def set_client_mode(drone_id): db_session = database_setup.get_session() drone = db_session.query(Drone).filter(Drone.id == drone_id).one() if drone is None or drone.discriminator != 'client': # meh, better way do do this? db_session.delete(drone) db_session.commit() client = Client(id=drone_id) client.ip_address = drone.ip_address db_session.add(client) db_session.commit() return '' else: return ''
def setUp(self): self.password = '******' app.ensure_admin_password(True, password=self.password) app.app.config['WTF_CSRF_ENABLED'] = False self.work_dir = tempfile.mkdtemp() beeswarm.shared.zmq_context = zmq.Context() fd, self.db_file = tempfile.mkstemp() os.close(fd) connection_string = 'sqlite:///{0}'.format(self.db_file) os.remove(self.db_file) database.setup_db(connection_string) self.config_actor = ConfigActor( os.path.join(os.path.dirname(__file__), 'beeswarmcfg.json.test'), self.work_dir) self.config_actor.start() # seed database with test data session = database.get_session() session.add_all([Client(), Honeypot()]) session.commit() # startup session database self.database_actor = DatabaseActor(999, delay_seconds=2) self.database_actor.start() self.app = app.app.test_client() app.connect_sockets()
def setUp(self): app.app.config['WTF_CSRF_ENABLED'] = False self.work_dir = tempfile.mkdtemp() self.config_actor = ConfigActor( os.path.join(os.path.dirname(__file__), 'beeswarmcfg.json.test'), self.work_dir) self.config_actor.start() self.app = app.app.test_client() self.authenticator = Authenticator() database.setup_db('sqlite://') session = database.get_session() # dummy entities self.authenticator.add_user('test', 'test', 0) self.client_id = str(uuid.uuid4()) self.client_password = str(uuid.uuid4()) self.authenticator.add_user(self.client_id, self.client_password, 2) self.honeypot_id = str(uuid.uuid4()) self.honeypot_password = str(uuid.uuid4()) self.authenticator.add_user(self.honeypot_id, self.honeypot_password, 1) session.add_all([ Client(id=self.client_id, configuration='test_client_config'), Honeypot(id=self.honeypot_id, configuration='test_honeypot_config') ]) session.commit()
def _config_client(self, drone, db_session, config): if drone.discriminator != 'client': # meh, better way do do this? # TODO: this cascade delete sessions, find a way to maintain sessions for deleted drones. ip_address = drone.ip_address drone_id = drone.id db_session.delete(drone) db_session.commit() drone = Client(id=drone_id) drone.ip_address = ip_address db_session.add(drone) db_session.commit() drone.bait_timings = json.dumps(config['bait_timings']) drone.name = config['name'] db_session.add(drone) db_session.commit() self._handle_command_drone_config_changed(drone.id)
def populate_clients(self): """ Populates the database with 4 clients """ db_session = database.get_session() self.clients = [] for i in xrange( 4): # We add 4 here, but one is added in the setup method f = Client() self.clients.append(f.id) db_session.add(f) db_session.commit()
def populate_clients(self): """ Populates the database with 4 clients """ db_session = database.get_session() self.clients = [] for i in xrange( 4): # We add 4 here, but one is added in the setup method curr_id = str(uuid.uuid4()) curr_id = curr_id.encode('utf-8') self.clients.append(curr_id) f = Client(id=curr_id) db_session.add(f) db_session.commit()
def fill_dummy_data(): """ Populates the server data with dummy data to ease development. """ db_session = database_setup.get_session() protocols = [('pop3', 110), ('ssh', 22), ('telnet', 23), ('ftp', 21), ('http', 80)] source_ips = ('192.168.1.2', '192.168.2.3', '192.168.3.4', '192.168.4.5') honeypots = [Honeypot(id=str(uuid.uuid4()))] client = [Client(id=str(uuid.uuid4()))] sessions = [] authentications = [] while len(sessions) < 100: session = BaitSession(id=str(uuid.uuid4()), timestamp=datetime.now(), source_ip=random.choice(source_ips), source_port=random.randint(1024, 