# honeycomb - Tool to manage and analyze data from the Dionaea Honeypot
|
2
|
-
# Project
|
3
|
-
# Josh Grunzweig
|
4
|
-
# Copyright (C) 2011 Trustwave Holdings
|
5
|
-
#
|
6
|
-
# This program is free software: you can redistribute it and/or modify it
|
7
|
-
# under the terms of the GNU General Public License as published by the
|
8
|
-
# Free Software Foundation, either version 3 of the License, or (at your
|
9
|
-
# option) any later version.
|
10
|
-
#
|
11
|
-
# This program is distributed in the hope that it will be useful, but
|
12
|
-
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
13
|
-
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
14
|
-
# for more details.
|
15
|
-
#
|
16
|
-
# You should have received a copy of the GNU General Public License along
|
17
|
-
# with this program. If not, see <http://www.gnu.org/licenses/>.
|
18
|
-
#
|
19
|
-
|
20
|
-
require 'honeycomb/database/interact'
|
@@ -1,71 +0,0 @@
|
|
1
|
-
# honeycomb - Tool to manage and analyze data from the Dionaea Honeypot
|
2
|
-
# Project
|
3
|
-
# Josh Grunzweig
|
4
|
-
# Copyright (C) 2011 Trustwave Holdings
|
5
|
-
#
|
6
|
-
# This program is free software: you can redistribute it and/or modify it
|
7
|
-
# under the terms of the GNU General Public License as published by the
|
8
|
-
# Free Software Foundation, either version 3 of the License, or (at your
|
9
|
-
# option) any later version.
|
10
|
-
#
|
11
|
-
# This program is distributed in the hope that it will be useful, but
|
12
|
-
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
13
|
-
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
14
|
-
# for more details.
|
15
|
-
#
|
16
|
-
# You should have received a copy of the GNU General Public License along
|
17
|
-
# with this program. If not, see <http://www.gnu.org/licenses/>.
|
18
|
-
#
|
19
|
-
|
20
|
-
|
21
|
-
module Honeycomb
|
22
|
-
module Database
|
23
|
-
class Interact
|
24
|
-
|
25
|
-
# Used for executing a query against all databases at once.
|
26
|
-
def all(&block)
|
27
|
-
all_values = []
|
28
|
-
::DataMapper::Repository.adapters.each do |repo|
|
29
|
-
next if repo[0] == :default
|
30
|
-
next if repo[0] == :"0"
|
31
|
-
|
32
|
-
begin
|
33
|
-
response = DataMapper.repository(repo[0]) {yield}
|
34
|
-
if response.kind_of?(DataMapper::Collection)
|
35
|
-
response.each do |x|
|
36
|
-
all_values << x
|
37
|
-
end
|
38
|
-
else
|
39
|
-
all_values << response if response
|
40
|
-
end
|
41
|
-
rescue Exception => e
|
42
|
-
#p e.message
|
43
|
-
end
|
44
|
-
end
|
45
|
-
all_values
|
46
|
-
end
|
47
|
-
|
48
|
-
# Used for executing a query against a single database.
|
49
|
-
def individual(repo, &block)
|
50
|
-
all_values = []
|
51
|
-
begin
|
52
|
-
response = DataMapper.repository(repo[0]) {yield}
|
53
|
-
if response.kind_of?(DataMapper::Collection)
