def test_command_cd(self): sessions = {} options = {'enabled': 'True', 'port': 0, 'protocol_specific_data': {'max_attempts': 3}, 'users': {'test': 'test'}} cap = hive_telnet.Telnet(sessions, options, self.work_dir) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() bee_info = { 'timing': 'regular', 'username': '******', 'password': '******', 'port': srv.server_port, 'server': '127.0.0.1' } beesessions = {} BaitSession.client_id = 'f51171df-c8f6-4af4-86c0-f4e163cf69e8' current_bait = bee_telnet.telnet(beesessions, bee_info) current_bait.connect() current_bait.login(bee_info['username'], bee_info['password']) # Command: cd self.assertEquals('/', current_bait.state['working_dir']) current_bait.cd('/var') self.assertEquals('/var', current_bait.state['working_dir'])
def test_login(self): """Tests if the Telnet bait can Login to the Telnet capability""" sessions = {} options = {'enabled': 'True', 'port': 0, 'protocol_specific_data': {'max_attempts': 3}, 'users': {'test': 'test'}} cap = hive_telnet.Telnet(sessions, options, self.work_dir) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() bee_info = { 'timing': 'regular', 'username': '******', 'password': '******', 'port': srv.server_port, 'server': '127.0.0.1' } beesessions = {} BaitSession.client_id = 'f51171df-c8f6-4af4-86c0-f4e163cf69e8' current_bee = bee_telnet.telnet(beesessions, bee_info) current_bee.connect() current_bee.login(bee_info['username'], bee_info['password']) srv.stop()
def test_command_list(self): sessions = {} options = {'enabled': 'True', 'port': 0, 'protocol_specific_data': {'max_attempts': 3}, 'users': {'test': 'test'}} cap = hive_telnet.Telnet(sessions, options, self.work_dir) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() bee_info = { 'timing': 'regular', 'username': '******', 'password': '******', 'port': srv.server_port, 'server': '127.0.0.1', 'honeypot_id': '1234' } beesessions = {} BaitSession.client_id = 'f51171df-c8f6-4af4-86c0-f4e163cf69e8' current_bee = bee_telnet.telnet(beesessions, bee_info) current_bee.connect() current_bee.login(bee_info['username'], bee_info['password']) resp = current_bee.ls() self.assertTrue('var' in resp)
def test_validate_senses(self): options = { 'enabled': 'True', 'port': 0, 'protocol_specific_data': { 'max_attempts': 3 }, 'users': { 'test': 'test' } } cap = honeypot_telnet.Telnet(options, self.work_dir) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() bait_info = { 'timing': 'regular', 'username': '******', 'password': '******', 'port': srv.server_port, 'server': '127.0.0.1' } BaitSession.client_id = 'f51171df-c8f6-4af4-86c0-f4e163cf69e8' current_bee = bee_telnet.Telnet(bait_info) for s in current_bee.senses: sense = getattr(current_bee, s) self.assertTrue(callable(sense))
def test_invalid_login(self): """Tests if telnet server responds correctly to a invalid login attempt.""" # curses dependency in the telnetserver need a STDOUT with file descriptor. sys.stdout = tempfile.TemporaryFile() # initialize capability and start tcp server options = { 'enabled': 'True', 'port': 2503, 'protocol_specific_data': { 'max_attempts': 3 }, 'users': { 'test': 'test' } } cap = telnet.Telnet(options, self.work_dir) server = StreamServer(('0.0.0.0', 2503), cap.handle_session) server.start() client = telnetlib.Telnet('localhost', 2503) # set this to 1 if having problems with this test client.set_debuglevel(0) # this disables all command negotiation. client.set_option_negotiation_callback(self.cb) #Expect username as first output reply = client.read_until('Username: '******'Username: '******'someuser' + '\r\n') reply = client.read_until('Password: '******'Password: '******'somepass' + '\r\n') reply = client.read_until('Invalid username/password\r\nUsername: '******'Invalid username/password\r\nUsername: ')) server.stop()
def test_commands(self): """Tests the telnet commands""" # curses dependency in the telnetserver need a STDOUT with file descriptor. sys.stdout = tempfile.TemporaryFile() # initialize capability and start tcp server options = { 'enabled': 'True', 'port': 0, 'protocol_specific_data': { 'banner': 'Test', 'max_attempts': 3 }, 'users': { 'test': 'test' } } cap = telnet.Telnet(options, self.work_dir) server = StreamServer(('0.0.0.0', 0), cap.handle_session) server.start() client = telnetlib.Telnet('localhost', server.server_port) # set this to 1 if having problems with this test client.set_debuglevel(0) # this disables all command negotiation. client.set_option_negotiation_callback(self.cb) #Expect username as first output reply = client.read_until('Username: '******'Username: '******'test' + '\r\n') reply = client.read_until('Password: '******'Password: '******'test' + '\r\n') reply = client.read_until('$ ', 5) self.assertTrue(reply.endswith('$ ')) # Command: ls client.write('ls -l' + '\r\n') reply = client.read_until('$ ', 5) self.assertTrue( reply.startswith('ls -l\r\n')) # The server must echo the command. self.assertTrue(reply.endswith('$ ')) # Command: echo client.write('echo this test is so cool' + '\r\n') reply = client.read_until('$ ', 5) self.assertTrue(reply.startswith('echo ')) self.assertTrue('this test is so cool' in reply) self.assertTrue(reply.endswith('$ ')) # Command: cd client.write('cd var' + '\r\n') reply = client.read_until('$ ', 5) self.assertTrue(reply.startswith('cd ')) self.assertTrue(reply.endswith('$ ')) # Command: pwd client.write('pwd' + '\r\n') reply = client.read_until('$ ', 5) self.assertTrue(reply.startswith('pwd')) self.assertTrue('/var' in reply) # Since we have done 'cd var' before self.assertTrue(reply.endswith('$ ')) # Command: uname client.write('uname -a' + '\r\n') reply = client.read_until('$ ', 5) self.assertTrue(reply.startswith('uname ')) self.assertTrue(reply.endswith('$ ')) # Command: cat client.write('cat /var/www/index.html' + '\r\n') reply = client.read_until('$ ', 5) self.assertTrue(reply.startswith('cat ')) self.assertTrue( '</html>' in reply) # Make sure we have received the complete file self.assertTrue(reply.endswith('$ ')) # Command: uptime client.write('uptime' + '\r\n') reply = client.read_until('$ ', 5) self.assertTrue(reply.startswith('uptime')) self.assertTrue(reply.endswith('$ ')) # Command: sudo client.write('sudo service network restart' + '\r\n') reply = client.read_until('$ ', 5) self.assertTrue(reply.startswith('sudo')) self.assertTrue('Sorry' in reply) self.assertTrue(reply.endswith('$ ')) server.stop()