Exemple #1
0
    def makeService(self, options):
        """
        Construct a TCPServer from a factory defined in Cowrie.
        """

        if os.name == "posix" and os.getuid() == 0:
            print("ERROR: You must not run cowrie as root!")
            sys.exit(1)

        cfg = readConfigFile(options["config"])

        topService = service.MultiService()
        application = service.Application("cowrie")
        topService.setServiceParent(application)

        factory = cowrie.ssh.transport.HoneyPotSSHFactory(cfg)

        factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
        factory.portal.registerChecker(core.checkers.HoneypotPublicKeyChecker())
        factory.portal.registerChecker(core.checkers.HoneypotPasswordChecker(cfg))

        if cfg.has_option("honeypot", "auth_none_enabled") and cfg.get("honeypot", "auth_none_enabled").lower() in (
            "yes",
            "true",
            "on",
        ):
            factory.portal.registerChecker(core.checkers.HoneypotNoneChecker())

        if cfg.has_option("honeypot", "listen_addr"):
            listenAddr = cfg.get("honeypot", "listen_addr")
        else:
            listenAddr = "0.0.0.0"

        # Preference: 1, option, 2, config, 3, default of 2222
        if options["port"] != 0:
            listenPort = int(options["port"])
        elif cfg.has_option("honeypot", "listen_port"):
            listenPort = int(cfg.get("honeypot", "listen_port"))
        else:
            listenPort = 2222

        for i in listenAddr.split():
            svc = internet.TCPServer(listenPort, factory, interface=i)
            # FIXME: Use addService on topService ?
            svc.setServiceParent(topService)

        if cfg.has_option("honeypot", "interact_enabled") and cfg.get("honeypot", "interact_enabled").lower() in (
            "yes",
            "true",
            "on",
        ):
            iport = int(cfg.get("honeypot", "interact_port"))
            from cowrie.core import interact

            svc = internet.TCPServer(iport, interact.makeInteractFactory(factory), interface="127.0.0.1")
            # FIXME: Use addService on topService ?
            svc.setServiceParent(topService)

        return topService
Exemple #2
0
    def makeService(self, options):
        """
        Construct a TCPServer from a factory defined in Cowrie.
        """
        # do what i want
        # if os.name == 'posix' and os.getuid() == 0:
        #     print('ERROR: You must not run cowrie as root!')
        #     sys.exit(1)

        cfg = readConfigFile(options["config"])

        top_service = service.MultiService()
        application = service.Application('cowrie')
        top_service.setServiceParent(application)

        factory = cowrie.ssh.transport.HoneyPotSSHFactory(cfg)

        factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
        factory.portal.registerChecker(
            core.checkers.HoneypotPublicKeyChecker())
        factory.portal.registerChecker(
            core.checkers.HoneypotPasswordChecker(cfg))

        if cfg.has_option('honeypot', 'auth_none_enabled') and \
                 cfg.get('honeypot', 'auth_none_enabled').lower() in \
                 ('yes', 'true', 'on'):
            factory.portal.registerChecker(
                core.checkers.HoneypotNoneChecker())


        if cfg.has_option('honeypot', 'listen_addr'):
            listen_addr = cfg.get('honeypot', 'listen_addr')
        else:
            listen_addr = '0.0.0.0'

        # Preference: 1, option, 2, config, 3, default of 2222
        if options['port'] != 0:
            listen_port = int(options["port"])
        elif cfg.has_option('honeypot', 'listen_port'):
            listen_port = int(cfg.get('honeypot', 'listen_port'))
        else:
            listen_port = 2222

        for i in listen_addr.split():
            svc = internet.TCPServer(listen_port, factory, interface=i)
            # FIXME: Use addService on top_service ?
            svc.setServiceParent(top_service)

        if cfg.has_option('honeypot', 'interact_enabled') and \
                 cfg.get('honeypot', 'interact_enabled').lower() in \
                 ('yes', 'true', 'on'):
            iport = int(cfg.get('honeypot', 'interact_port'))
            from cowrie.core import interact
            svc = internet.TCPServer(iport,
                interact.makeInteractFactory(factory), interface='127.0.0.1')
            # FIXME: Use addService on top_service ?
            svc.setServiceParent(top_service)

        return top_service
Exemple #3
0
    def makeService(self, options):
        """
        Construct a TCPServer from a factory defined in Cowrie.
        """

