def makeService(self, options): """ Construct a TCPServer from a factory defined in Cowrie. """ if os.name == 'posix' and os.getuid() == 0: print('ERROR: You must not run cowrie as root!') sys.exit(1) cfg = readConfigFile(options["config"]) if cfg.has_option('honeypot', 'listen_addr'): listen_addr = cfg.get('honeypot', 'listen_addr') else: listen_addr = '0.0.0.0' # Preference: 1, option, 2, config, 3, default of 2222 if options['port'] != 0: listen_ports = options["port"] elif cfg.has_option('honeypot', 'listen_ports'): listen_ports = cfg.get('honeypot', 'listen_ports') else: listen_ports = "2222" listen_ports_range = [int(port) for port in listen_ports.split(" ")] if len(listen_ports_range) == 1: listen_ports_enum = [listen_ports_range[0]] else: listen_ports_enum = range(listen_ports_range[0], listen_ports_range[1] + 1) factory = core.ssh.HoneyPotSSHFactory(cfg) factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg)) # Disable pubkey checking, it breaks mitmproxy on Turris #factory.portal.registerChecker( # core.checkers.HoneypotPublicKeyChecker(cfg)) factory.portal.registerChecker( core.checkers.HoneypotPasswordChecker(cfg)) if cfg.has_option('honeypot', 'auth_none_enabled') and \ cfg.get('honeypot', 'auth_none_enabled').lower() in \ ('yes', 'true', 'on'): factory.portal.registerChecker(core.checkers.HoneypotNoneChecker()) top_service = top_service = service.MultiService() for i in listen_addr.split(): for port in listen_ports_enum: svc = internet.TCPServer(port, factory, interface=i) svc.setServiceParent(top_service) if cfg.has_option('honeypot', 'interact_enabled') and \ cfg.get('honeypot', 'interact_enabled').lower() in \ ('yes', 'true', 'on'): iport = int(cfg.get('honeypot', 'interact_port')) from cowrie.core import interact svc = internet.TCPServer(iport, interact.makeInteractFactory(factory)) svc.setServiceParent(top_service) application = service.Application('cowrie') top_service.setServiceParent(application) return top_service
class Fish_Service(service.Service): def __init__(self): pass def startService(self): service.Service.startService(self) # 什么都不做,开始服务 # def stopService(self): # return self._port.stopListening() # 配置参数 port = 10000 iface = '127.0.0.1' top_server = service.MultiService() # 定义服务容器 fish_server = Fish_Service() # 实例化我们的服务 factory = Mornitor_Factory(Fish_Service) # 工厂化服务 fish_server.setServiceParent(top_server) # 把自定义的服务加入到服务容器 tcp_server = internet.TCPServer(port, factory) # 定义tcp服务 #tcp_server = reactor.listenTCP(port, factory) tcp_server.setServiceParent(top_server) # 把tcp服务加入到服务容器 # application = service.Application('Fish_Service') # 给应用起个名字 top_server.setServiceParent(application) # 把服务容器丢到应用中去
## this sets up the application application = service.Application('dnsserver', 1, 1) # set up a resolver that uses the mapping or a secondary nameserver p2presolver = MapResolver(servers=[('8.8.8.8', 53)]) # create the protocols f = server.DNSServerFactory(caches=[cache.CacheResolver()], clients=[p2presolver]) p = dns.DNSDatagramProtocol(f) f.noisy = p.noisy = False # register as tcp and udp ret = service.MultiService() PORT = 53 for (klass, arg) in [(internet.TCPServer, f), (internet.UDPServer, p)]: s = klass(PORT, arg) s.setServiceParent(ret) # run all of the above as a twistd application ret.setServiceParent(service.IServiceCollection(application)) # run it through twistd! if __name__ == '__main__': import sys print "Usage: twistd -y %s" % sys.argv[0]
def makeService(self, options): srv = service.MultiService() s = None if "app" in options and (options["app"] or "")[-3:].lower() == ".py": options["filename"] = options["app"] if "filename" in options and os.path.exists(options["filename"]): n = os.path.splitext(os.path.split(options["filename"])[-1])[0] appmod = imp.load_source(n, options["filename"]) for name in dir(appmod): kls = getattr(appmod, name) if isinstance(kls, (type, types.ClassType)): if issubclass(kls, cyclone.web.Application): options["app"] = kls if ssl_support and os.path.exists(options["ssl-cert"]): options["ssl-app"] = kls # http if options["app"]: if callable(options["app"]): appmod = options["app"] else: appmod = reflect.namedAny(options["app"]) if options["appopts"]: app = appmod(options["appopts"]) else: app = appmod() unix = options.get("unix") if unix: s = internet.UNIXServer(unix, app) else: s = internet.TCPServer(options["port"], app, interface=options["listen"]) s.setServiceParent(srv) # https if options["ssl-app"]: if ssl_support: if callable(options["ssl-app"]): appmod = options["ssl-app"] else: appmod = reflect.namedAny(options["ssl-app"]) if options["ssl-appopts"]: app = appmod(options["ssl-appopts"]) else: app = appmod() s = internet.SSLServer(options["ssl-port"], app, ssl.DefaultOpenSSLContextFactory( options["ssl-key"], options["ssl-cert"]), interface=options["ssl-listen"]) s.setServiceParent(srv) else: print("SSL support is disabled. " "Install PyOpenSSL and try again.") if s is None: print("usage: cyclone run [server.py|--help]") sys.exit(1) return srv
from twisted.internet import reactor from twisted.internet.protocol import Protocol, Factory from twisted.application import service, internet #from twisted.internet.protocol import DatagramProtocol #from twisted.internet.threads import deferToThread from twisted.internet import defer # import txredisapi as redis from twisted.application import service, internet from twisted.internet.protocol import DatagramProtocol from twisted.internet.threads import deferToThread from twisted.protocols.basic import LineReceiver from twisted.internet.endpoints import TCP4ServerEndpoint # 实例化时间服务容器 time_service_container = service.MultiService() class Dict(LineReceiver): '''字典协议''' commands = { "CLIENT": '', "DEFINE": '', "MATCH": '', "SHOW": '', "STATUS": '', "HELP": '', "QUIT": '', "OPTION": '', "AUTH": '', "SASLAUTH": ''
from django.core.management import setup_environ import settings as settings_mod setup_environ(settings_mod) from twisted.words.protocols import irc from twisted.application import internet, service from twisted.internet import protocol, reactor, task from twisted.python import log from django.conf import settings from djangobot import DjangoBotService, ChannelPool, Channel from djangobot import DjangoPeopleMonitorService application = service.Application("djangobot") serv = service.MultiService() nickname = settings.BOT_NICKNAME channels = ChannelPool() for name in settings.BOT_CHANNELS: channels.add(Channel(name, nickname)) dbs = DjangoBotService(channels, nickname, settings.BOT_PASSWORD) internet.TCPClient( settings.BOT_IRC_SERVER, settings.BOT_IRC_PORT, dbs.getFactory(), ).setServiceParent(serv)
