def start(self):
"""
Starts sending client bees to the configured Honeypot.
"""
logger.info('Starting client.')
sessions = {}
# greenlet to consume and maintain data in sessions list
self.sessions_consumer = Consumer(sessions, self.config, self.my_ip)
gevent.spawn(self.sessions_consumer.start_handling)
self.dispatcher_greenlets = []
for honeypot_id, entry in self.config['baits'].items():
for b in clientbase.ClientBase.__subclasses__():
bait_name = b.__name__.lower()
# if the bait has a entry in the config we consider the bait enabled
if bait_name in entry:
bait_options = entry[bait_name]
#bait_session = b(sessions, bait_options)
dispatcher = BaitDispatcher(sessions, b, bait_options)
dispatcher.start()
self.dispatcher_greenlets.append(dispatcher)
logger.info('Adding {0} bait'.format(bait_name))
logger.debug(
'Bait added with options: {0}'.format(bait_options))
gevent.joinall(self.dispatcher_greenlets)
def test_logging_not_done_bee(self):
"""
Tests that the consumer does not process bait sessions that are not marked as done.
"""
sessions = {}
BaitSession.client_id = "dummy_client_id"
BaitSession.honeypot_id = "dummy_hive_id"
beesession = BaitSession("telnet", "123", "1234", "4321")
beesession.alldone = False
sessions[beesession.id] = beesession
# mock a dummy logger
dummy_logger = DummyLogger()
log_mock = Mock()
dummy_logger.log = log_mock
consumer = Consumer(sessions, {}, "")
consumer.logger = dummy_logger
gevent.spawn(consumer.start_handling)
# forcing cooperative yield.
gevent.sleep(0)
# assert that the log method was not called
self.assertFalse(log_mock.called)
# assert that we still has a single item in the queue
self.assertEquals(len(sessions), 1)
consumer.stop_handling()
def test_logging_done_bee(self):
"""
Tests that the consumer calls a logger class and that the beesession is removed
from the queue afterwards.
"""
sessions = {}
BaitSession.client_id = "dummy_client_id"
BaitSession.honeypot_id = "dummy_hive_id"
beesession = BaitSession("telnet", "1234", "4321", "123")
beesession.alldone = True
sessions[beesession.id] = beesession
# mock a dummy logger
dummy_logger = DummyLogger()
log_mock = Mock()
dummy_logger.log = log_mock
consumer = Consumer(sessions, {}, "")
# inject the dummy logger into the consumer
consumer.logger = dummy_logger
gevent.spawn(consumer.start_handling)
# forcing cooperative yield.
gevent.sleep(0)
# assert that the log method of the logger object was called with beesession as parameter.
dummy_logger.log.assert_called_once_with(beesession)
# assert that the beesession was removed from the queue
self.assertEquals(len(sessions), 0)
consumer.stop_handling()
def test_logging_not_done_bee(self):
"""
Tests that the consumer does not process bait sessions that are not marked as done.
"""
sessions = {}
BaitSession.client_id = 'dummy_client_id'
BaitSession.honeypot_id = 'dummy_hive_id'
beesession = BaitSession('telnet', '123', '1234', '4321')
beesession.alldone = False
sessions[beesession.id] = beesession
# mock a dummy logger
dummy_logger = DummyLogger()
log_mock = Mock()
dummy_logger.log = log_mock
consumer = Consumer(sessions, {}, '')
consumer.logger = dummy_logger
gevent.spawn(consumer.start_handling)
# forcing cooperative yield.
gevent.sleep(0)
#assert that the log method was not called
self.assertFalse(log_mock.called)
#assert that we still has a single item in the queue
self.assertEquals(len(sessions), 1)
consumer.stop_handling()
def test_logging_done_bee(self):
"""
Tests that the consumer calls a logger class and that the beesession is removed
from the queue afterwards.
