def processor(self): """ processor function will be called as a new thread and will be die when kill_flag is True :return: """ new_file_handler = FileMonitor() new_file_handler.log_filename = self.log_filename new_file_handler.log_filename_dump = self.log_filename_dump new_file_handler.DIRECTORY_TO_WATCH = self.DIRECTORY_TO_WATCH new_file_handler.EXCLUDES = self.EXCLUDES new_file_handler.module_name = self.module_name thread = threading.Thread(target=new_file_handler.run, args=(), name="ftp_weak_password_processor") if os.path.exists(self.log_filename): os.remove(self.log_filename) # remove if exist from past thread.start() # Start the execution while not self.kill_flag: try: time.sleep(0.1) except Exception: pass new_file_handler.stop() terminate_thread(thread)
def load_honeypot_engine(): """ load OHP Engine Returns: True """ # print logo logo() # parse argv parser, argv_options = argv_parser() ######################################### # argv rules apply ######################################### # check help menu if argv_options.show_help_menu: parser.print_help() exit_success() # check for requirements before start check_for_requirements(argv_options.start_api_server) # check api server flag if argv_options.start_api_server: start_api_server() exit_success() # check selected modules if argv_options.selected_modules: selected_modules = list(set(argv_options.selected_modules.rsplit(","))) if "all" in selected_modules: selected_modules = load_all_modules() if "" in selected_modules: selected_modules.remove("") # if selected modules are zero if not len(selected_modules): exit_failure(messages("en", "zero_module_selected")) # if module not found for module in selected_modules: if module not in load_all_modules(): exit_failure(messages("en", "module_not_found").format(module)) # check excluded modules if argv_options.excluded_modules: excluded_modules = list(set(argv_options.excluded_modules.rsplit(","))) if "all" in excluded_modules: exit_failure("you cannot exclude all modules") if "" in excluded_modules: excluded_modules.remove("") # remove excluded modules for module in excluded_modules: if module not in load_all_modules(): exit_failure(messages("en", "module_not_found").format(module)) # ignore if module not selected, it will remove anyway try: selected_modules.remove(module) except Exception as _: del _ # if selected modules are zero if not len(selected_modules): exit_failure(messages("en", "zero_module_selected")) virtual_machine_container_reset_factory_time_seconds = argv_options. \ virtual_machine_container_reset_factory_time_seconds run_as_test = argv_options.run_as_test ######################################### # argv rules apply ######################################### # build configuration based on selected modules configuration = honeypot_configuration_builder(selected_modules) info(messages("en", "honeypot_started")) info(messages("en", "loading_modules").format(", ".join(selected_modules))) # check for conflict in real machine ports and pick new ports info("checking for conflicts in ports") configuration = conflict_ports(configuration) # stop old containers (in case they are not stopped) stop_containers(configuration) # remove old containers (in case they are not updated) remove_old_containers(configuration) # remove old images (in case they are not updated) remove_old_images(configuration) # create new images based on selected modules create_new_images(configuration) # create OWASP Honeypot networks in case not exist create_ohp_networks() # start containers based on selected modules configuration = start_containers(configuration) # start network monitoring thread new_network_events_thread = Thread(target=new_network_events, args=(configuration, ), name="new_network_events_thread") new_network_events_thread.start() info("all selected modules started: {0}".format( ", ".join(selected_modules))) bulk_events_thread = Thread(target=insert_bulk_events_from_thread, args=(), name="insert_events_in_bulk_thread") bulk_events_thread.start() # run module processors run_modules_processors(configuration) # check if it's not a test if not run_as_test: # wait forever! in case user can send ctrl + c to interrupt wait_until_interrupt( virtual_machine_container_reset_factory_time_seconds, configuration, new_network_events_thread) # kill the network events thread terminate_thread(new_network_events_thread) terminate_thread(bulk_events_thread) insert_events_in_bulk( ) # if in case any events that were not inserted from thread # stop created containers stop_containers(configuration) # stop module processor stop_modules_processors(configuration) # remove created containers remove_old_containers(configuration) # remove created images remove_old_images(configuration) # remove_tmp_directories() error: access denied! # kill all missed threads for thread in threading.enumerate()[1:]: terminate_thread(thread, False) info("finished.") # reset cmd/terminal color finish() return True