        if os.name == 'posix' and os.getuid() == 0:
            print('ERROR: You must not run cowrie as root!')
            sys.exit(1)

        cfg = readConfigFile(options["config"])

        topService = service.MultiService()
        application = service.Application('cowrie')
        topService.setServiceParent(application)

        factory = cowrie.ssh.transport.HoneyPotSSHFactory(cfg)

        factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
        factory.portal.registerChecker(
            core.checkers.HoneypotPublicKeyChecker())
        factory.portal.registerChecker(
            core.checkers.HoneypotPasswordChecker(cfg))

        if cfg.has_option('honeypot', 'auth_none_enabled') and \
                 cfg.get('honeypot', 'auth_none_enabled').lower() in \
                 ('yes', 'true', 'on'):
            factory.portal.registerChecker(core.checkers.HoneypotNoneChecker())

        if cfg.has_option('honeypot', 'listen_addr'):
            listenAddr = cfg.get('honeypot', 'listen_addr')
        else:
            listenAddr = '0.0.0.0'

        # Preference: 1, option, 2, config, 3, default of 2222
        if options['port'] != 0:
            listenPort = int(options["port"])
        elif cfg.has_option('honeypot', 'listen_port'):
            listenPort = int(cfg.get('honeypot', 'listen_port'))
        else:
            listenPort = 2222

        for i in listenAddr.split():
            svc = internet.TCPServer(listenPort, factory, interface=i)
            # FIXME: Use addService on topService ?
            svc.setServiceParent(topService)

        if cfg.has_option('honeypot', 'interact_enabled') and \
                 cfg.get('honeypot', 'interact_enabled').lower() in \
                 ('yes', 'true', 'on'):
            iport = int(cfg.get('honeypot', 'interact_port'))
            from cowrie.core import interact
            svc = internet.TCPServer(iport,
                                     interact.makeInteractFactory(factory),
                                     interface='127.0.0.1')
            # FIXME: Use addService on topService ?
            svc.setServiceParent(topService)

        return topService
 def setUp(self):
     with open('../cowrie/test/expected_results.json') as data_file:
         self.data = json.load(data_file)
     self.cfg = config.readConfigFile("../cowrie/test/unittests.cfg")
     self.proto = protocol.HoneyPotInteractiveProtocol \
         (fake_server.FakeAvatar(fake_server.FakeServer(self.cfg)))
     self.tr = fake_transport.FakeTransport("1.1.1.1", "1111")
     self.proto.makeConnection(self.tr)
     self.tr.clear()
Exemple #5
0
 def setUp(self):
     with open('../cowrie/test/expected_results.json') as data_file:
         self.data = json.load(data_file)
     self.cfg = config.readConfigFile("../cowrie/test/unittests.cfg")
     self.proto = protocol.HoneyPotInteractiveProtocol \
         (fake_server.FakeAvatar(fake_server.FakeServer(self.cfg)))
     self.tr = fake_transport.FakeTransport("1.1.1.1", "1111")
     self.proto.makeConnection(self.tr)
     self.tr.clear()
 def setUp(self):
     self.cfg = config.readConfigFile("../cowrie/test/unittests.cfg")
     self.proto = protocol.HoneyPotInteractiveProtocol(
         fake_server.FakeAvatar(fake_server.FakeServer(self.cfg)))
     self.tr = fake_transport.FakeTransport("1.1.1.1", "1111")
     self.proto.makeConnection(self.tr)
Exemple #7
0
    def makeService(self, options):
        """
        Construct a TCPServer from a factory defined in Cowrie.
        """

        if options["help"] == True:
            self.printHelp()
            sys.exit(1)

        if os.name == 'posix' and os.getuid() == 0:
            print('ERROR: You must not run cowrie as root!')
            sys.exit(1)

        cfg = readConfigFile(
            ("cowrie.cfg.dist", "etc/cowrie.cfg", "cowrie.cfg"))

        # ssh is enabled by default
        if cfg.has_option('ssh', 'enabled') == False or \
           (cfg.has_option('ssh', 'enabled') and \
               cfg.getboolean('ssh', 'enabled') == True):
            enableSSH = True
        else:
            enableSSH = False