"""
sessions = {}
BaitSession.client_id = 'dummy_client_id'
BaitSession.honeypot_id = 'dummy_hive_id'
beesession = BaitSession('telnet', '1234', '4321', '123')
beesession.alldone = True
sessions[beesession.id] = beesession
# mock a dummy logger
dummy_logger = DummyLogger()
log_mock = Mock()
dummy_logger.log = log_mock
consumer = Consumer(sessions, {}, '')
# inject the dummy logger into the consumer
consumer.logger = dummy_logger
gevent.spawn(consumer.start_handling)
#forcing cooperative yield.
gevent.sleep(0)
#assert that the log method of the logger object was called with beesession as parameter.
dummy_logger.log.assert_called_once_with(beesession)
#assert that the beesession was removed from the queue
self.assertEquals(len(sessions), 0)
consumer.stop_handling()
def start(self):
"""
Starts sending client bees to the configured Honeypot.
"""
logger.info('Starting client.')
sessions = {}
# greenlet to consume and maintain data in sessions list
self.sessions_consumer = Consumer(sessions, self.config, self.my_ip)
gevent.spawn(self.sessions_consumer.start_handling)
self.dispatcher_greenlets = []
for honeypot_id, entry in self.config['baits'].items():
for b in clientbase.ClientBase.__subclasses__():
bait_name = b.__name__.lower()
# if the bait has a entry in the config we consider the bait enabled
if bait_name in entry:
bait_options = entry[bait_name]
#bait_session = b(sessions, bait_options)
dispatcher = BaitDispatcher(sessions, b, bait_options)
dispatcher.start()
self.dispatcher_greenlets.append(dispatcher)
logger.info('Adding {0} bait'.format(bait_name))
logger.debug('Bait added with options: {0}'.format(bait_options))
gevent.joinall(self.dispatcher_greenlets)
def test_logging_done_bee(self):
"""
Tests that the consumer calls a logger class and that the beesession is removed
from the queue afterwards.
"""
sessions = {}
BaitSession.client_id = 'dummy_client_id'
BaitSession.honeypot_id = 'dummy_hive_id'
beesession = BaitSession('telnet', '1234', '4321', '123')
beesession.alldone = True
sessions[beesession.id] = beesession
#mock a dummy logger
dummy_logger = LoggerBase({})
log_mock = Mock()
dummy_logger.log = log_mock
status = {
'mode': 'Client',
'total_bees': 0,
'active_bees': 0,
'enabled_bees': [],
'client_id': uuid.uuid4(),
'managment_url': '',
'ip_address': '127.0.0.1'
}
consumer = Consumer(sessions, {}, status)
#inject the dummy logger into the consumer
consumer.active_loggers = [dummy_logger]
gevent.spawn(consumer.start_handling)
#forcing cooperative yield.
gevent.sleep(0)
#assert that the log method of the logger object was called with beesession as parameter.
dummy_logger.log.assert_called_once_with(beesession)
#assert that the beesession was removed from the queue
self.assertEquals(len(sessions), 0)
consumer.stop_handling()
def test_logging_not_done_bee(self):
"""
Tests that the consumer does not process bait sessions that are not marked as done.
"""
sessions = {}
BaitSession.client_id = 'dummy_client_id'
BaitSession.honeypot_id = 'dummy_hive_id'
beesession = BaitSession('telnet', '123', '1234', '4321')
beesession.alldone = False
sessions[beesession.id] = beesession
#mock a dummy logger
dummy_logger = LoggerBase({})
log_mock = Mock()
dummy_logger.log = log_mock
status = {
'mode': 'Client',
'total_bees': 0,
'active_bees': 0,
'enabled_bees': [],
'client_id': uuid.uuid4(),
'managment_url': '',
'ip_address': '127.0.0.1'
}
consumer = Consumer(sessions, {}, status)
consumer.active_loggers = [dummy_logger]
gevent.spawn(consumer.start_handling)
#forcing cooperative yield.
gevent.sleep(0)
#assert that the log method was not called
self.assertFalse(log_mock.called)
#assert that we still has a single item in the queue
self.assertEquals(len(sessions), 1)
consumer.stop_handling()
class Client(object):
def __init__(self, work_dir, config):
"""
Main class which runs Beeswarm in Client mode.
