Example #1
0
def set_client_mode(drone_id):
    db_session = database_setup.get_session()
    drone = db_session.query(Drone).filter(Drone.id == drone_id).one()
    if drone is None or drone.discriminator != 'client':
        # meh, better way do do this?
        db_session.delete(drone)
        db_session.commit()
        client = Client(id=drone_id)
        client.ip_address = drone.ip_address
        db_session.add(client)
        db_session.commit()
        return ''
    else:
        return ''
Example #2
0
def set_client_mode(drone_id):
    db_session = database_setup.get_session()
    drone = db_session.query(Drone).filter(Drone.id == drone_id).one()
    if drone is None or drone.discriminator != 'client':
        # meh, better way do do this?
        db_session.delete(drone)
        db_session.commit()
        client = Client(id=drone_id)
        client.ip_address = drone.ip_address
        db_session.add(client)
        db_session.commit()
        return ''
    else:
        return ''
Example #3
0
    def setUp(self):
        self.password = '******'
        app.ensure_admin_password(True, password=self.password)
        app.app.config['WTF_CSRF_ENABLED'] = False
        self.work_dir = tempfile.mkdtemp()
        beeswarm.shared.zmq_context = zmq.Context()
        fd, self.db_file = tempfile.mkstemp()
        os.close(fd)
        connection_string = 'sqlite:///{0}'.format(self.db_file)
        os.remove(self.db_file)
        database.setup_db(connection_string)
        self.config_actor = ConfigActor(
            os.path.join(os.path.dirname(__file__), 'beeswarmcfg.json.test'),
            self.work_dir)
        self.config_actor.start()

        # seed database with test data
        session = database.get_session()
        session.add_all([Client(), Honeypot()])
        session.commit()

        # startup session database
        self.database_actor = DatabaseActor(999, delay_seconds=2)
        self.database_actor.start()

        self.app = app.app.test_client()
        app.connect_sockets()
Example #4
0
    def setUp(self):
        app.app.config['WTF_CSRF_ENABLED'] = False
        self.work_dir = tempfile.mkdtemp()
        self.config_actor = ConfigActor(
            os.path.join(os.path.dirname(__file__), 'beeswarmcfg.json.test'),
            self.work_dir)
        self.config_actor.start()
        self.app = app.app.test_client()
        self.authenticator = Authenticator()

        database.setup_db('sqlite://')
        session = database.get_session()

        # dummy entities
        self.authenticator.add_user('test', 'test', 0)

        self.client_id = str(uuid.uuid4())
        self.client_password = str(uuid.uuid4())
        self.authenticator.add_user(self.client_id, self.client_password, 2)

        self.honeypot_id = str(uuid.uuid4())
        self.honeypot_password = str(uuid.uuid4())
        self.authenticator.add_user(self.honeypot_id, self.honeypot_password,
                                    1)

        session.add_all([
            Client(id=self.client_id, configuration='test_client_config'),
            Honeypot(id=self.honeypot_id, configuration='test_honeypot_config')
        ])

        session.commit()
Example #5
0
 def _config_client(self, drone, db_session, config):
     if drone.discriminator != 'client':
         # meh, better way do do this?
         # TODO: this cascade delete sessions, find a way to maintain sessions for deleted drones.
         ip_address = drone.ip_address
         drone_id = drone.id
         db_session.delete(drone)
         db_session.commit()
         drone = Client(id=drone_id)
         drone.ip_address = ip_address
         db_session.add(drone)
         db_session.commit()
     drone.bait_timings = json.dumps(config['bait_timings'])
     drone.name = config['name']
     db_session.add(drone)
     db_session.commit()
     self._handle_command_drone_config_changed(drone.id)
Example #6
0
 def _config_client(self, drone, db_session, config):
     if drone.discriminator != 'client':
         # meh, better way do do this?
         # TODO: this cascade delete sessions, find a way to maintain sessions for deleted drones.
         ip_address = drone.ip_address
         drone_id = drone.id
         db_session.delete(drone)
         db_session.commit()
         drone = Client(id=drone_id)
         drone.ip_address = ip_address
         db_session.add(drone)
         db_session.commit()
     drone.bait_timings = json.dumps(config['bait_timings'])
     drone.name = config['name']
     db_session.add(drone)
     db_session.commit()
     self._handle_command_drone_config_changed(drone.id)
Example #7
0
    def populate_clients(self):
        """ Populates the database with 4 clients """

        db_session = database.get_session()
        self.clients = []
        for i in xrange(
                4):  # We add 4 here, but one is added in the setup method
            f = Client()
            self.clients.append(f.id)
            db_session.add(f)
        db_session.commit()
Example #8
0
    def populate_clients(self):
        """ Populates the database with 4 clients """

        db_session = database.get_session()
        self.clients = []
        for i in xrange(
                4):  # We add 4 here, but one is added in the setup method
            curr_id = str(uuid.uuid4())
            curr_id = curr_id.encode('utf-8')
            self.clients.append(curr_id)
            f = Client(id=curr_id)
            db_session.add(f)
        db_session.commit()
Example #9
0
def fill_dummy_data():
    """
    Populates the server data with dummy data to ease development.
    """

    db_session = database_setup.get_session()