        # telnet is disabled by default
        if cfg.has_option('telnet', 'enabled') and \
                 cfg.getboolean('telnet', 'enabled') == True:
            enableTelnet = True
        else:
            enableTelnet = False

        if enableTelnet == False and enableSSH == False:
            print('ERROR: You must at least enable SSH or Telnet')
            sys.exit(1)

        # Load db loggers
        self.dbloggers = []
        for x in cfg.sections():
            if not x.startswith('database_'):
                continue
            engine = x.split('_')[1]
            try:
                dblogger = __import__('cowrie.dblog.{}'.format(engine),
                                      globals(), locals(),
                                      ['dblog']).DBLogger(cfg)
                log.addObserver(dblogger.emit)
                self.dbloggers.append(dblogger)
                log.msg("Loaded dblog engine: {}".format(engine))
            except:
                log.err()
                log.msg("Failed to load dblog engine: {}".format(engine))

        # Load output modules
        self.output_plugins = []
        for x in cfg.sections():
            if not x.startswith('output_'):
                continue
            engine = x.split('_')[1]
            try:
                output = __import__('cowrie.output.{}'.format(engine),
                                    globals(), locals(),
                                    ['output']).Output(cfg)
                log.addObserver(output.emit)
                self.output_plugins.append(output)
                log.msg("Loaded output engine: {}".format(engine))
            except ImportError as e:
                log.err(
                    "Failed to load output engine: {} due to ImportError: {}".
                    format(engine, e))
                log.msg(
                    "Please install the dependencies for {} listed in requirements-output.txt"
                    .format(engine))
            except Exception:
                log.err()
                log.msg("Failed to load output engine: {}".format(engine))

        topService = service.MultiService()
        application = service.Application('cowrie')
        topService.setServiceParent(application)

        if enableSSH:
            factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
            factory.tac = self
            factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
            factory.portal.registerChecker(
                core.checkers.HoneypotPublicKeyChecker())
            factory.portal.registerChecker(
                core.checkers.HoneypotPasswordChecker(cfg))

            if cfg.has_option('honeypot', 'auth_none_enabled') and \
                     cfg.getboolean('honeypot', 'auth_none_enabled') == True:
                factory.portal.registerChecker(
                    core.checkers.HoneypotNoneChecker())

            if cfg.has_section('ssh'):
                listen_endpoints = get_endpoints_from_section(cfg, 'ssh', 22)
            else:
                listen_endpoints = get_endpoints_from_section(
                    cfg, 'honeypot', 22)

            create_endpoint_services(reactor, topService, listen_endpoints,
                                     factory)

        if enableTelnet:
            f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
            f.tac = self
            f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
            f.portal.registerChecker(
                core.checkers.HoneypotPasswordChecker(cfg))

            listen_endpoints = get_endpoints_from_section(cfg, 'telnet', 23)
            create_endpoint_services(reactor, topService, listen_endpoints, f)

        return topService
 def setUp(self):
     self.cfg = config.readConfigFile("../cowrie/test/unittests.cfg")
     self.proto = protocol.HoneyPotInteractiveProtocol(fake_server.FakeAvatar(fake_server.FakeServer(self.cfg)))
     self.tr = fake_transport.FakeTransport("1.1.1.1", "1111")
     self.proto.makeConnection(self.tr)
    def makeService(self, options):
        """
        Construct a TCPServer from a factory defined in Cowrie.
        """

        if os.name == 'posix' and os.getuid() == 0:
            print('ERROR: You must not run cowrie as root!')
            sys.exit(1)

        cfg = readConfigFile(options["config"])

        if cfg.has_option('honeypot', 'listen_addr'):
            listen_addr = cfg.get('honeypot', 'listen_addr')
        else:
            listen_addr = '0.0.0.0'