|
54
|
-
response.each do |x|
|
55
|
-
all_values << x
|
56
|
-
end
|
57
|
-
else
|
58
|
-
all_values << response if response
|
59
|
-
end
|
60
|
-
rescue Exception => e
|
61
|
-
#p e.message
|
62
|
-
end
|
63
|
-
all_values
|
64
|
-
end
|
65
|
-
|
66
|
-
end # class Manage
|
67
|
-
end # module Database
|
68
|
-
end # module Honeycomb
|
69
|
-
|
70
|
-
|
71
|
-
|
@@ -1,28 +0,0 @@
|
|
1
|
-
# honeycomb - Tool to manage and analyze data from the Dionaea Honeypot
|
2
|
-
# Project
|
3
|
-
# Josh Grunzweig
|
4
|
-
# Copyright (C) 2011 Trustwave Holdings
|
5
|
-
#
|
6
|
-
# This program is free software: you can redistribute it and/or modify it
|
7
|
-
# under the terms of the GNU General Public License as published by the
|
8
|
-
# Free Software Foundation, either version 3 of the License, or (at your
|
9
|
-
# option) any later version.
|
10
|
-
#
|
11
|
-
# This program is distributed in the hope that it will be useful, but
|
12
|
-
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
13
|
-
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
14
|
-
# for more details.
|
15
|
-
#
|
16
|
-
# You should have received a copy of the GNU General Public License along
|
17
|
-
# with this program. If not, see <http://www.gnu.org/licenses/>.
|
18
|
-
#
|
19
|
-
|
20
|
-
require 'honeycomb'
|
21
|
-
|
22
|
-
if Honeycomb::Env::CONFIG["honey_config"]["download_databases"]
|
23
|
-
Honeycomb::Model.setup!(Honeycomb::Env::CONFIG["honey_config"]["download_databases"])
|
24
|
-
else
|
25
|
-
Honeycomb::Model.setup!
|
26
|
-
end
|
27
|
-
|
28
|
-
|
@@ -1,64 +0,0 @@
|
|
1
|
-
# honeycomb - Tool to manage and analyze data from the Dionaea Honeypot
|
2
|
-
# Project
|
3
|
-
# Josh Grunzweig
|
4
|
-
# Copyright (C) 2011 Trustwave Holdings
|
5
|
-
#
|
6
|
-
# This program is free software: you can redistribute it and/or modify it
|
7
|
-
# under the terms of the GNU General Public License as published by the
|
8
|
-
# Free Software Foundation, either version 3 of the License, or (at your
|
9
|
-
# option) any later version.
|
10
|
-
#
|
11
|
-
# This program is distributed in the hope that it will be useful, but
|
12
|
-
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
13
|
-
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
14
|
-
# for more details.
|
15
|
-
#
|
16
|
-
# You should have received a copy of the GNU General Public License along
|
17
|
-
# with this program. If not, see <http://www.gnu.org/licenses/>.
|
18
|
-
#
|
19
|
-
|
20
|
-
require 'pathname'
|
21
|
-
require 'yaml'
|
22
|
-
|
23
|
-
module Honeycomb
|
24
|
-
|
25
|
-
module Environment
|
26
|
-
CONFIG = {}
|
27
|
-
CFGFILE = Pathname.new(__FILE__).dirname.dirname.dirname.expand_path.join('etc').join('config.yml')
|
28
|
-
|
29
|
-
# TODO: Comment
|
30
|
-
def self.load_config(hash)
|
31
|
-
hash.each do |k,v|
|
32
|
-
if v.is_a?(String)
|
33
|
-
v = v.gsub(/\$([A-Z][A-Z0-9_]*)\$/) do |v|
|
34
|
-
var = $1
|
35
|
-
if const_defined?(var)
|
36
|
-
const_get(var).to_s
|
37
|
-
else
|
38
|
-
raise("Invalid variable referenced in configuration: #{v}")
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
CONFIG[k.to_s] = v
|
43
|
-
end
|
44
|
-
end
|
45
|
-
|
46
|
-
# TODO: Comment
|
47
|
-
def self.read_config(file=CFGFILE)
|
48
|
-
if h = YAML.load_file(file)
|
49
|
-
if h.is_a?(Hash)
|
50
|
-
load_config(h)
|
51
|
-
else
|
52
|
-
raise("invalid honeycomb config file format")