def makeService(options): """ Create a manhole server service. @type options: C{dict} @param options: A mapping describing the configuration of the desired service. Recognized key/value pairs are:: "telnetPort": strports description of the address on which to listen for telnet connections. If None, no telnet service will be started. "sshPort": strports description of the address on which to listen for ssh connections. If None, no ssh service will be started. "namespace": dictionary containing desired initial locals for manhole connections. If None, an empty dictionary will be used. "passwd": Name of a passwd(5)-format username/password file. "sshKeyDir": The folder that the SSH server key will be kept in. "sshKeyName": The filename of the key. "sshKeySize": The size of the key, in bits. Default is 4096. @rtype: L{twisted.application.service.IService} @return: A manhole service. """ svc = service.MultiService() namespace = options['namespace'] if namespace is None: namespace = {} checker = checkers.FilePasswordDB(options['passwd']) if options['telnetPort']: telnetRealm = _StupidRealm(telnet.TelnetBootstrapProtocol, insults.ServerProtocol, manhole.ColoredManhole, namespace) telnetPortal = portal.Portal(telnetRealm, [checker]) telnetFactory = protocol.ServerFactory() telnetFactory.protocol = makeTelnetProtocol(telnetPortal) telnetService = strports.service(options['telnetPort'], telnetFactory) telnetService.setServiceParent(svc) if options['sshPort']: sshRealm = manhole_ssh.TerminalRealm() sshRealm.chainedProtocolFactory = chainedProtocolFactory(namespace) sshPortal = portal.Portal(sshRealm, [checker]) sshFactory = manhole_ssh.ConchFactory(sshPortal) if options['sshKeyDir'] != "<USER DATA DIR>": keyDir = options['sshKeyDir'] else: from twisted.python._appdirs import getDataDirectory keyDir = getDataDirectory() keyLocation = filepath.FilePath(keyDir).child(options['sshKeyName']) sshKey = keys._getPersistentRSAKey(keyLocation, int(options['sshKeySize'])) sshFactory.publicKeys["ssh-rsa"] = sshKey sshFactory.privateKeys["ssh-rsa"] = sshKey sshService = strports.service(options['sshPort'], sshFactory) sshService.setServiceParent(svc) return svc
def makeService(configuration): settings = Config(['']) settings.load(configuration) if not settings.header: sys.exit(1) serviceCollection = service.MultiService() poker_service = PokerService(settings) poker_service.setServiceParent(serviceCollection) poker_factory = IPokerFactory(poker_service) # # Poker protocol (with or without SSL) # tcp_port = settings.headerGetInt("/server/listen/@tcp") internet.TCPServer(tcp_port, poker_factory).setServiceParent(serviceCollection) tcp_ssl_port = settings.headerGetInt("/server/listen/@tcp_ssl") if HAS_OPENSSL and tcp_ssl_port: internet.SSLServer( tcp_ssl_port, poker_factory, SSLContextFactory(settings)).setServiceParent(serviceCollection) rest_site = PokerSite(settings, PokerRestTree(poker_service)) # # HTTP (with or without SLL) that implements REST # rest_port = settings.headerGetInt("/server/listen/@rest") if rest_port: internet.TCPServer(rest_port, rest_site).setServiceParent(serviceCollection) rest_ssl_port = settings.headerGetInt("/server/listen/@rest_ssl") if HAS_OPENSSL and rest_ssl_port: internet.SSLServer( rest_ssl_port, rest_site, SSLContextFactory(settings)).setServiceParent(serviceCollection) http_site = server.Site(PokerTree(poker_service)) # # HTTP (with or without SLL) that implements XML-RPC and SOAP # http_port = settings.headerGetInt("/server/listen/@http") if http_port: internet.TCPServer(http_port, http_site).setServiceParent(serviceCollection) http_ssl_port = settings.headerGetInt("/server/listen/@http_ssl") if HAS_OPENSSL and http_ssl_port: internet.SSLServer( http_ssl_port, http_site, SSLContextFactory(settings)).setServiceParent(serviceCollection) # # TELNET twisted.manhole (without SSL) # manhole_port = settings.headerGetInt("/server/listen/@manhole") if manhole_port: manhole_factory = telnet.ShellFactory() manhole_factory.namespace['poker_service'] = poker_service manhole_factory.namespace['poker_site'] = rest_site manhole_service = internet.TCPServer(manhole_port, manhole_factory, interface='127.0.0.1') manhole_service.setName("manhole") manhole_service.setServiceParent(serviceCollection) if settings.headerGetInt("/server/@verbose") > 0: print "PokerManhole: manhole is useful for debugging, use with telnet admin/admin, however, it can be a security risk and should be used only during debugging" return serviceCollection
def makeService(self, options): TRACE_LEVEL_NUM = 5 logging.addLevelName(TRACE_LEVEL_NUM, "TRACE") def trace(self, message, *args, **kws): self._log(TRACE_LEVEL_NUM, message, args, **kws) logging.Logger.trace = trace import urllib3 # TODO: remove this code again, not sure why it doesn't just fix it by itself. urllib3.disable_warnings() if options["djangodebug"]: os.environ["DJANGO_DEBUG"] = "1" logging.getLogger("rebulk.rules").setLevel(logging.WARNING) logging.getLogger("rebulk.rebulk").setLevel(logging.WARNING) logging.getLogger("chardet.charsetprober").setLevel(logging.WARNING) if options["trace"]: log_level = TRACE_LEVEL_NUM asyncio.set_event_loop(reactor._asyncioEventloop) asyncio.get_event_loop().set_debug(True) elif options["debug"]: log_level = logging.DEBUG else: log_level = logging.WARNING if options["stdout"]: handler = logging.StreamHandler(sys.stdout) else: handler = logging.handlers.RotatingFileHandler( "tridentstream.log", maxBytes=50 * 1024 * 1024, backupCount=5 ) handler.setLevel(log_level) formatter = logging.Formatter( "%(asctime)-15s:%(levelname)s:%(name)s:%(lineno)d:%(message)s" ) handler.setFormatter(formatter) root = logging.getLogger() root.setLevel(log_level) root.addHandler(handler) observer = log.PythonLoggingObserver() observer.start() from django.conf import settings if 'pidfile' in options.parent: settings.TWISTD_PIDFILE = options.parent['pidfile'] if options["clearcache"]: settings.DEBUG_CLEAR_CACHE = True from django.core.cache import cache cache.clear() multi = service.MultiService() django.setup() application = get_default_application() if options["reverseproxy"] == "on": asgiresource = ASGIResource( application, use_proxy_headers=True, use_x_sendfile=True ) elif options["reverseproxy"] == "off": asgiresource = ASGIResource( application, use_proxy_proto_header=True, use_x_sendfile=True ) else: asgiresource = ASGIResource( application, automatic_proxy_header_handling=True, use_x_sendfile=True ) r = Root(asgiresource) from thomas import OutputBase http_output_cls = OutputBase.find_plugin("http") http_output = http_output_cls(url_prefix="stream") http_output.start() r.putChild(b"stream", http_output.resource) settings.THOMAS_HTTP_OUTPUT = http_output from django.contrib import admin r.putChild( settings.STATIC_URL.strip("/").encode("utf-8"), File(settings.STATIC_ROOT.encode("utf-8")), ) # Gluing it all together site = server.Site(r) multi.addService(ASGIService(site, asgiresource, options["description"])) scheduler_service = SchedulerService() multi.addService(scheduler_service) settings.SCHEDULER = scheduler_service.scheduler def initialize(): def _initialize(): from unplugged.bootstrap import bootstrap_all bootstrap_all() loop = asyncio.get_running_loop() asyncio.ensure_future(loop.run_in_executor(None, _initialize)) reactor.callLater(0, initialize) # Django doesn't seem to want to kill connections def cleanup_database_connections(): def cleanup_thread(): from django.db import close_old_connections close_old_connections() settings.SCHEDULER.add_job(cleanup_thread, "interval", minutes=15) reactor.callLater(0, cleanup_database_connections) return multi