        # Preference: 1, option, 2, config, 3, default of 2222
        if options['port'] != 0:
            listen_ports = options["port"]
        elif cfg.has_option('honeypot', 'listen_ports'):
            listen_ports = cfg.get('honeypot', 'listen_ports')
        else:
            listen_ports = "2222"

        listen_ports_range = [int(port) for port in listen_ports.split(" ")]
        if len(listen_ports_range) == 1:
            listen_ports_enum = [listen_ports_range[0]]
        else:
            listen_ports_enum = range(listen_ports_range[0],
                                      listen_ports_range[1] + 1)

        factory = core.ssh.HoneyPotSSHFactory(cfg)
        factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
        # Disable pubkey checking, it breaks mitmproxy on Turris
        #factory.portal.registerChecker(
        #    core.checkers.HoneypotPublicKeyChecker(cfg))
        factory.portal.registerChecker(
            core.checkers.HoneypotPasswordChecker(cfg))

        if cfg.has_option('honeypot', 'auth_none_enabled') and \
                 cfg.get('honeypot', 'auth_none_enabled').lower() in \
                 ('yes', 'true', 'on'):
            factory.portal.registerChecker(core.checkers.HoneypotNoneChecker())

        top_service = top_service = service.MultiService()

        for i in listen_addr.split():
            for port in listen_ports_enum:
                svc = internet.TCPServer(port, factory, interface=i)
                svc.setServiceParent(top_service)

        if cfg.has_option('honeypot', 'interact_enabled') and \
                 cfg.get('honeypot', 'interact_enabled').lower() in \
                 ('yes', 'true', 'on'):
            iport = int(cfg.get('honeypot', 'interact_port'))
            from cowrie.core import interact
            svc = internet.TCPServer(iport,
                                     interact.makeInteractFactory(factory))
            svc.setServiceParent(top_service)

        application = service.Application('cowrie')
        top_service.setServiceParent(application)
        return top_service
Exemple #10
0
    def makeService(self, options):
        """
        Construct a TCPServer from a factory defined in Cowrie.
        """

        if options["help"] == True:
            self.printHelp()
            sys.exit(1)

        if os.name == 'posix' and os.getuid() == 0:
            print('ERROR: You must not run cowrie as root!')
            sys.exit(1)

        cfg = readConfigFile(("cowrie.cfg.dist", "etc/cowrie.cfg", "cowrie.cfg"))

        # ssh is enabled by default
        if cfg.has_option('ssh', 'enabled') == False or \
           (cfg.has_option('ssh', 'enabled') and \
               cfg.getboolean('ssh', 'enabled') == True):
            enableSSH = True
        else:
            enableSSH = False

        # telnet is disabled by default
        if cfg.has_option('telnet', 'enabled') and \
                 cfg.getboolean('telnet', 'enabled') == True:
            enableTelnet = True
        else:
            enableTelnet = False

        # coap is enabled by default
        if cfg.has_option('coap', 'enabled') == False or \
           (cfg.has_option('coap', 'enabled') and \
               cfg.getboolean('coap', 'enabled') == True):
            enableCoAP = True
        else:
            enableCoAP = False

        if enableTelnet == False and enableSSH == False and enableCoAP == False:
            print('ERROR: You must at least enable SSH or Telnet or CoAP')
            sys.exit(1)

        # Load db loggers
        self.dbloggers = []
        for x in cfg.sections():
            if not x.startswith('database_'):
                continue
            engine = x.split('_')[1]
            try:
                dblogger = __import__( 'cowrie.dblog.{}'.format(engine),
                    globals(), locals(), ['dblog']).DBLogger(cfg)
                log.addObserver(dblogger.emit)
                self.dbloggers.append(dblogger)
                log.msg("Loaded dblog engine: {}".format(engine))
            except:
                log.err()
                log.msg("Failed to load dblog engine: {}".format(engine))

        # Load output modules
        self.output_plugins = []
        for x in cfg.sections():
            if not x.startswith('output_'):
                continue
            engine = x.split('_')[1]
            try:
                output = __import__( 'cowrie.output.{}'.format(engine),
                    globals(), locals(), ['output']).Output(cfg)
                log.addObserver(output.emit)
                self.output_plugins.append(output)
                log.msg("Loaded output engine: {}".format(engine))
            except ImportError as e:
                log.err("Failed to load output engine: {} due to ImportError: {}".format(engine, e))
                log.msg("Please install the dependencies for {} listed in requirements-output.txt".format(engine))
            except Exception:
                log.err()
                log.msg("Failed to load output engine: {}".format(engine))

        topService = service.MultiService()
        application = service.Application('cowrie')
        topService.setServiceParent(application)

        if enableSSH:
            factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
            factory.tac = self
            factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
            factory.portal.registerChecker(
                core.checkers.HoneypotPublicKeyChecker())
            factory.portal.registerChecker(
                core.checkers.HoneypotPasswordChecker(cfg))