|
53
|
-
end
|
54
|
-
end
|
55
|
-
end
|
56
|
-
|
57
|
-
end
|
58
|
-
|
59
|
-
Env = Environment
|
60
|
-
|
61
|
-
end
|
62
|
-
|
63
|
-
|
64
|
-
|
data/lib/honeycomb/honeypot.rb
DELETED
@@ -1,20 +0,0 @@
|
|
1
|
-
# honeycomb - Tool to manage and analyze data from the Dionaea Honeypot
|
2
|
-
# Project
|
3
|
-
# Josh Grunzweig
|
4
|
-
# Copyright (C) 2011 Trustwave Holdings
|
5
|
-
#
|
6
|
-
# This program is free software: you can redistribute it and/or modify it
|
7
|
-
# under the terms of the GNU General Public License as published by the
|
8
|
-
# Free Software Foundation, either version 3 of the License, or (at your
|
9
|
-
# option) any later version.
|
10
|
-
#
|
11
|
-
# This program is distributed in the hope that it will be useful, but
|
12
|
-
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
13
|
-
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
14
|
-
# for more details.
|
15
|
-
#
|
16
|
-
# You should have received a copy of the GNU General Public License along
|
17
|
-
# with this program. If not, see <http://www.gnu.org/licenses/>.
|
18
|
-
#
|
19
|
-
|
20
|
-
require 'honeycomb/honeypot/manage'
|
@@ -1,204 +0,0 @@
|
|
1
|
-
# honeycomb - Tool to manage and analyze data from the Dionaea Honeypot
|
2
|
-
# Project
|
3
|
-
# Josh Grunzweig
|
4
|
-
# Copyright (C) 2011 Trustwave Holdings
|
5
|
-
#
|
6
|
-
# This program is free software: you can redistribute it and/or modify it
|
7
|
-
# under the terms of the GNU General Public License as published by the
|
8
|
-
# Free Software Foundation, either version 3 of the License, or (at your
|
9
|
-
# option) any later version.
|
10
|
-
#
|
11
|
-
# This program is distributed in the hope that it will be useful, but
|
12
|
-
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
13
|
-
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
14
|
-
# for more details.
|
15
|
-
#
|
16
|
-
# You should have received a copy of the GNU General Public License along
|
17
|
-
# with this program. If not, see <http://www.gnu.org/licenses/>.
|
18
|
-
#
|
19
|
-
|
20
|
-
require 'net/ssh'
|
21
|
-
require 'net/scp'
|
22
|
-
require 'open3'
|
23
|
-
|
24
|
-
module Honeycomb
|
25
|
-
module Honeypot
|
26
|
-
class Manage
|
27
|
-
|
28
|
-
attr_accessor :db_path, :bin_path, :base_path, :username, :servers, :key
|
29
|
-
|
30
|
-
# This initializes a Honeycomb::Interact object and sets all the necessary
|
31
|
-
# variables which are used by other methods of the object.
|
32
|
-
#
|
33
|
-
# Variables and their purpose:
|
34
|
-
# * db_path - Path where databases are stored/saved
|
35
|
-
# * bin_path - Path where binaries are stored/saved
|
36
|
-
# * username - Username to connect to remote honeypot servers
|
37
|
-
# * key - Path to private key which is used for connections to honeypot
|
38
|
-
# servers
|
39
|
-
# * servers - Array of servers to connect to
|
40
|
-
# * base_path - Base location where Dionaea is installed to (Default per
|
41
|
-
# installation instructions: /opt/dionaea)
|
42
|
-
def initialize(db_path = nil, bin_path = nil, username = nil, key = nil,
|
43
|
-
servers = nil, base_path = nil)
|
44
|
-
self.db_path = Honeycomb::Env::CONFIG["honey_config"]["download_databases"] ||
|
45
|
-
self.db_path = Pathname.new(__FILE__).dirname.dirname.dirname.dirname.expand_path.join('data').join('logsql/').to_s ||
|
46
|
-
db_path
|
47
|
-
self.bin_path = Honeycomb::Env::CONFIG["honey_config"]["download_binaries"] ||
|
48
|
-
self.bin_path = Pathname.new(__FILE__).dirname.dirname.dirname.dirname.expand_path.join('data').join('binaries/').to_s ||