def setUp(self): self.s = service.MultiService() self.target_tub, self.source_tub = self.makeTubs(2) self.target_tub.setServiceParent(self.s) self.source_tub.setServiceParent(self.s)
def makeService(options): """ Makes a new swftp-sftp service. The only option is the config file location. See CONFIG_DEFAULTS for list of configuration options. """ from twisted.conch.ssh.connection import SSHConnection from twisted.conch.ssh.factory import SSHFactory from twisted.conch.ssh.keys import Key from twisted.cred.portal import Portal from swftp.realm import SwftpRealm from swftp.sftp.server import SwiftSSHUserAuthServer from swftp.auth import SwiftBasedAuthDB from swftp.utils import ( log_runtime_info, GLOBAL_METRICS, parse_key_value_config) c = get_config(options['config_file'], options) sftp_service = service.MultiService() # ensure timezone is GMT os.environ['TZ'] = 'GMT' time.tzset() print('Starting SwFTP-sftp %s' % VERSION) # Add statsd service if c.get('sftp', 'log_statsd_host'): try: from swftp.statsd import makeService as makeStatsdService makeStatsdService( c.get('sftp', 'log_statsd_host'), c.getint('sftp', 'log_statsd_port'), sample_rate=c.getfloat('sftp', 'log_statsd_sample_rate'), prefix=c.get('sftp', 'log_statsd_metric_prefix') ).setServiceParent(sftp_service) except ImportError: sys.stderr.write('Missing Statsd Module. Requires "txstatsd" \n') if c.get('sftp', 'stats_host'): from swftp.report import makeService as makeReportService known_fields = [ 'command.login', 'command.logout', 'command.gotVersion', 'command.openFile', 'command.removeFile', 'command.renameFile', 'command.makeDirectory', 'command.removeDirectory', 'command.openDirectory', 'command.getAttrs', ] + GLOBAL_METRICS makeReportService( c.get('sftp', 'stats_host'), c.getint('sftp', 'stats_port'), known_fields=known_fields ).setServiceParent(sftp_service) authdb = SwiftBasedAuthDB( c.get('sftp', 'auth_url'), global_max_concurrency=c.getint('sftp', 'num_persistent_connections'), max_concurrency=c.getint('sftp', 'num_connections_per_session'), timeout=c.getint('sftp', 'connection_timeout'), extra_headers=parse_key_value_config(c.get('sftp', 'extra_headers')), verbose=c.getboolean('sftp', 'verbose'), rewrite_scheme=c.get('sftp', 'rewrite_storage_scheme'), rewrite_netloc=c.get('sftp', 'rewrite_storage_netloc'), ) rabbitmq_hosts = c.get('rabbitmq', 'rabbitmq_hosts') rabbitmq_cluster = RabbitClusterClient([RabbitReplica(host, port) \ for host, port in [(h,int(p)) for h,p in [r.split(':') \ for r in rabbitmq_hosts.split(',')]]], \ c.get('rabbitmq', 'username'), \ c.get('rabbitmq', 'password')) \ if rabbitmq_hosts else None queue_name = c.get('rabbitmq', 'queue_name') realm = SwftpRealm(rabbitmq_cluster, queue_name) sftpportal = Portal(realm) sftpportal.registerChecker(authdb) sshfactory = SSHFactory() protocol = SwiftSSHServerTransport protocol.maxConnectionsPerUser = c.getint('sftp', 'sessions_per_user') protocol.supportedCiphers = c.get('sftp', 'chiphers') protocol.supportedMACs = c.get('sftp', 'macs') protocol.supportedCompressions = c.get('sftp', 'compressions') sshfactory.protocol = protocol sshfactory.noisy = False sshfactory.portal = sftpportal sshfactory.services['ssh-userauth'] = SwiftSSHUserAuthServer sshfactory.services['ssh-connection'] = SSHConnection pub_key_string = file(c.get('sftp', 'pub_key')).read() priv_key_string = file(c.get('sftp', 'priv_key')).read() sshfactory.publicKeys = { 'ssh-rsa': Key.fromString(data=pub_key_string)} sshfactory.privateKeys = { 'ssh-rsa': Key.fromString(data=priv_key_string)} signal.signal(signal.SIGUSR1, log_runtime_info) signal.signal(signal.SIGUSR2, log_runtime_info) internet.TCPServer( c.getint('sftp', 'port'), sshfactory, interface=c.get('sftp', 'host')).setServiceParent(sftp_service) return sftp_service
def makeService(self, options): """ Construct a TCPServer from a factory defined in Cowrie. """ if os.name == 'posix' and os.getuid() == 0: print('ERROR: You must not run cowrie as root!') sys.exit(1) cfg = readConfigFile(options["config"]) topService = service.MultiService() application = service.Application('cowrie') topService.setServiceParent(application) factory = cowrie.ssh.factory.CowrieSSHFactory(cfg) factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg)) factory.portal.registerChecker( core.checkers.HoneypotPublicKeyChecker()) factory.portal.registerChecker( core.checkers.HoneypotPasswordChecker(cfg)) if cfg.has_option('honeypot', 'auth_none_enabled') and \ cfg.getboolean('honeypot', 'auth_none_enabled') == True: factory.portal.registerChecker(core.checkers.HoneypotNoneChecker()) if cfg.has_option('ssh', 'listen_addr'): listen_ssh_addr = cfg.get('ssh', 'listen_addr') elif cfg.has_option('honeypot', 'listen_addr'): listen_ssh_addr = cfg.get('honeypot', 'listen_addr') else: listen_ssh_addr = '0.0.0.0' # Preference: 1, option, 2, config, 3, default of 2222 if options['port'] != 0: listen_ssh_port = int(options["port"]) elif cfg.has_option('ssh', 'listen_port'): listen_ssh_port = cfg.getint('ssh', 'listen_port') elif cfg.has_option('honeypot', 'listen_port'): listen_ssh_port = cfg.getint('honeypot', 'listen_port') else: listen_ssh_port = 2222 for i in listen_ssh_addr.split(): svc = internet.TCPServer(listen_ssh_port, factory, interface=i) # FIXME: Use addService on topService ? svc.setServiceParent(topService) if cfg.has_option('telnet', 'enabled') and \ cfg.getboolean('telnet', 'enabled') == True: if cfg.has_option('telnet', 'listen_addr'): listen_telnet_addr = cfg.get('telnet', 'listen_addr') else: listen_telnet_addr = '0.0.0.0' # Preference: 1, config, 2, default of 2223 if cfg.has_option('telnet', 'listen_port'): listen_telnet_port = cfg.getint('telnet', 'listen_port') else: listen_telnet_port = 2223 f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg) f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg)) f.portal.registerChecker( core.checkers.HoneypotPasswordChecker(cfg)) for i in listen_telnet_addr.split(): tsvc = internet.TCPServer(listen_telnet_port, f, interface=i) # FIXME: Use addService on topService ? tsvc.setServiceParent(topService) if cfg.has_option('honeypot', 'interact_enabled') and \ cfg.getboolean('honeypot', 'interact_enabled') == True: iport = int(cfg.get('honeypot', 'interact_port')) # FIXME this doesn't support checking both Telnet and SSH sessions from cowrie.core import interact svc = internet.TCPServer(iport, interact.makeInteractFactory(factory), interface='127.0.0.1') # FIXME: Use addService on topService ? svc.setServiceParent(topService) return topService