            if cfg.has_option('honeypot', 'auth_none_enabled') and \
                     cfg.getboolean('honeypot', 'auth_none_enabled') == True:
                factory.portal.registerChecker(
                    core.checkers.HoneypotNoneChecker())

            if cfg.has_section('ssh'):
                listen_endpoints = get_endpoints_from_section(cfg, 'ssh', 2222)
            else:
                listen_endpoints = get_endpoints_from_section(cfg, 'honeypot', 2222)

            create_endpoint_services(reactor, topService, listen_endpoints, factory)

        if enableTelnet:
            f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
            f.tac = self
            f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
            f.portal.registerChecker(core.checkers.HoneypotPasswordChecker(cfg))

            listen_endpoints = get_endpoints_from_section(cfg, 'telnet', 2223)
            create_endpoint_services(reactor, topService, listen_endpoints, f)

        if enableCoAP:
            # fact = cowrie.coap.factory.CowrieCoAPFactory(cfg)
            # factory.tac = self
            # fact.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
            # fact.portal.registerChecker(core.checkers.HoneypotPasswordChecker(cfg))

            listen_endpoints = get_endpoints_from_section(cfg, 'coap', 5683)
            # print (listen_endpoints[0].split(':')[1])
            # create_endpoint_services(reactor, topService, listen_endpoints, fact)

            root = resource.CoAPResource()

            well_known = resource.CoAPResource()
            root.putChild('.well-known', well_known)
            coreCoAP = CoreResource(root)
            well_known.putChild('core', coreCoAP)

            counter = CounterResource(5000)
            root.putChild('counter', counter)

            time = TimeResource()
            root.putChild('time', time)

            other = resource.CoAPResource()
            root.putChild('other', other)

            block = BlockResource()
            other.putChild('block', block)

            separate = SeparateLargeResource()
            other.putChild('separate', separate)

            endpoint = resource.Endpoint(root)
            reactor.listenUDP(int(listen_endpoints[0].split(':')[1]), coap.Coap(endpoint)) #, interface="::")
            
            log.msg(eventid='cowrie.coap.connected',
                protocol='CoAP')

            # internet.StreamServerEndpointService(endpoint, factory).setServiceParent(topService)
            
            # endpoint = resource.Endpoint(root)

            # service_object = reactor.listenUDP(int(port), coap.Coap(endpoint))

        return topService
Exemple #11
0
    def makeService(self, options):
        """
        Construct a TCPServer from a factory defined in Cowrie.
        """

        if os.name == 'posix' and os.getuid() == 0:
            print('ERROR: You must not run cowrie as root!')
            sys.exit(1)

        cfg = readConfigFile(options["config"])

        # ssh is enabled by default
        if cfg.has_option('ssh', 'enabled') == False or \
           (cfg.has_option('ssh', 'enabled') and \
               cfg.getboolean('ssh', 'enabled') == True):
            enableSSH = True
        else:
            enableSSH = False

        # telnet is disabled by default
        if cfg.has_option('telnet', 'enabled') and \
                 cfg.getboolean('telnet', 'enabled') == True:
            enableTelnet = True
        else:
            enableTelnet = False

        if enableTelnet == False and enableSSH == False:
            print('ERROR: You must at least enable SSH or Telnet')
            sys.exit(1)

        # Load db loggers
        self.dbloggers = []
        for x in cfg.sections():
            if not x.startswith('database_'):
                continue
            engine = x.split('_')[1]
            try:
                dblogger = __import__( 'cowrie.dblog.{}'.format(engine),
                    globals(), locals(), ['dblog']).DBLogger(cfg)
                log.addObserver(dblogger.emit)
                self.dbloggers.append(dblogger)
                log.msg("Loaded dblog engine: {}".format(engine))
            except:
                log.err()
                log.msg("Failed to load dblog engine: {}".format(engine))

