def api_configuration(): """ API Config (could be modify by user) Returns: a JSON with API configuration """ # DOCKER_ENV variable is set in the docker-compose file. if os.environ.get('MONGODB_DOCKER_ENV') == "true": db_url = "mongodb://mongodb:27017/" else: db_url = "mongodb://127.0.0.1:27017/" return { # OWASP Honeypot API Default Configuration "api_host": "0.0.0.0", "api_port": 5000, "api_debug_mode": False, "api_access_without_key": True, "api_access_key": generate_token(), # or any string, or None "api_client_white_list": { "enabled": False, "ips": ["127.0.0.1", "10.0.0.1", "192.168.1.1"] }, "api_access_log": { "enabled": False, "filename": "ohp_api_access.log" }, # mongodb://user:[email protected]:27017/ "api_database": db_url, "api_database_connection_timeout": 2000, # miliseconds "api_database_name": "ohp_events" }
def api_configuration(): """ API Config (could be modify by user) Returns: a JSON with API configuration """ return { # OWASP Honeypot API Default Configuration "api_host": "127.0.0.1", "api_port": 5000, "api_debug_mode": False, "api_access_without_key": True, "api_access_key": generate_token(), # or any string, or None "api_client_white_list": { "enabled": False, "ips": ["127.0.0.1", "10.0.0.1", "192.168.1.1"] }, "api_access_log": { "enabled": False, "filename": "ohp_api_access.log" }, "api_database": "mongodb://127.0.0.1:27017/", # mongodb://user:[email protected]:27017/ "api_database_connection_timeout": 2000, # miliseconds "api_database_name": "ohp_events" }
def api_configuration(): """ API Config (could be modify by user) Returns: a JSON with API configuration """ # DOCKER_ENV variable is set in the docker-compose file. if os.environ.get('ELASTICSEARCH_DOCKER_ENV') == "true": db_url = "elasticsearch:9200" else: db_url = "127.0.0.1:9200" return { # OWASP Honeypot API Default Configuration "api_host": "0.0.0.0", "api_port": 5000, "api_debug_mode": False, "api_access_without_key": True, "api_access_key": generate_token(), # or any string, or None "api_client_white_list": { "enabled": False, "ips": ["127.0.0.1", "10.0.0.1", "192.168.1.1"] }, "api_access_log": { "enabled": False, "filename": "ohp_api_access.log" }, # http://127.0.0.1:9200/ # todo: add SSL support later "api_database": db_url, "api_database_http_auth": ('elastic', 'changeme') }
def startVM(sample): VMName = sample["guest_image"] runTime = sample["time_to_run"] sample_file = sample["submission_file"] try: if api_config["VM"][VMName]["snapshot"]: snapshot_name = api_config["VM"][VMName]["snapshot"] except KeyError: return abort(404, "Internal memory snapshot not present.") tenjint_path = check_path("tenjint_config_path") emulator_path = check_path("emulator_path") VM_folder = check_path("VM_folder_name") samples_folder = check_path("samples_store") disk_snapshot = check_disk_snapshot(VMName) destFile = generate_token() destPath = VM_folder + destFile + '.qcow2' sample["domain"] = destFile sample["status"] = "running" shutil.copyfile(disk_snapshot, destPath) domain_uuid = uuid.uuid4() xmlPath = os.getcwd() + '/template.xml' tree = ET.parse(xmlPath) root = tree.getroot() vmi_string = "vmi=on,vmi-configs=" + tenjint_path root[0][3].set('value', vmi_string) root[1].text = destFile root[2].text = str(domain_uuid) root[12][0].text = emulator_path root[12][1][1].set('file', destPath) root[12][3][0].set("dir", samples_folder) root[13][5].set('value', snapshot_name) tree.write(xmlPath) xmlstr = ET.tostring(root, method='xml') xmlstr = str(xmlstr, 'utf-8') plugin_dir = check_path("plugin_dir") with open(plugin_dir + "sample.json", "w") as outfile: json.dump({"file": sample_file}, outfile) try: conn = libvirt.open('qemu:///system') if conn == None: print('Failed to open connection to qemu:///system', file=sys.stderr) exit(1) dom = conn.defineXML(xmlstr) if dom == None: print('Failed to define a domain from an XML definition.', file=sys.stderr) exit(1) if dom.create() < 0: print('Can not boot guest domain.', file=sys.stderr) exit(1) libvirt.virEventAddTimeout(runTime, myDomainTimeoutCalllback, destFile) db.submission.started.insert_one(sample) except libvirt.libvirtError: abort(404, "Libvirt could not be configured")
def module_configuration(): """ module configuration Returns: JSON/Dict module configuration """ return {"username": "******", "password": generate_token(16)}