|
49
|
-
bin_path
|
50
|
-
self.username = Honeycomb::Env::CONFIG["honey_config"]["username"] ||
|
51
|
-
username
|
52
|
-
self.key = Honeycomb::Env::CONFIG["honey_config"]["key"] || key
|
53
|
-
self.servers = Honeycomb::Env::CONFIG["honey_config"]["servers"] ||
|
54
|
-
servers
|
55
|
-
self.base_path = Honeycomb::Env::CONFIG["honey_config"]["path"] ||
|
56
|
-
base_path
|
57
|
-
end
|
58
|
-
|
59
|
-
# This method will attempt to download all binaries from all servers
|
60
|
-
# specified in Honeycomb::Interact.servers.
|
61
|
-
#
|
62
|
-
# It will attempt to store all binaries into the folder specified in
|
63
|
-
# Honeycomb::Interact.bin_path.
|
64
|
-
#
|
65
|
-
# Additionally, rsync is utilized to transfer these files. It was
|
66
|
-
# chosen to use rsync over scp in order to limit the amount of
|
67
|
-
# bandwidth used between the client and servers.
|
68
|
-
#
|
69
|
-
# Arguments:
|
70
|
-
# * server - Array of servers to query
|
71
|
-
def download_binaries(server = self.servers)
|
72
|
-
server.each do |server|
|
73
|
-
tries = 0
|
74
|
-
puts "Downloading binaries from #{server} ..."
|
75
|
-
begin
|
76
|
-
Open3::popen3("rsync -v --force --ignore-errors --times -r -u -e \"ssh -i #{self.key}\" #{self.username}@#{server}:#{self.base_path}/var/dionaea/binaries/ #{self.bin_path}") { |stdin, stdout, stderr|
|
77
|
-
puts stdout.read.strip
|
78
|
-
puts stderr.read.strip
|
79
|
-
}
|
80
|
-
rescue
|
81
|
-
tries += 1
|
82
|
-
retry if tries <= 3
|
83
|
-
puts "Unable to connect. Moving on ..."
|
84
|
-
next
|
85
|
-
end
|
86
|
-
end
|
87
|
-
end
|
88
|
-
|
89
|
-
# This method will attempt to download all databases from all servers
|
90
|
-
# specified in Honeycomb::Interact.servers.
|
91
|
-
#
|
92
|
-
# It will attempt to store all binaries into the folder specified in
|
93
|
-
# Honeycomb::Interact.db_path.
|
94
|
-
#
|
95
|
-
# Additionally, scp is utilized to transfer these files. During tests,
|
96
|
-
# it was discovered that rsync had less than ideal results when
|
97
|
-
# downloading these files. While the transfer would appear to occur
|
98
|
-
# without error, the databases were often found to be corrupt.
|
99
|
-
#
|
100
|
-
# Arguments:
|
101
|
-
# * server - Array of servers to query
|
102
|
-
def download_databases(server = self.servers)
|
103
|
-
server.each do |server|
|
104
|
-
tries = 0
|
105
|
-
begin
|
106
|
-
Net::SSH.start(server, self.username, :keys => self.key) do |session|
|
107
|
-
puts "Downloading database from #{server} ..."
|
108
|
-
session.scp.download!(base_path + "/var/dionaea/logsql.sqlite",
|
109
|
-
self.db_path + "#{server}.sqlite")
|
110
|
-
end
|
111
|
-
rescue Errno::ETIMEDOUT
|
112
|
-
tries += 1
|
113
|
-
retry if tries <= 3
|
114
|
-
puts "Unable to connect. Moving on ..."