        # Load output modules
        self.output_plugins = []
        for x in cfg.sections():
            if not x.startswith('output_'):
                continue
            engine = x.split('_')[1]
            try:
                output = __import__( 'cowrie.output.{}'.format(engine),
                    globals(), locals(), ['output']).Output(cfg)
                log.addObserver(output.emit)
                self.output_plugins.append(output)
                log.msg("Loaded output engine: {}".format(engine))
            except:
                log.err()
                log.msg("Failed to load output engine: {}".format(engine))

        topService = service.MultiService()
        application = service.Application('cowrie')
        topService.setServiceParent(application)

        if enableSSH:
            factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
            factory.tac = self
            factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
            factory.portal.registerChecker(
                core.checkers.HoneypotPublicKeyChecker())
            factory.portal.registerChecker(
                core.checkers.HoneypotPasswordChecker(cfg))

            if cfg.has_option('honeypot', 'auth_none_enabled') and \
                     cfg.getboolean('honeypot', 'auth_none_enabled') == True:
                factory.portal.registerChecker(
                    core.checkers.HoneypotNoneChecker())

            if cfg.has_option('ssh', 'listen_addr'):
                listen_ssh_addr = cfg.get('ssh', 'listen_addr')
            elif cfg.has_option('honeypot', 'listen_addr'):
                listen_ssh_addr = cfg.get('honeypot', 'listen_addr')
            else:
                listen_ssh_addr = '0.0.0.0'

            # Preference: 1, option, 2, config, 3, default of 2222
            if options['port'] != 0:
                listen_ssh_port = int(options["port"])
            elif cfg.has_option('ssh', 'listen_port'):
                listen_ssh_port = cfg.getint('ssh', 'listen_port')
            elif cfg.has_option('honeypot', 'listen_port'):
                listen_ssh_port = cfg.getint('honeypot', 'listen_port')
            else:
                listen_ssh_port = 2222

            for i in listen_ssh_addr.split():
                svc = internet.TCPServer(listen_ssh_port, factory, interface=i)
                # FIXME: Use addService on topService ?
                svc.setServiceParent(topService)

        if enableTelnet:
            if cfg.has_option('telnet', 'listen_addr'):
                listen_telnet_addr = cfg.get('telnet', 'listen_addr')
            else:
                listen_telnet_addr = '0.0.0.0'

            # Preference: 1, config, 2, default of 2223
            if cfg.has_option('telnet', 'listen_port'):
                listen_telnet_port = cfg.getint('telnet', 'listen_port')
            else:
                listen_telnet_port = 2223

            f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
            f.tac = self
            f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
            f.portal.registerChecker(core.checkers.HoneypotPasswordChecker(cfg))
            for i in listen_telnet_addr.split():
                tsvc = internet.TCPServer(listen_telnet_port, f, interface=i)
                # FIXME: Use addService on topService ?
                tsvc.setServiceParent(topService)

        return topService
Exemple #12
0
    def makeService(self, options):
        """
        Construct a TCPServer from a factory defined in Cowrie.
        """

        if os.name == 'posix' and os.getuid() == 0:
            print('ERROR: You must not run cowrie as root!')
            sys.exit(1)

        cfg = readConfigFile(options["config"])

        topService = service.MultiService()
        application = service.Application('cowrie')
        topService.setServiceParent(application)

        factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)

        factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
        factory.portal.registerChecker(
            core.checkers.HoneypotPublicKeyChecker())
        factory.portal.registerChecker(
            core.checkers.HoneypotPasswordChecker(cfg))

        if cfg.has_option('honeypot', 'auth_none_enabled') and \
                 cfg.getboolean('honeypot', 'auth_none_enabled') == True:
            factory.portal.registerChecker(core.checkers.HoneypotNoneChecker())

        # ssh is enabled by default
        if cfg.has_option('ssh', 'enabled') == False or \
           (cfg.has_option('ssh', 'enabled') and \
               cfg.getboolean('ssh', 'enabled') == True):
            enableSSH = True
        else:
            enableSSH = False

        # telnet is disabled by default
        if cfg.has_option('telnet', 'enabled') and \
                 cfg.getboolean('telnet', 'enabled') == True:
            enableTelnet = True
        else:
            enableTelnet = False

        if enableTelnet == False and enableSSH == False:
            print('ERROR: You must at least enable SSH or Telnet')
            sys.exit(1)

        if enableSSH:
            if cfg.has_option('ssh', 'listen_addr'):
                listen_ssh_addr = cfg.get('ssh', 'listen_addr')
            elif cfg.has_option('honeypot', 'listen_addr'):
                listen_ssh_addr = cfg.get('honeypot', 'listen_addr')
            else:
                listen_ssh_addr = '0.0.0.0'