:param work_dir: Working directory (usually the current working directory)
:param config_arg: Beeswarm configuration dictionary.
"""
self.run_flag = True
# maps honeypot id to IP
self.honeypot_map = {}
with open('beeswarmcfg.json', 'r') as config_file:
self.config = json.load(config_file, object_hook=asciify)
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
BaitSession.client_id = self.config['general']['id']
if self.config['general']['fetch_ip']:
self.my_ip = urllib2.urlopen(
'http://api-sth01.exip.org/?call=ip').read()
logger.info('Fetched {0} as my external ip.'.format(self.my_ip))
else:
self.my_ip = get_most_likely_ip()
self.dispatcher_greenlets = []
def start(self):
"""
Starts sending client bees to the configured Honeypot.
"""
logger.info('Starting client.')
sessions = {}
# greenlet to consume and maintain data in sessions list
self.sessions_consumer = Consumer(sessions, self.config, self.my_ip)
gevent.spawn(self.sessions_consumer.start_handling)
self.dispatcher_greenlets = []
for honeypot_id, entry in self.config['baits'].items():
for b in clientbase.ClientBase.__subclasses__():
bait_name = b.__name__.lower()
# if the bait has a entry in the config we consider the bait enabled
if bait_name in entry:
bait_options = entry[bait_name]
#bait_session = b(sessions, bait_options)
dispatcher = BaitDispatcher(sessions, b, bait_options)
dispatcher.start()
self.dispatcher_greenlets.append(dispatcher)
logger.info('Adding {0} bait'.format(bait_name))
logger.debug(
'Bait added with options: {0}'.format(bait_options))
gevent.joinall(self.dispatcher_greenlets)
def stop(self):
"""
Stop sending bait sessions.
"""
for g in self.dispatcher_greenlets:
g.kill()
self.sessions_consumer.stop_handling()
logger.info('All clients stopped')
class Client(object):
def __init__(self, work_dir, config):
"""
Main class which runs Beeswarm in Client mode.
:param work_dir: Working directory (usually the current working directory)
:param config_arg: Beeswarm configuration dictionary.
"""
self.run_flag = True
# maps honeypot id to IP
self.honeypot_map = {}
with open('beeswarmcfg.json', 'r') as config_file:
self.config = json.load(config_file, object_hook=asciify)
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
BaitSession.client_id = self.config['general']['id']
if self.config['general']['fetch_ip']:
self.my_ip = urllib2.urlopen('http://api-sth01.exip.org/?call=ip').read()
logger.info('Fetched {0} as my external ip.'.format(self.my_ip))
else:
self.my_ip = get_most_likely_ip()
self.dispatcher_greenlets = []
def start(self):
"""
Starts sending client bees to the configured Honeypot.
"""
logger.info('Starting client.')
sessions = {}
# greenlet to consume and maintain data in sessions list
self.sessions_consumer = Consumer(sessions, self.config, self.my_ip)
gevent.spawn(self.sessions_consumer.start_handling)
self.dispatcher_greenlets = []
for honeypot_id, entry in self.config['baits'].items():
for b in clientbase.ClientBase.__subclasses__():
bait_name = b.__name__.lower()
# if the bait has a entry in the config we consider the bait enabled
if bait_name in entry:
bait_options = entry[bait_name]
#bait_session = b(sessions, bait_options)
dispatcher = BaitDispatcher(sessions, b, bait_options)
dispatcher.start()
self.dispatcher_greenlets.append(dispatcher)
logger.info('Adding {0} bait'.format(bait_name))
logger.debug('Bait added with options: {0}'.format(bait_options))
gevent.joinall(self.dispatcher_greenlets)
def stop(self):
"""
Stop sending bait sessions.
"""
for g in self.dispatcher_greenlets:
g.kill()
self.sessions_consumer.stop_handling()
logger.info('All clients stopped')