diff --git a/honeypots/ntp_server.py b/honeypots/ntp_server.py index 6c9c367..600e3f4 100644 --- a/honeypots/ntp_server.py +++ b/honeypots/ntp_server.py @@ -9,10 +9,10 @@ // contributors list qeeqbox/honeypots/graphs/contributors // ------------------------------------------------------------- """ - +import struct from contextlib import suppress from os import getenv, path -from struct import calcsize, pack, unpack +from struct import pack, unpack from subprocess import Popen from time import time from uuid import uuid4 @@ -72,14 +72,12 @@ def system_time_to_ntp(self, time_): def ntp_to_system_time(self, time_): i = float(time_ >> 32) - 2208988800.0 - f = float(int(i) & 0xFFFFFFFF) / (4294967296) + f = float(int(i) & 0xFFFFFFFF) / 4294967296 return i, f def datagramReceived(self, data, addr): version = "UnKnown" mode = "UnKnown" - success = "failed" - unpacked = None _q_s.logs.info( { "server": "ntp_server", @@ -88,34 +86,34 @@ def datagramReceived(self, data, addr): "src_port": addr[1], } ) - if len(data) == calcsize("!B B B b I I I Q Q Q Q"): + try: version = data[0] >> 3 & 0x7 mode = data[0] & 0x7 - unpacked = unpack("!B B B b I I I Q Q Q Q", data) - if unpacked is not None: - i, f = self.system_time_to_ntp(time()) - response = pack( - "!B B B b I I I Q Q Q Q", - 0 << 6 | 3 << 3 | 2, - data[1], - data[2], - data[3], - 0, - 0, - 0, - 0, - data[10], - 0, - i + f, - ) - self.transport.write(response, addr) - success = "success" + i, f = self.system_time_to_ntp(time()) + response = pack( + "!B B B b I I I Q Q Q Q", + 0 << 6 | 3 << 3 | 2, + data[1], + data[2], + data[3], + 0, + 0, + 0, + 0, + data[10], + 0, + i + f, + ) + self.transport.write(response, addr) + status = "success" + except (struct.error, TypeError, IndexError): + status = "error" _q_s.logs.info( { "server": "ntp_server", "action": "query", - "status": "success", + "status": status, "src_ip": addr[0], "src_port": addr[1], "dest_ip": _q_s.ip,