sshsub.py 1.82 KB
Newer Older
Alexander Withers's avatar
Alexander Withers committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#!/usr/bin/env python3
from __future__ import print_function
import sys
import zmq
import time
import json
import signal

host='localhost'

file = open("ssh.txt","w+")

def handle_intr(signal, frame):
    print('Ctrl+C caught, exiting...')
    sys.exit(0)

signal.signal(signal.SIGINT, handle_intr)
context = zmq.Context()

def connect(topics):
    # Socket to talk to server
    socket = context.socket(zmq.SUB)
    socket.connect ("tcp://%s:%s" % (host, 14000))
    for topic in topics:
        socket.setsockopt(zmq.SUBSCRIBE, topic.encode('utf-8'))
    return socket


def sub(topics):
    control = context.socket(zmq.DEALER)
    control.connect("tcp://%s:%s" % (host, 14001))
    for topic in topics:
        control.send_multipart([b"SUB", topic.encode('utf-8')]) #needs to be done periodically

    #TODO: have gateway send a response to SUB, if no response, recreate sockets.

def show_ssh(topic, who, messagedata):
    prefix = "{}:".format(who)
    rec = json.loads(messagedata)
    out = "{description} {indicator} -> {dest}:{dest_portlist}".format(**rec)
    if 'additional_data' in rec and 'duser' in rec['additional_data']:
        if 'fingerprint' in rec['additional_data']:
            rec['additional_data']['password'] = rec['additional_data']['fingerprint']
        if 'password' in rec['additional_data']:
            out += " {duser}:{password} using {client_version}".format(**rec['additional_data'])
    print(prefix, out)
    file.write(prefix+" "+out+"\n")

def main():
    topics = sys.argv[1:]

    socket = connect(topics)

    last_sub = 0
    while True:
        if time.time() - last_sub > 10:
            sub(topics)
            last_sub = time.time()

        if socket.poll(1000):
            topic, who, messagedata = socket.recv_multipart()
            show_ssh(topic, who, messagedata)

if __name__ == "__main__":
    main()