            # Preference: 1, option, 2, config, 3, default of 2222
            if options['port'] != 0:
                listen_ssh_port = int(options["port"])
            elif cfg.has_option('ssh', 'listen_port'):
                listen_ssh_port = cfg.getint('ssh', 'listen_port')
            elif cfg.has_option('honeypot', 'listen_port'):
                listen_ssh_port = cfg.getint('honeypot', 'listen_port')
            else:
                listen_ssh_port = 2222

            for i in listen_ssh_addr.split():
                svc = internet.TCPServer(listen_ssh_port, factory, interface=i)
                # FIXME: Use addService on topService ?
                svc.setServiceParent(topService)

        if enableTelnet:
            if cfg.has_option('telnet', 'listen_addr'):
                listen_telnet_addr = cfg.get('telnet', 'listen_addr')
            else:
                listen_telnet_addr = '0.0.0.0'

            # Preference: 1, config, 2, default of 2223
            if cfg.has_option('telnet', 'listen_port'):
                listen_telnet_port = cfg.getint('telnet', 'listen_port')
            else:
                listen_telnet_port = 2223

            f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
            f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
            f.portal.registerChecker(
                core.checkers.HoneypotPasswordChecker(cfg))
            for i in listen_telnet_addr.split():
                tsvc = internet.TCPServer(listen_telnet_port, f, interface=i)
                # FIXME: Use addService on topService ?
                tsvc.setServiceParent(topService)

        if cfg.has_option('honeypot', 'interact_enabled') and \
                 cfg.getboolean('honeypot', 'interact_enabled') == True:
            iport = int(cfg.get('honeypot', 'interact_port'))
            # FIXME this doesn't support checking both Telnet and SSH sessions
            from cowrie.core import interact
            svc = internet.TCPServer(iport,
                                     interact.makeInteractFactory(factory),
                                     interface='127.0.0.1')
            # FIXME: Use addService on topService ?
            svc.setServiceParent(topService)

        return topService
Exemple #13
0
    def makeService(self, options):
        """
        Construct a TCPServer from a factory defined in Cowrie.
        """

        if os.name == 'posix' and os.getuid() == 0:
            print('ERROR: You must not run cowrie as root!')
            sys.exit(1)

        cfg = readConfigFile(options["config"])

        # ssh is enabled by default
        if cfg.has_option('ssh', 'enabled') == False or \
           (cfg.has_option('ssh', 'enabled') and \
               cfg.getboolean('ssh', 'enabled') == True):
            enableSSH = True
        else:
            enableSSH = False

        # telnet is disabled by default
        if cfg.has_option('telnet', 'enabled') and \
                 cfg.getboolean('telnet', 'enabled') == True:
            enableTelnet = True
        else:
            enableTelnet = False

        if enableTelnet == False and enableSSH == False:
            print('ERROR: You must at least enable SSH or Telnet')
            sys.exit(1)

        # Load db loggers
        self.dbloggers = []
        for x in cfg.sections():
            if not x.startswith('database_'):
                continue
            engine = x.split('_')[1]
            try:
                dblogger = __import__('cowrie.dblog.{}'.format(engine),
                                      globals(), locals(),
                                      ['dblog']).DBLogger(cfg)
                log.addObserver(dblogger.emit)
                self.dbloggers.append(dblogger)
                log.msg("Loaded dblog engine: {}".format(engine))
            except:
                log.err()
                log.msg("Failed to load dblog engine: {}".format(engine))

        # Load output modules
        self.output_plugins = []
        for x in cfg.sections():
            if not x.startswith('output_'):
                continue
            engine = x.split('_')[1]
            try:
                output = __import__('cowrie.output.{}'.format(engine),
                                    globals(), locals(),
                                    ['output']).Output(cfg)
                log.addObserver(output.emit)
                self.output_plugins.append(output)
                log.msg("Loaded output engine: {}".format(engine))
            except:
                log.err()
                log.msg("Failed to load output engine: {}".format(engine))

        topService = service.MultiService()
        application = service.Application('cowrie')
        topService.setServiceParent(application)

        if enableSSH:
            factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
            factory.tac = self
            factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
            factory.portal.registerChecker(
                core.checkers.HoneypotPublicKeyChecker())
            factory.portal.registerChecker(
                core.checkers.HoneypotPasswordChecker(cfg))

            if cfg.has_option('honeypot', 'auth_none_enabled') and \
                     cfg.getboolean('honeypot', 'auth_none_enabled') == True:
                factory.portal.registerChecker(
                    core.checkers.HoneypotNoneChecker())

            if cfg.has_option('ssh', 'listen_addr'):
                listen_ssh_addr = cfg.get('ssh', 'listen_addr')
            elif cfg.has_option('honeypot', 'listen_addr'):
                listen_ssh_addr = cfg.get('honeypot', 'listen_addr')
            else:
                listen_ssh_addr = '0.0.0.0'

