Re: Announce: cmdexe.pl (honeyd script)

["SecurIT Informatique Inc." <securit () iquebec com>]

At 11:46 AM 02/12/2004, Vilhelm Verendel wrote:
> > [from the README]
> >
> > Description
> >
> >    cmdexe.pl is a simple Perl script, that works with honeyd, to
> >    emulate a DOS command prompt.  It is useful to emulate a simple
> >    Windows "shell" backdoor, as used by many worms nowadays.  It logs
> >    the command line entered.  Non-printable characters are logged in
> >    hexdump format.
> >
>
> Ok :-)
>
> I would like to mention the dos.py script available among the spank
> (http://spank.sf.net) programs. It can simulate a 'cmd.exe' service
> with basic file system operations on top of different virtual
> filesystems (represented in a mysql database). That means, one can simulate
> and get a little more of interaction -- e.g. for letting a worm cd
> around in virtual directories, deleting virtual files, and so on...
>
> /Vilhelm Verendel

Well, as this thread seems to be about telling the world about command 
prompts emulators, I'd like to remind to the community that I made a 
program called ComLog, available on my website 
http://securit.iquebec.com/.  It used to be on the honeynet project 
webpage, but it does not seem to be there anymore.

Far from being just an emulator, ComLog is actually a wrapper for the real 
cmd.exe.  It will log all the commands passed into it, send these commands 
to the real command prompt, and log the output before sending this data 
back to the user.  It was written in Perl, but a compiled executable is 
given with the Open Source download.

Hope this helps

Floydman