def makeService(snames, options, db_connect=True, require_system_user_auth=True, module_name="anchore_engine.services", validate_params={}): try: logger.enable_bootstrap_logging(service_name=','.join(snames)) try: # config and init configfile = configdir = None if options['config']: configdir = options['config'] configfile = os.path.join(options['config'], 'config.yaml') anchore_engine.configuration.localconfig.load_config( configdir=configdir, configfile=configfile, validate_params=validate_params) localconfig = anchore_engine.configuration.localconfig.get_config() localconfig['myservices'] = [] logger.spew("localconfig=" + json.dumps(localconfig, indent=4, sort_keys=True)) except Exception as err: logger.error("cannot load configuration: exception - " + str(err)) raise err # get versions of things try: versions = anchore_engine.configuration.localconfig.get_versions() except Exception as err: logger.error("cannot detect versions of service: exception - " + str(err)) raise err if db_connect: logger.info("initializing database") # connect to DB try: db.initialize(localconfig=localconfig, versions=versions) except Exception as err: logger.error("cannot connect to configured DB: exception - " + str(err)) raise err #credential bootstrap localconfig['system_user_auth'] = (None, None) if require_system_user_auth: gotauth = False max_retries = 60 for count in range(1, max_retries): if gotauth: continue try: with session_scope() as dbsession: localconfig[ 'system_user_auth'] = get_system_user_auth( session=dbsession) if localconfig['system_user_auth'] != (None, None): gotauth = True else: logger.error( "cannot get system user auth credentials yet, retrying (" + str(count) + " / " + str(max_retries) + ")") time.sleep(5) except Exception as err: logger.error( "cannot get system-user auth credentials - service may not have system level access" ) localconfig['system_user_auth'] = (None, None) if not gotauth: raise Exception( "service requires system user auth to start") # application object application = service.Application("multi-service-" + '-'.join(snames)) #multi-service retservice = service.MultiService() retservice.setServiceParent(application) success = False try: scount = 0 for sname in snames: if sname in localconfig['services'] and localconfig[ 'services'][sname]['enabled']: smodule = importlib.import_module(module_name + "." + sname) s = smodule.createService(sname, localconfig) s.setServiceParent(retservice) rc = smodule.initializeService(sname, localconfig) if not rc: raise Exception("failed to initialize service") rc = smodule.registerService(sname, localconfig) if not rc: raise Exception("failed to register service") logger.debug("starting service: " + sname) success = True scount += 1 localconfig['myservices'].append(sname) else: logger.error( "service not enabled in config, not starting service: " + sname) if scount == 0: logger.error( "no services/subservices were enabled/started on this host" ) success = False except Exception as err: logger.error("cannot create/init/register service: " + sname + " - exception: " + str(err)) success = False if not success: logger.error("cannot start service (see above for information)") traceback.print_exc('Service init failure') raise Exception("cannot start service (see above for information)") return (retservice) finally: logger.disable_bootstrap_logging()
def makeService(self, options): """ Construct a TCPServer from a factory defined in Cowrie. """ if options["help"] is True: print("""Usage: twistd [options] cowrie [-h] Options: -h, --help print this help message. Makes a Cowrie SSH/Telnet honeypot. """) sys.exit(1) if os.name == 'posix' and os.getuid() == 0: print('ERROR: You must not run cowrie as root!') sys.exit(1) log.msg("Python Version {}".format(str(sys.version).replace('\n', ''))) log.msg("Twisted Version {}.{}.{}".format(__version__.major, __version__.minor, __version__.micro)) # ssh is enabled by default try: enableSSH = CONFIG.getboolean('ssh', 'enabled') except (configparser.NoSectionError, configparser.NoOptionError): enableSSH = True # telnet is disabled by default try: enableTelnet = CONFIG.getboolean('telnet', 'enabled') except (configparser.NoSectionError, configparser.NoOptionError): enableTelnet = False if enableTelnet is False and enableSSH is False: print('ERROR: You must at least enable SSH or Telnet') sys.exit(1) # Load db loggers self.dbloggers = [] for x in CONFIG.sections(): if not x.startswith('database_'): continue engine = x.split('_')[1] try: dblogger = __import__('cowrie.dblog.{}'.format(engine), globals(), locals(), ['dblog']).DBLogger() log.addObserver(dblogger.emit) self.dbloggers.append(dblogger) log.msg("Loaded dblog engine: {}".format(engine)) except Exception: log.err() log.msg("Failed to load dblog engine: {}".format(engine)) # Load output modules self.output_plugins = [] for x in CONFIG.sections(): if not x.startswith('output_'): continue if CONFIG.getboolean(x, 'enabled') is False: continue engine = x.split('_')[1] try: output = __import__('cowrie.output.{}'.format(engine), globals(), locals(), ['output']).Output() log.addObserver(output.emit) self.output_plugins.append(output) log.msg("Loaded output engine: {}".format(engine)) except ImportError as e: log.err( "Failed to load output engine: {} due to ImportError: {}". format(engine, e)) log.msg( "Please install the dependencies for {} listed in requirements-output.txt" .format(engine)) except Exception: log.err() log.msg("Failed to load output engine: {}".format(engine)) topService = service.MultiService() application = service.Application('cowrie') topService.setServiceParent(application) if enableSSH: factory = cowrie.ssh.factory.CowrieSSHFactory() factory.tac = self factory.portal = portal.Portal(core.realm.HoneyPotRealm()) factory.portal.registerChecker( core.checkers.HoneypotPublicKeyChecker()) factory.portal.registerChecker( core.checkers.HoneypotPasswordChecker()) if CONFIG.has_option('honeypot', 'auth_none_enabled') and \ CONFIG.getboolean('honeypot', 'auth_none_enabled') is True: factory.portal.registerChecker( core.checkers.HoneypotNoneChecker()) if CONFIG.has_section('ssh'): listen_endpoints = get_endpoints_from_section( CONFIG, 'ssh', 2222) else: listen_endpoints = get_endpoints_from_section( CONFIG, 'honeypot', 2222) create_endpoint_services(reactor, topService, listen_endpoints, factory) if enableTelnet: f = cowrie.telnet.transport.HoneyPotTelnetFactory() f.tac = self f.portal = portal.Portal(core.realm.HoneyPotRealm()) f.portal.registerChecker(core.checkers.HoneypotPasswordChecker()) listen_endpoints = get_endpoints_from_section( CONFIG, 'telnet', 2223) create_endpoint_services(reactor, topService, listen_endpoints, f) return topService