def samplesubmit(): try: if request.args["api_key"]: if not (isauthenticated(request.args["api_key"])): return abort(404, "Invalid authenctication api key") except KeyError: return abort(404, "Authentication api key not availabale") try: if request.args["runTime"]: runTime = int(request.args["runTime"]) if runTime <= api_config["max_tenjint_run_time"]: if runTime >= api_config["min_tenjint_run_time"]: time_to_run = runTime else: return abort(404, "Duration to run Tenjint is less than minimum allowed") else: return abort(404, "Duration to run Tenjint more than maximum allowed") except KeyError: return abort(404, "Duration to run Tenjint not availabale") try: if request.args["guestImage"]: guest_image = request.args["guestImage"] if guest_image not in api_config["VM"]: return abort(404, "Requested Guest Image not available.") except KeyError: return abort(404, "Guest Image to run qemu not availabale") if not request.files: return abort(404, "Sample file not submitted") file = request.files['sample'] new_filename = secure_filename(file.filename) if len(new_filename) < 1: return abort(404, "Sample not submitted") origPath = os.getcwd() os.chdir('./shared_samples') if os.path.exists(new_filename): os.chdir(origPath) return abort(404, "Sample name already exists") file.save(os.path.join(new_filename)) os.chdir(origPath) sample = { 'time_to_run': time_to_run, 'guest_image': guest_image, 'status': 'ready', 'id': generate_token(32), 'submission_file': new_filename, 'domain': '', } db.submission.submission.insert_one(sample) newSample(sample) return jsonify( [{ 'submission_id': sample['id'] }])
def adduser(): try: if request.args["token"]: if request.args["token"] == api_config["api_admin_token"]: user = {'token': generate_token(32)} db.users.users.insert_one(user) return user['token'] else: return abort(404, "Invalid Authentication Token") except KeyError: return abort(404, "Authentication Token Not Availabale")
def module_configuration(): """ module configuration Returns: JSON/Dict module configuration """ return { "username": "******", "password": generate_token(16), "extra_docker_options": ["--volume {0}/tmp:/var/log/apache2/".format(os.getcwd())], "module_processor": ModuleProcessor() }
def module_configuration(): """ module configuration Returns: JSON/Dict module configuration """ return { "username": "******", "password": generate_token(16), "extra_docker_options": [ "--volume {0}/tmp:/root/logs/".format(os.getcwd()), "--env MAILSERVER_NAME=localhost" ], "module_processor": ModuleProcessor() }
def startVM(sample): VMName = sample["guest_image"] runTime = sample["time_to_run"] sample_file = sample["submission_file"] tenjint_path = check_path("tenjint_config_path") VM_folder = check_path("VM_folder_name") samples_folder = check_path("samples_store") disk_snapshot = check_disk_snapshot(VMName) disk_snapshot_name = check_snapshot(VMName, "disk-snap-name") snapshot_name = check_snapshot(VMName, "snapshot") destFile = generate_token(32) destPath = VM_folder + destFile + '.qcow2' sample["domain"] = destFile sample["status"] = "running" shutil.copyfile(disk_snapshot, destPath) xmlstr = VMTemplate(disk_snapshot_name, destFile, destPath, tenjint_path, snapshot_name, samples_folder) xmlstr = str(xmlstr, 'utf-8') plugin_dir = check_path("plugin_dir") with open(plugin_dir + "sample.json", "w") as outfile: json.dump({"file": sample_file}, outfile) db.submission.started.insert_one(sample) try: conn = libvirt.open('qemu:///system') if conn == None: print('Failed to open connection to qemu:///system', file=sys.stderr) exit(1) dom = conn.defineXML(xmlstr) if dom == None: print('Failed to define a domain from an XML definition.', file=sys.stderr) exit(1) if dom.create() < 0: print('Can not boot guest domain.', file=sys.stderr) exit(1) libvirt.virEventAddTimeout(runTime, myDomainTimeoutCalllback, destFile) except libvirt.libvirtError: abort(404, "Libvirt could not be configured")
def test_generate_token(self): self.assertEqual(len(generate_token(16)), 16) self.assertEqual(len(generate_token(32)), 32) self.assertEqual(len(generate_token(48)), 48) self.assertEqual(len(generate_token(1)), 1) self.assertEqual(len(generate_token()), 32) # default