Kippo disconnect

[metac0rtex]

I am writing a script to demo of kippo. I am using paramiko as a python client with the following code

ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())

try:
conn = ssh.connect(ip, port=prt, username=user, password=pwd)
print ' [+] SUCESS!!'
session1 = ['w', 'hostname', 'uptime' ]
session2 = ['ls', 'pwd']
sessions = [session1, session2]
use = random.choice(sessions)

for i in session:
print ' [+] Running '' + str(i) + '''
(stdin, stdout, stderr) = ssh.exec_command(i)
for line in stdout.readlines():
print " [+] Results: '", line, "'"

When I connect to it, I get the following logs:

2015-03-24 16:22:33-0600 [kippo.core.ssh.HoneyPotSSHFactory] New connection: 172.16.35.128:59266 (172.16.35.129:2222) [session: 202]
2015-03-24 16:22:33-0600 [kippo.core.ssh.HoneyPotSSHFactory] New connection: 172.16.35.128:59267 (172.16.35.129:2222) [session: 203]
2015-03-24 16:22:33-0600 [HoneyPotTransport,203,172.16.35.128] Remote SSH version: SSH-2.0-paramiko_1.10.1
2015-03-24 16:22:33-0600 [HoneyPotTransport,203,172.16.35.128] kex alg, key alg: diffie-hellman-group1-sha1 ssh-rsa
2015-03-24 16:22:33-0600 [HoneyPotTransport,203,172.16.35.128] outgoing: aes128-ctr hmac-sha1 none
2015-03-24 16:22:33-0600 [HoneyPotTransport,203,172.16.35.128] incoming: aes128-ctr hmac-sha1 none
2015-03-24 16:22:33-0600 [HoneyPotTransport,203,172.16.35.128] NEW KEYS
2015-03-24 16:22:33-0600 [HoneyPotTransport,203,172.16.35.128] starting service ssh-userauth
2015-03-24 16:22:33-0600 [SSHService ssh-userauth on HoneyPotTransport,203,172.16.35.128] root trying auth password
2015-03-24 16:22:33-0600 [SSHService ssh-userauth on HoneyPotTransport,203,172.16.35.128] login attempt [root/123456] succeeded
2015-03-24 16:22:33-0600 [SSHService ssh-userauth on HoneyPotTransport,203,172.16.35.128] root authenticated with password
2015-03-24 16:22:33-0600 [SSHService ssh-userauth on HoneyPotTransport,203,172.16.35.128] starting service ssh-connection
2015-03-24 16:22:33-0600 [SSHService ssh-connection on HoneyPotTransport,203,172.16.35.128] got channel session request
2015-03-24 16:22:33-0600 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,203,172.16.35.128] channel open
2015-03-24 16:22:33-0600 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,203,172.16.35.128] executing command "ls"
2015-03-24 16:22:33-0600 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,203,172.16.35.128] exec command: "ls"
2015-03-24 16:22:33-0600 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,203,172.16.35.128] Opening TTY log: log/tty/20150324-162233-5076.log
2015-03-24 16:22:34-0600 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,203,172.16.35.128] /etc/motd resolved into /etc/motd
2015-03-24 16:22:34-0600 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,203,172.16.35.128] Running exec command "ls"
2015-03-24 16:22:34-0600 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,203,172.16.35.128] CMD: ls
2015-03-24 16:22:34-0600 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,203,172.16.35.128] Command found: ls
2015-03-24 16:22:34-0600 [SSHChannel session (0) on SSHService ssh-connection on HoneyPotTransport,203,172.16.35.128] sending close 0
2015-03-24 16:22:34-0600 [HoneyPotTransport,203,172.16.35.128] connection lost

I am trying to find out why kippo is disconnecting the session after the first command is sent. The script works perfect on a standard ssh client and is able to run each command.

[micheloosterhof]

Your script does not seem to work for me without modifications. You are missing imports (random, paramiko), what is the 'use' variable for? and my ssh_exec method does not seem to take a list of commands, only a string (using Paramiko 1.7.7.1). Also your try: statement does not end. Could you post a working test script please?

[micheloosterhof]

Btw, after modifying your script I can confirm the behavior, it does not run well on Kippo.

[metac0rtex]

Sorry, I didn't post the full code like I should have.