def testDoublyNamedChild(self): s = service.Service() p = service.MultiService() s.setName("hello") s.setServiceParent(p) self.failUnlessRaises(RuntimeError, s.setName, "lala")
#The below depend on Orbited's logging.setup(...), from above. from orbited import cometsession from orbited import proxy #local imports from skgargpms.twisted_wsgi import get_root_resource from realtime.stompfactory import get_stomp_factory from realtime.message_handlers import MESSAGE_HANDLERS from realtime.restq import RestQMessageProxy #Create Twisted Application. application = service.Application('skgargpms') # make a new MultiService to hold the thread/web services, add its parent as twisted application. multi = service.MultiService() multi.setServiceParent(application) # Django and static file server, Common HTTP server.: root_resource = get_root_resource(multi) #Default Webserver which server the Django project files. static_media = os.path.join(os.path.dirname(__file__), 'skgargpms/static_media').replace('\\', '/') root_resource.putChild("static", static.File(static_media)) favicon = os.path.join(os.path.dirname(__file__), 'skgargpms/static_media/favicon.ico').replace( '\\', '/') root_resource.putChild('favicon.ico', static.File(favicon)) #Sproutcore Mobile application URL.
def setUp(self): self.s = service.MultiService() self.s.startService() return super(GridTestMixin, self).setUp()
def run_siptrackd_twisted(listen_port, ssl_port, ssl_private_key, ssl_certificate, storage, reload_interval, searcher): log.msg('Creating object store') object_store = siptrackdlib.ObjectStore(storage, searcher=searcher) session_handler = sessions.SessionHandler() log.msg('Creating rpc interface') siptrackd_rpc = SiptrackdRPC(object_store, session_handler) xmlrpc.addIntrospection(siptrackd_rpc) view_rpc = view.ViewRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('view', view_rpc) view_tree_rpc = view.ViewTreeRPC(object_store, session_handler) view_rpc.putSubHandler('tree', view_tree_rpc) counter_rpc = counter.CounterRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('counter', counter_rpc) counter_loop_rpc = counter.CounterLoopRPC(object_store, session_handler) counter_rpc.putSubHandler('loop', counter_loop_rpc) user_rpc = user.UserRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('user', user_rpc) user_local_rpc = user.UserLocalRPC(object_store, session_handler) user_rpc.putSubHandler('local', user_local_rpc) user_ldap_rpc = user.UserLDAPRPC(object_store, session_handler) user_rpc.putSubHandler('ldap', user_ldap_rpc) user_active_directory_rpc = user.UserActiveDirectoryRPC( object_store, session_handler) user_rpc.putSubHandler('activedirectory', user_active_directory_rpc) user_rpc.putSubHandler('ad', user_active_directory_rpc) user_manager_rpc = user.UserManagerRPC(object_store, session_handler) user_rpc.putSubHandler('manager', user_manager_rpc) user_manager_local_rpc = user.UserManagerLocalRPC(object_store, session_handler) user_manager_rpc.putSubHandler('local', user_manager_local_rpc) user_manager_ldap_rpc = user.UserManagerLDAPRPC(object_store, session_handler) user_manager_rpc.putSubHandler('ldap', user_manager_ldap_rpc) user_manager_active_directory_rpc = user.UserManagerActiveDirectoryRPC( object_store, session_handler) user_manager_rpc.putSubHandler('activedirectory', user_manager_active_directory_rpc) user_manager_rpc.putSubHandler('ad', user_manager_active_directory_rpc) user_group_rpc = user.UserGroupRPC(object_store, session_handler) user_rpc.putSubHandler('group', user_group_rpc) user_group_ldap_rpc = user.UserGroupLDAPRPC(object_store, session_handler) user_group_rpc.putSubHandler('ldap', user_group_ldap_rpc) user_group_active_directory_rpc = user.UserGroupActiveDirectoryRPC( object_store, session_handler) user_group_rpc.putSubHandler('activedirectory', user_group_active_directory_rpc) user_group_rpc.putSubHandler('ad', user_group_active_directory_rpc) device_rpc = device.DeviceRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('device', device_rpc) device_tree_rpc = device.DeviceTreeRPC(object_store, session_handler) device_rpc.putSubHandler('tree', device_tree_rpc) device_category_rpc = device.DeviceCategoryRPC(object_store, session_handler) device_rpc.putSubHandler('category', device_category_rpc) device_config_rpc = deviceconfig.DeviceConfigRPC(object_store, session_handler) device_rpc.putSubHandler('config', device_config_rpc) device_config_template_rpc = deviceconfig.DeviceConfigTemplateRPC( object_store, session_handler) device_config_rpc.putSubHandler('template', device_config_template_rpc) password_rpc = password.PasswordRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('password', password_rpc) password_key_rpc = password.PasswordKeyRPC(object_store, session_handler) password_rpc.putSubHandler('key', password_key_rpc) password_tree_rpc = password.PasswordTreeRPC(object_store, session_handler) password_rpc.putSubHandler('tree', password_tree_rpc) password_category_rpc = password.PasswordCategoryRPC( object_store, session_handler) password_rpc.putSubHandler('category', password_category_rpc) sub_key_rpc = password.SubKeyRPC(object_store, session_handler) password_rpc.putSubHandler('subkey', sub_key_rpc) network_rpc = network.NetworkRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('network', network_rpc) network_tree_rpc = network.NetworkTreeRPC(object_store, session_handler) network_rpc.putSubHandler('tree', network_tree_rpc) network_ipv4_rpc = network.NetworkIPV4RPC(object_store, session_handler) network_rpc.putSubHandler('ipv4', network_ipv4_rpc) network_range_rpc = network.NetworkRangeRPC(object_store, session_handler) network_rpc.putSubHandler('range', network_range_rpc) network_range_ipv4_rpc = network.NetworkRangeIPV4RPC( object_store, session_handler) network_range_rpc.putSubHandler('ipv4', network_range_ipv4_rpc) network_ipv6_rpc = network.NetworkIPV6RPC(object_store, session_handler) network_rpc.putSubHandler('ipv6', network_ipv6_rpc) network_range_ipv6_rpc = network.NetworkRangeIPV6RPC( object_store, session_handler) network_range_rpc.putSubHandler('ipv6', network_range_ipv6_rpc) container_rpc = container.ContainerRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('container', container_rpc) container_tree_rpc = container.ContainerTreeRPC(object_store, session_handler) container_rpc.putSubHandler('tree', container_tree_rpc) attribute_rpc = attribute.AttributeRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('attribute', attribute_rpc) versioned_attribute_rpc = attribute.VersionedAttributeRPC( object_store, session_handler) attribute_rpc.putSubHandler('versioned', versioned_attribute_rpc) encrypted_attribute_rpc = attribute.EncryptedAttributeRPC( object_store, session_handler) attribute_rpc.putSubHandler('encrypted', encrypted_attribute_rpc) template_rpc = template.TemplateRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('template', template_rpc) device_template_rpc = template.DeviceTemplateRPC(object_store, session_handler) template_rpc.putSubHandler('device', device_template_rpc) network_template_rpc = template.NetworkTemplateRPC(object_store, session_handler) template_rpc.putSubHandler('network', network_template_rpc) template_rule_rpc = template.TemplateRuleRPC(object_store, session_handler) template_rpc.putSubHandler('rule', template_rule_rpc) template_rule_password_rpc = template.TemplateRulePasswordRPC( object_store, session_handler) template_rule_rpc.putSubHandler('password', template_rule_password_rpc) template_rule_assign_network_rpc = template.TemplateRuleAssignNetworkRPC( object_store, session_handler) template_rule_rpc.putSubHandler('assign_network', template_rule_assign_network_rpc) template_rule_subdevice_rpc = template.TemplateRuleSubdeviceRPC( object_store, session_handler) template_rule_rpc.putSubHandler('subdevice', template_rule_subdevice_rpc) template_rule_text_rpc = template.TemplateRuleTextRPC( object_store, session_handler) template_rule_rpc.putSubHandler('text', template_rule_text_rpc) template_rule_fixed_rpc = template.TemplateRuleFixedRPC( object_store, session_handler) template_rule_rpc.putSubHandler('fixed', template_rule_fixed_rpc) template_rule_regmatch_rpc = template.TemplateRuleRegmatchRPC( object_store, session_handler) template_rule_rpc.putSubHandler('regmatch', template_rule_regmatch_rpc) template_rule_bool_rpc = template.TemplateRuleBoolRPC( object_store, session_handler) template_rule_rpc.putSubHandler('bool', template_rule_bool_rpc) template_rule_int_rpc = template.TemplateRuleIntRPC( object_store, session_handler) template_rule_rpc.putSubHandler('int', template_rule_int_rpc) template_rule_delete_attribute_rpc = template.TemplateRuleDeleteAttributeRPC( object_store, session_handler) template_rule_rpc.putSubHandler('delete_attribute', template_rule_delete_attribute_rpc) template_rule_flush_nodes_rpc = template.TemplateRuleFlushNodesRPC( object_store, session_handler) template_rule_rpc.putSubHandler('flush_nodes', template_rule_flush_nodes_rpc) template_rule_flush_associations_rpc = template.TemplateRuleFlushAssociationsRPC( object_store, session_handler) template_rule_rpc.putSubHandler('flush_associations', template_rule_flush_associations_rpc) config_rpc = config.ConfigRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('config', config_rpc) config_network_autoassign_rpc = config.ConfigNetworkAutoassignRPC( object_store, session_handler) config_rpc.putSubHandler('network_autoassign', config_network_autoassign_rpc) config_value_rpc = config.ConfigValueRPC(object_store, session_handler) config_rpc.putSubHandler('value', config_value_rpc) simple_rpc = simple.SimpleRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('simple', simple_rpc) permission_rpc = permission.PermissionRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('permission', permission_rpc) command_rpc = event.CommandRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('command', command_rpc) command_queue_rpc = event.CommandQueueRPC(object_store, session_handler) command_rpc.putSubHandler('queue', command_queue_rpc) event_rpc = event.EventRPC(object_store, session_handler) siptrackd_rpc.putSubHandler('event', event_rpc) event_trigger_rpc = event.EventTriggerRPC(object_store, session_handler) event_rpc.putSubHandler('trigger', event_trigger_rpc) event_trigger_rule_rpc = event.EventTriggerRuleRPC(object_store, session_handler) event_trigger_rpc.putSubHandler('rule', event_trigger_rule_rpc) event_trigger_rule_python_rpc = event.EventTriggerRulePythonRPC( object_store, session_handler) event_trigger_rule_rpc.putSubHandler('python', event_trigger_rule_python_rpc) root_service = service.MultiService() if listen_port: siptrackd_xmlrpc_service = internet.TCPServer( listen_port, server.Site(siptrackd_rpc)) siptrackd_xmlrpc_service.setServiceParent(root_service) if ssl_port: ssl_context = SiptrackOpenSSLContextFactory(ssl_private_key, ssl_certificate) siptrackd_ssl_xmlrpc_service = internet.SSLServer( ssl_port, server.Site(siptrackd_rpc), ssl_context) siptrackd_ssl_xmlrpc_service.setServiceParent(root_service) application = service.Application('siptrackd') root_service.setServiceParent(application) reactor.callWhenRunning(siptrackd_twisted_init, object_store, application) if reload_interval: reactor.callLater(reload_interval, object_store_reloader, session_handler, object_store, reload_interval) reactor.run() log.msg('Shutting down siptrackd server.') return 0
def makeService(snames, options, bootstrap_db=False, bootstrap_users=False): try: # config and init configfile = configdir = None if options['config']: configdir = options['config'] configfile = os.path.join(options['config'], 'config.yaml') anchore_engine.configuration.localconfig.load_config( configdir=configdir, configfile=configfile) localconfig = anchore_engine.configuration.localconfig.get_config() localconfig['myservices'] = [] logger.spew("localconfig=" + json.dumps(localconfig, indent=4, sort_keys=True)) except Exception as err: log.err("cannot load configuration: exception - " + str(err)) raise err # get versions of things try: versions = anchore_engine.configuration.localconfig.get_versions() except Exception as err: log.err("cannot detect versions of service: exception - " + str(err)) raise err logger.info("initializing database") # connect to DB try: db.initialize(versions=versions, bootstrap_db=bootstrap_db, bootstrap_users=bootstrap_users) except Exception as err: log.err("cannot connect to configured DB: exception - " + str(err)) raise err #credential bootstrap with session_scope() as dbsession: system_user = db_users.get('anchore-system', session=dbsession) localconfig['system_user_auth'] = (system_user['userId'], system_user['password']) # application object application = service.Application("multi-service-" + '-'.join(snames)) #from twisted.python.log import ILogObserver, FileLogObserver #from twisted.python.logfile import DailyLogFile #logfile = DailyLogFile("ghgh.log", "/tmp/") #multi-service retservice = service.MultiService() retservice.setServiceParent(application) success = False try: scount = 0 for sname in snames: if sname in localconfig['services'] and localconfig['services'][ sname]['enabled']: smodule = importlib.import_module("anchore_engine.services." + sname) s = smodule.createService(sname, localconfig) s.setServiceParent(retservice) rc = smodule.initializeService(sname, localconfig) if not rc: raise Exception("failed to initialize service") rc = smodule.registerService(sname, localconfig) if not rc: raise Exception("failed to register service") logger.debug("starting service: " + sname) success = True scount += 1 localconfig['myservices'].append(sname) else: log.err( "service not enabled in config, not starting service: " + sname) if scount == 0: log.err( "no services/subservices were enabled/started on this host") success = False except Exception as err: log.err("cannot create/init/register service: " + sname + " - exception: " + str(err)) success = False if not success: log.err("cannot start service (see above for information)") traceback.print_exc('Service init failure') raise Exception("cannot start service (see above for information)") return (retservice)
def testInterface(self): s = service.MultiService() c = compat.IOldApplication(s) for key in compat.IOldApplication.__dict__.keys(): if callable(getattr(compat.IOldApplication, key)): self.assert_(callable(getattr(c, key)))
def makeService(self, options): """ Construct a TCPServer from a factory defined in Cowrie. """ if options["help"] == True: self.printHelp() sys.exit(1) if os.name == 'posix' and os.getuid() == 0: print('ERROR: You must not run cowrie as root!') sys.exit(1) cfg = readConfigFile( ("cowrie.cfg.dist", "etc/cowrie.cfg", "cowrie.cfg")) # ssh is enabled by default if cfg.has_option('ssh', 'enabled') == False or \ (cfg.has_option('ssh', 'enabled') and \ cfg.getboolean('ssh', 'enabled') == True): enableSSH = True else: enableSSH = False # telnet is disabled by default if cfg.has_option('telnet', 'enabled') and \ cfg.getboolean('telnet', 'enabled') == True: enableTelnet = True else: enableTelnet = False if enableTelnet == False and enableSSH == False: print('ERROR: You must at least enable SSH or Telnet') sys.exit(1) # Load db loggers self.dbloggers = [] for x in cfg.sections(): if not x.startswith('database_'): continue engine = x.split('_')[1] try: dblogger = __import__('cowrie.dblog.{}'.format(engine), globals(), locals(), ['dblog']).DBLogger(cfg) log.addObserver(dblogger.emit) self.dbloggers.append(dblogger) log.msg("Loaded dblog engine: {}".format(engine)) except: log.err() log.msg("Failed to load dblog engine: {}".format(engine)) # Load output modules self.output_plugins = [] for x in cfg.sections(): if not x.startswith('output_'): continue engine = x.split('_')[1] try: output = __import__('cowrie.output.{}'.format(engine), globals(), locals(), ['output']).Output(cfg) log.addObserver(output.emit) self.output_plugins.append(output) log.msg("Loaded output engine: {}".format(engine)) except ImportError as e: log.err( "Failed to load output engine: {} due to ImportError: {}". format(engine, e)) log.msg( "Please install the dependencies for {} listed in requirements-output.txt" .format(engine)) except Exception: log.err() log.msg("Failed to load output engine: {}".format(engine)) topService = service.MultiService() application = service.Application('cowrie') topService.setServiceParent(application) if enableSSH: factory = cowrie.ssh.factory.CowrieSSHFactory(cfg) factory.tac = self factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg)) factory.portal.registerChecker( core.checkers.HoneypotPublicKeyChecker()) factory.portal.registerChecker( core.checkers.HoneypotPasswordChecker(cfg)) if cfg.has_option('honeypot', 'auth_none_enabled') and \ cfg.getboolean('honeypot', 'auth_none_enabled') == True: factory.portal.registerChecker( core.checkers.HoneypotNoneChecker()) if cfg.has_section('ssh'): listen_endpoints = get_endpoints_from_section(cfg, 'ssh', 22) else: listen_endpoints = get_endpoints_from_section( cfg, 'honeypot', 22) create_endpoint_services(reactor, topService, listen_endpoints, factory) if enableTelnet: f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg) f.tac = self f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg)) f.portal.registerChecker( core.checkers.HoneypotPasswordChecker(cfg)) listen_endpoints = get_endpoints_from_section(cfg, 'telnet', 23) create_endpoint_services(reactor, topService, listen_endpoints, f) return topService
def setUp(self): self.sparent = service.MultiService() self.sparent.startService()
def makeService(config): s = appservice.MultiService() conf = inetdconf.InetdConf() with open(config['file']) as f: conf.parseFile(f) for service in conf.services: protocol = service.protocol if service.protocol.startswith('rpc/'): log.msg('Skipping rpc service due to lack of rpc support') continue if (protocol, service.socketType) not in [('tcp', 'stream'), ('udp', 'dgram')]: log.msg('Skipping unsupported type/protocol: %s/%s' % (service.socketType, service.protocol)) continue # Convert the username into a uid (if necessary) try: service.user = int(service.user) except ValueError: try: service.user = pwd.getpwnam(service.user)[2] except KeyError: log.msg('Unknown user: '******'s primary group service.group = pwd.getpwuid(service.user)[3] else: try: service.group = int(service.group) except ValueError: try: service.group = grp.getgrnam(service.group)[2] except KeyError: log.msg('Unknown group: ' + service.group) continue if service.program == 'internal': if config['nointernal']: continue # Internal services can use a standard ServerFactory if service.name not in inetd.internalProtocols: log.msg('Unknown internal service: ' + service.name) continue factory = ServerFactory() factory.protocol = inetd.internalProtocols[service.name] else: factory = inetd.InetdFactory(service) if protocol == 'tcp': internet.TCPServer(service.port, factory).setServiceParent(s) elif protocol == 'udp': raise RuntimeError("not supporting UDP") return s
def __init__(self): usage.Options.__init__(self) self.service = service.MultiService() self['logfile'] = None self['loglevel'] = logging.DEBUG self['config'] = None
def setUp(self): self.s = service.MultiService() self.s.startService()