65535), destination_ip='4.3.2.1', destination_port='1111') session.protocol, session.destination_port = random.choice(protocols) session.honeypot = random.choice(honeypots) session.client = random.choice(client) session.classification = db_session.query(Classification).filter( Classification.type == 'bait_session').one() username = ''.join(random.choice(string.lowercase) for x in range(8)) password = ''.join(random.choice(string.lowercase) for x in range(8)) authentication = Authentication(id=str(uuid.uuid4()), username=username, password=password) session.authentication.append(authentication) for x in range(10): data = ''.join(random.choice(string.lowercase) for x in range(15)) direction = ('in', 'out')[x % 2] transcript = Transcript(timestamp=datetime.now(), direction=direction, data=data) session.transcript.append(transcript) authentications.append(authentication) sessions.append(session) while len(sessions) < 200: session = Session(id=str(uuid.uuid4()), timestamp=datetime.now(), source_ip=random.choice(source_ips), source_port=random.randint(1024, 65535), destination_ip='4.3.2.1', destination_port='1111') session.protocol, session.destination_port = random.choice(protocols) session.honeypot = random.choice(honeypots) session.classification = db_session.query(Classification).filter( Classification.type == 'credentials_reuse').one() username = ''.join(random.choice(string.lowercase) for x in range(8)) password = ''.join(random.choice(string.lowercase) for x in range(8)) authentication = Authentication(id=str(uuid.uuid4()), username=username, password=password) session.authentication.append(authentication) authentications.append(authentication) sessions.append(session) db_session.add_all(authentications) db_session.add_all(sessions) db_session.add_all(honeypots) db_session.add_all(client) db_session.commit()
def populate_bait(self, honeypot_first): honeypot_id = 1 client_id = 2 honeypot = Honeypot(id=honeypot_id) client = Client(id=client_id) db_session = database_setup.get_session() db_session.add(honeypot) db_session.add(client) db_session.commit() drone_data_socket = beeswarm.shared.zmq_context.socket(zmq.PUB) drone_data_socket.bind(SocketNames.DRONE_DATA.value) config_file = tempfile.mkstemp()[1] os.remove(config_file) # persistence actor needs to communicate with on config REQ/REP socket config_actor = ConfigActor(config_file, '') config_actor.start() # startup session database database_actor = DatabaseActor(999, delay_seconds=2) database_actor.start() gevent.sleep(1) BaitSession.client_id = client_id honeypot_session = HoneypotSession(source_ip='192.168.100.22', source_port=52311, protocol='pop3', users={}, destination_port=110) honeypot_session.add_auth_attempt('plaintext', True, username='******', password='******') honeypot_session.honeypot_id = honeypot_id bait_session = BaitSession('pop3', '1234', 110, honeypot_id) bait_session.add_auth_attempt('plaintext', True, username='******', password='******') bait_session.honeypot_id = honeypot_id bait_session.did_connect = bait_session.did_login = bait_session.alldone = bait_session.did_complete = True if honeypot_first: drone_data_socket.send('{0} {1} {2}'.format( Messages.SESSION_HONEYPOT.value, honeypot_id, json.dumps(honeypot_session.to_dict(), default=json_default, ensure_ascii=False))) drone_data_socket.send('{0} {1} {2}'.format( Messages.SESSION_CLIENT.value, client_id, json.dumps(bait_session.to_dict(), default=json_default, ensure_ascii=False))) else: drone_data_socket.send('{0} {1} {2}'.format( Messages.SESSION_CLIENT.value, client_id, json.dumps(bait_session.to_dict(), default=json_default, ensure_ascii=False))) drone_data_socket.send('{0} {1} {2}'.format( Messages.SESSION_HONEYPOT.value, honeypot_id, json.dumps(honeypot_session.to_dict(), default=json_default, ensure_ascii=False))) # some time for the session actor to work gevent.sleep(2) config_actor.stop() database_actor.stop() if os.path.isfile(config_file): os.remove(config_file)