    protocols = [('pop3', 110), ('ssh', 22), ('telnet', 23), ('ftp', 21),
                 ('http', 80)]
    source_ips = ('192.168.1.2', '192.168.2.3', '192.168.3.4', '192.168.4.5')

    honeypots = [Honeypot(id=str(uuid.uuid4()))]
    client = [Client(id=str(uuid.uuid4()))]
    sessions = []
    authentications = []

    while len(sessions) < 100:
        session = BaitSession(id=str(uuid.uuid4()),
                              timestamp=datetime.now(),
                              source_ip=random.choice(source_ips),
                              source_port=random.randint(1024, 65535),
                              destination_ip='4.3.2.1',
                              destination_port='1111')

        session.protocol, session.destination_port = random.choice(protocols)
        session.honeypot = random.choice(honeypots)
        session.client = random.choice(client)
        session.classification = db_session.query(Classification).filter(
            Classification.type == 'bait_session').one()

        username = ''.join(random.choice(string.lowercase) for x in range(8))
        password = ''.join(random.choice(string.lowercase) for x in range(8))
        authentication = Authentication(id=str(uuid.uuid4()),
                                        username=username,
                                        password=password)
        session.authentication.append(authentication)

        for x in range(10):
            data = ''.join(random.choice(string.lowercase) for x in range(15))
            direction = ('in', 'out')[x % 2]
            transcript = Transcript(timestamp=datetime.now(),
                                    direction=direction,
                                    data=data)
            session.transcript.append(transcript)

        authentications.append(authentication)
        sessions.append(session)

    while len(sessions) < 200:
        session = Session(id=str(uuid.uuid4()),
                          timestamp=datetime.now(),
                          source_ip=random.choice(source_ips),
                          source_port=random.randint(1024, 65535),
                          destination_ip='4.3.2.1',
                          destination_port='1111')

        session.protocol, session.destination_port = random.choice(protocols)
        session.honeypot = random.choice(honeypots)

        session.classification = db_session.query(Classification).filter(
            Classification.type == 'credentials_reuse').one()

        username = ''.join(random.choice(string.lowercase) for x in range(8))
        password = ''.join(random.choice(string.lowercase) for x in range(8))
        authentication = Authentication(id=str(uuid.uuid4()),
                                        username=username,
                                        password=password)
        session.authentication.append(authentication)

        authentications.append(authentication)
        sessions.append(session)

    db_session.add_all(authentications)
    db_session.add_all(sessions)
    db_session.add_all(honeypots)
    db_session.add_all(client)
    db_session.commit()
Example #10
0
    def populate_bait(self, honeypot_first):
        honeypot_id = 1
        client_id = 2
        honeypot = Honeypot(id=honeypot_id)
        client = Client(id=client_id)

        db_session = database_setup.get_session()
        db_session.add(honeypot)
        db_session.add(client)
        db_session.commit()

        drone_data_socket = beeswarm.shared.zmq_context.socket(zmq.PUB)
        drone_data_socket.bind(SocketNames.DRONE_DATA.value)

        config_file = tempfile.mkstemp()[1]
        os.remove(config_file)
        # persistence actor needs to communicate with on config REQ/REP socket
        config_actor = ConfigActor(config_file, '')
        config_actor.start()

        # startup session database
        database_actor = DatabaseActor(999, delay_seconds=2)
        database_actor.start()
        gevent.sleep(1)

        BaitSession.client_id = client_id

        honeypot_session = HoneypotSession(source_ip='192.168.100.22',
                                           source_port=52311,
                                           protocol='pop3',
                                           users={},
                                           destination_port=110)
        honeypot_session.add_auth_attempt('plaintext',
                                          True,
                                          username='******',
                                          password='******')
        honeypot_session.honeypot_id = honeypot_id

        bait_session = BaitSession('pop3', '1234', 110, honeypot_id)
        bait_session.add_auth_attempt('plaintext',
                                      True,
                                      username='******',
                                      password='******')
        bait_session.honeypot_id = honeypot_id
        bait_session.did_connect = bait_session.did_login = bait_session.alldone = bait_session.did_complete = True

        if honeypot_first:
            drone_data_socket.send('{0} {1} {2}'.format(
                Messages.SESSION_HONEYPOT.value, honeypot_id,
                json.dumps(honeypot_session.to_dict(),
                           default=json_default,
                           ensure_ascii=False)))
            drone_data_socket.send('{0} {1} {2}'.format(
                Messages.SESSION_CLIENT.value, client_id,
                json.dumps(bait_session.to_dict(),
                           default=json_default,
                           ensure_ascii=False)))
        else:
            drone_data_socket.send('{0} {1} {2}'.format(
                Messages.SESSION_CLIENT.value, client_id,
                json.dumps(bait_session.to_dict(),
                           default=json_default,
                           ensure_ascii=False)))
            drone_data_socket.send('{0} {1} {2}'.format(
                Messages.SESSION_HONEYPOT.value, honeypot_id,
                json.dumps(honeypot_session.to_dict(),
                           default=json_default,
                           ensure_ascii=False)))

        # some time for the session actor to work
        gevent.sleep(2)
        config_actor.stop()
        database_actor.stop()
        if os.path.isfile(config_file):
            os.remove(config_file)