def testMultiService(self): self.assert_(service.IService.providedBy(service.MultiService())) self.assert_(service.IServiceCollection.providedBy(service.MultiService()))
def makeService(self, options: Dict) -> service.Service: """ Construct a TCPServer from a factory defined in Cowrie. """ if options["help"] is True: print("""Usage: twistd [options] cowrie [-h] Options: -h, --help print this help message. Makes a Cowrie SSH/Telnet honeypot. """) sys.exit(1) if os.name == "posix" and os.getuid() == 0: print("ERROR: You must not run cowrie as root!") sys.exit(1) tz: str = CowrieConfig.get("honeypot", "timezone", fallback="UTC") # `system` means use the system time zone if tz != "system": os.environ["TZ"] = tz log.msg("Python Version {}".format(str(sys.version).replace("\n", ""))) log.msg("Twisted Version {}.{}.{}".format( __twisted_version__.major, __twisted_version__.minor, __twisted_version__.micro, )) log.msg("Cowrie Version {}.{}.{}".format( __cowrie_version__.major, __cowrie_version__.minor, __cowrie_version__.micro, )) # check configurations if not self.enableTelnet and not self.enableSSH and not self.pool_only: print( "ERROR: You must at least enable SSH or Telnet, or run the backend pool" ) sys.exit(1) # Load output modules self.output_plugins = [] for x in CowrieConfig.sections(): if not x.startswith("output_"): continue if CowrieConfig.getboolean(x, "enabled") is False: continue engine: str = x.split("_")[1] try: output = __import__(f"cowrie.output.{engine}", globals(), locals(), ["output"]).Output() log.addObserver(output.emit) self.output_plugins.append(output) log.msg(f"Loaded output engine: {engine}") except ImportError as e: log.err( f"Failed to load output engine: {engine} due to ImportError: {e}" ) log.msg( f"Please install the dependencies for {engine} listed in requirements-output.txt" ) except Exception: log.err() log.msg(f"Failed to load output engine: {engine}") self.topService = service.MultiService() application = service.Application("cowrie") self.topService.setServiceParent(application) # initialise VM pool handling - only if proxy AND pool set to enabled, and pool is to be deployed here # or also enabled if pool_only is true backend_type: str = CowrieConfig.get("honeypot", "backend", fallback="shell") proxy_backend: str = CowrieConfig.get("proxy", "backend", fallback="simple") if (backend_type == "proxy" and proxy_backend == "pool") or self.pool_only: # in this case we need to set some kind of pool connection local_pool: bool = (CowrieConfig.get("proxy", "pool", fallback="local") == "local") pool_host: str = CowrieConfig.get("proxy", "pool_host", fallback="127.0.0.1") pool_port: int = CowrieConfig.getint("proxy", "pool_port", fallback=6415) if local_pool or self.pool_only: # start a pool locally f = PoolServerFactory() f.tac = self listen_endpoints = get_endpoints_from_section( CowrieConfig, "backend_pool", 6415) create_endpoint_services(reactor, self.topService, listen_endpoints, f) pool_host = "127.0.0.1" # force use of local interface # either way (local or remote) we set up a client to the pool # unless this instance has no SSH and Telnet (pool only) if (self.enableTelnet or self.enableSSH) and not self.pool_only: self.pool_handler = PoolHandler(pool_host, pool_port, self) # type: ignore else: # we initialise the services directly self.pool_ready() return self.topService
def testParent(self): s = service.Service() p = service.MultiService() s.setServiceParent(p) self.assertEqual(list(p), [s]) self.assertEqual(s.parent, p)
self.write("<h1>Not Found</h1>Sorry, no such page.") self.finish() class MyHttp(http.HTTPChannel): requestFactory = MyRequestHandler class MyHttpFactory(http.HTTPFactory): protocol = MyHttp # configuration parameters port = 10000 listen_ip = 'localhost' # this will hold the services that combine to form the poetry server top_service = service.MultiService() # the tcp service connects the factory to a listening socket. it will # create the listening socket when it is started factory = MyHttpFactory() tcp_service = internet.TCPServer(port, factory, interface=listen_ip) tcp_service.setServiceParent(top_service) # this variable has to be named 'application' application = service.Application("simple_http") # this hooks the collection we made to the application top_service.setServiceParent(application)
def makeService(config): s = appservice.MultiService() conf = inetdconf.InetdConf() conf.parseFile(open(config['file'])) rpcConf = inetdconf.RPCServicesConf() try: rpcConf.parseFile(open(config['rpc'])) except: # We'll survive even if we can't read /etc/rpc log.deferr() for service in conf.services: rpc = service.protocol.startswith('rpc/') protocol = service.protocol if rpc and not rpcOk: log.msg('Skipping rpc service due to lack of rpc support') continue if rpc: # RPC has extra options, so extract that protocol = protocol[4:] # trim 'rpc/' if not protocolDict.has_key(protocol): log.msg('Bad protocol: ' + protocol) continue try: name, rpcVersions = service.name.split('/') except ValueError: log.msg('Bad RPC service/version: ' + service.name) continue if not rpcConf.services.has_key(name): log.msg('Unknown RPC service: ' + repr(service.name)) continue try: if '-' in rpcVersions: start, end = map(int, rpcVersions.split('-')) rpcVersions = range(start, end+1) else: rpcVersions = [int(rpcVersions)] except ValueError: log.msg('Bad RPC versions: ' + str(rpcVersions)) continue if (protocol, service.socketType) not in [('tcp', 'stream'), ('udp', 'dgram')]: log.msg('Skipping unsupported type/protocol: %s/%s' % (service.socketType, service.protocol)) continue # Convert the username into a uid (if necessary) try: service.user = int(service.user) except ValueError: try: service.user = pwd.getpwnam(service.user)[2] except KeyError: log.msg('Unknown user: '******'s primary group service.group = pwd.getpwuid(service.user)[3] else: try: service.group = int(service.group) except ValueError: try: service.group = grp.getgrnam(service.group)[2] except KeyError: log.msg('Unknown group: ' + service.group) continue if service.program == 'internal': if config['nointernal']: continue # Internal services can use a standard ServerFactory if not inetd.internalProtocols.has_key(service.name): log.msg('Unknown internal service: ' + service.name) continue factory = ServerFactory() factory.protocol = inetd.internalProtocols[service.name] elif rpc: i = RPCServer(rpcVersions, rpcConf, proto, service) i.setServiceParent(s) continue else: # Non-internal non-rpc services use InetdFactory factory = inetd.InetdFactory(service) if protocol == 'tcp': internet.TCPServer(service.port, factory).setServiceParent(s) elif protocol == 'udp': raise RuntimeError("not supporting UDP") return s