|
115
|
-
next
|
116
|
-
rescue Exception => e
|
117
|
-
puts "Error encountered: #{e.message}"
|
118
|
-
next
|
119
|
-
end
|
120
|
-
end
|
121
|
-
end
|
122
|
-
|
123
|
-
# This method will execute a command via ssh on all servers specified in
|
124
|
-
# the Honeycomb::Interact.servers variable. This command calls the internal
|
125
|
-
# ssh_command method in order to properly function.
|
126
|
-
#
|
127
|
-
# Argument:
|
128
|
-
# * command - Command to execute
|
129
|
-
#
|
130
|
-
# Returns:
|
131
|
-
# * Nothing
|
132
|
-
#
|
133
|
-
# Multiple strings with the results are outputted to the screen.
|
134
|
-
def execute_command(command)
|
135
|
-
response = self.ssh_command(command)
|
136
|
-
response.each do |server_hash|
|
137
|
-
puts "Executing #{command} on #{server_hash[:server]}:"
|
138
|
-
puts "\t#{server_hash[:result].gsub!(/\n/,"\n\t")}"
|
139
|
-
end
|
140
|
-
end # end execute_command
|
141
|
-
|
142
|
-
# This method is used internally by the execute_command method.
|
143
|
-
# It will take a command as an argument and execute it on ever server
|
144
|
-
# that is stored in Honeycomb::Interact.servers. The results are
|
145
|
-
# stored in a hash which is returned in an Array.
|
146
|
-
#
|
147
|
-
# Argument:
|
148
|
-
# * command - Command to be executed
|
149
|
-
#
|
150
|
-
# Returns:
|
151
|
-
# * Array of hashes -
|
152
|
-
# [{:server => <server_name>, :result => <result_of_command>}]
|
153
|
-
def ssh_command(command)
|
154
|
-
results = []
|
155
|
-
self.servers.each do |server|
|
156
|
-
begin
|
157
|
-
Net::SSH.start(server, self.username, :keys => self.key) do |session|
|
158
|
-
session.exec command do |ch, stream, data|
|
159
|
-
if stream == :stderr
|
160
|
-
results << {:server => server, :result => "ERROR: #{data}"}
|
161
|
-
else
|
162
|
-
results << {:server => server, :result => data}
|
163
|
-
end
|
164
|
-
end
|
165
|
-
end
|
166
|
-
rescue
|
167
|
-
next
|
168
|
-
end
|
169
|
-
end
|
170
|
-
return results
|
171
|
-
end
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
# This method will query the diskspace on all remote servers by calling
|
176
|
-
# the internal ssh_command method. It executes the command 'df -h /' and
|
177
|
-
# parses the results. The response is then parsed to return the total
|
178
|
-
# percentage of diskspace being used currently on each host.
|
179
|
-
#
|
180
|
-
# Arguments:
|
181
|
-
# * None
|
182
|
-
#
|
183
|
-
# Returns:
|
184
|
-
# * [ {:server => "Server Hostname", :result =>
|
185
|
-
#
|
186
|
-
# Multiple strings with the results are outputted to the screen.
|
187
|
-
def check_diskspace
|
188
|
-
response = self.ssh_command("df -h /")
|
189
|
-
all_usage = []
|
190
|
-
response.each do |server_hash|
|
191
|
-
usage = server_hash[:result]
|
192
|
-
if usage =~ /^(\/\w+)+.+\S+\s+\S+\s+\S+\s+(([0-9]+)%)/m
|
193
|
-
all_usage << {:server => server_hash[:server], :result => $2}
|
194
|
-
end
|
195
|
-
end
|
196
|
-
all_usage
|
197
|
-
end # end check_diskspace
|
198
|
-
|
199
|
-
end # class Manage
|
200
|
-
end # module Honeypot
|
201
|
-
end # module Honeycom
|
202
|
-
|
203
|
-
|
204
|
-
|