def load_honeypot_engine(): """ load OHP Engine Returns: True """ # print logo logo() # parse argv parser, argv_options = argv_parser() # check the language if argv_options.language: update_language(argv_options) ######################################### # argv rules apply ######################################### # check help menu if argv_options.show_help_menu: parser.print_help() exit_success() # check for requirements before start check_for_requirements(argv_options.start_api_server) # create indices before server start create_indices() # check api server flag if argv_options.start_api_server: start_api_server() exit_success() # Check if the script is running with sudo if not os.geteuid() == 0: exit_failure(messages['script_must_run_as_root']) # Check timeout value if provided if argv_options.timeout_value < 1: exit_failure(messages["timeout_error"]) # check selected modules if argv_options.selected_modules: selected_modules = list(set(argv_options.selected_modules.rsplit(","))) if "all" in selected_modules: selected_modules = load_all_modules() if "" in selected_modules: selected_modules.remove("") # if selected modules are zero if not len(selected_modules): exit_failure(messages["no_module_selected_error"]) # if module not found for module in selected_modules: if module not in load_all_modules(): exit_failure("module {0} not found!".format(module)) # check excluded modules if argv_options.excluded_modules: excluded_modules = list(set(argv_options.excluded_modules.rsplit(","))) if "all" in excluded_modules: exit_failure(messages["all_modules_excluded_error"]) if "" in excluded_modules: excluded_modules.remove("") # remove excluded modules for module in excluded_modules: if module not in load_all_modules(): exit_failure("module {0} not found!".format(module)) # ignore if module not selected, it will remove anyway try: selected_modules.remove(module) except Exception: pass # if selected modules are zero if not len(selected_modules): exit_failure(messages["no_module_selected_error"]) virtual_machine_container_reset_factory_time_seconds = argv_options. \ virtual_machine_container_reset_factory_time_seconds run_as_test = argv_options.run_as_test ######################################### # argv rules apply ######################################### # build configuration based on selected modules configuration = honeypot_configuration_builder(selected_modules) # Set network configuration network_config = set_network_configuration(argv_options) info(messages["start_message"]) info(messages["loading_modules"].format(", ".join(selected_modules))) # check for conflict in real machine ports and pick new ports info(messages["check_for_port_conflicts"]) configuration = conflict_ports(configuration) # stop old containers (in case they are not stopped) stop_containers(configuration) # remove old containers (in case they are not updated) remove_old_containers(configuration) # remove old images (in case they are not updated) remove_old_images(configuration) # create new images based on selected modules create_new_images(configuration) # create OWASP Honeypot networks in case not exist create_ohp_networks() # start containers based on selected modules configuration = start_containers(configuration) # network capture process mp.set_start_method('spawn') # Event queues honeypot_events_queue = mp.Queue() network_events_queue = mp.Queue() # start a new process for network capture network_traffic_capture_process = mp.Process( target=network_traffic_capture, args=( configuration, honeypot_events_queue, network_events_queue, network_config, ), name="network_traffic_capture_process") network_traffic_capture_process.start() info(messages["selected_modules_started"].format( ", ".join(selected_modules))) # start a thread to push events to database regularly bulk_events_thread = Thread(target=push_events_to_database_from_thread, args=( honeypot_events_queue, network_events_queue, ), name="insert_events_in_bulk_thread") bulk_events_thread.start() # run module processors run_modules_processors(configuration) # wait forever! in case user can send ctrl + c to interrupt exit_flag = wait_until_interrupt( virtual_machine_container_reset_factory_time_seconds, configuration, network_traffic_capture_process, run_as_test) # killed the network traffic capture process by ctrl + c... waiting to end. info(messages["killing_capture_process"]) if run_as_test: network_traffic_capture_process.terminate() # without ci it will be terminate after a few seconds, it needs to kill the tshark and update pcap file collection network_traffic_capture_process.join() # if in case any events that were not inserted from thread push_events_queues_to_database(honeypot_events_queue, network_events_queue) # Kill bulk events thread terminate_thread(bulk_events_thread) # stop created containers stop_containers(configuration) # stop module processor stop_modules_processors(configuration) # remove created containers remove_old_containers(configuration) # remove created images remove_old_images(configuration) # remove_tmp_directories() error: access denied! # kill all missed threads for thread in threading.enumerate()[1:]: terminate_thread(thread, False) info(messages["finished"]) # reset cmd/terminal color reset_cmd_color() return exit_flag