            # Preference: 1, option, 2, config, 3, default of 2222
            if options['port'] != 0:
                listen_ssh_port = int(options["port"])
            elif cfg.has_option('ssh', 'listen_port'):
                listen_ssh_port = cfg.getint('ssh', 'listen_port')
            elif cfg.has_option('honeypot', 'listen_port'):
                listen_ssh_port = cfg.getint('honeypot', 'listen_port')
            else:
                listen_ssh_port = 2222

            for i in listen_ssh_addr.split():
                svc = internet.TCPServer(listen_ssh_port, factory, interface=i)
                # FIXME: Use addService on topService ?
                svc.setServiceParent(topService)

        if enableTelnet:
            if cfg.has_option('telnet', 'listen_addr'):
                listen_telnet_addr = cfg.get('telnet', 'listen_addr')
            else:
                listen_telnet_addr = '0.0.0.0'

            # Preference: 1, config, 2, default of 2223
            if cfg.has_option('telnet', 'listen_port'):
                listen_telnet_port = cfg.getint('telnet', 'listen_port')
            else:
                listen_telnet_port = 2223

            f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
            f.tac = self
            f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
            f.portal.registerChecker(
                core.checkers.HoneypotPasswordChecker(cfg))
            for i in listen_telnet_addr.split():
                tsvc = internet.TCPServer(listen_telnet_port, f, interface=i)
                # FIXME: Use addService on topService ?
                tsvc.setServiceParent(topService)

        return topService
    def makeService(self, options):
        """
        Construct a TCPServer from a factory defined in Cowrie.
        """

        if os.name == 'posix' and os.getuid() == 0:
            print('ERROR: You must not run cowrie as root!')
            sys.exit(1)

        cfg = readConfigFile(options["config"])

        if cfg.has_option('honeypot', 'listen_addr'):
            listen_addr = cfg.get('honeypot', 'listen_addr')
        else:
            listen_addr = '0.0.0.0'

        # Preference: 1, option, 2, config, 3, default of 2222
        if options['port'] != 0:
            listen_ports = options["port"]
        elif cfg.has_option('honeypot', 'listen_ports'):
            listen_ports = cfg.get('honeypot', 'listen_ports')
        else:
            listen_ports = "2222"

        listen_ports_range = [int(port) for port in listen_ports.split(" ")]
        if len(listen_ports_range) == 1:
            listen_ports_enum = [listen_ports_range[0]]
        else:
            listen_ports_enum = range(listen_ports_range[0], listen_ports_range[1]+1)

        factory = core.ssh.HoneyPotSSHFactory(cfg)
        factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
        # Disable pubkey checking, it breaks mitmproxy on Turris
        #factory.portal.registerChecker(
        #    core.checkers.HoneypotPublicKeyChecker(cfg))
        factory.portal.registerChecker(
            core.checkers.HoneypotPasswordChecker(cfg))

        if cfg.has_option('honeypot', 'auth_none_enabled') and \
                 cfg.get('honeypot', 'auth_none_enabled').lower() in \
                 ('yes', 'true', 'on'):
            factory.portal.registerChecker(
                core.checkers.HoneypotNoneChecker())

        top_service = top_service = service.MultiService()

        for i in listen_addr.split():
            for port in listen_ports_enum:
                svc = internet.TCPServer(port, factory, interface=i)
                svc.setServiceParent(top_service)

        if cfg.has_option('honeypot', 'interact_enabled') and \
                 cfg.get('honeypot', 'interact_enabled').lower() in \
                 ('yes', 'true', 'on'):
            iport = int(cfg.get('honeypot', 'interact_port'))
            from cowrie.core import interact
            svc = internet.TCPServer(iport,
                interact.makeInteractFactory(factory))
            svc.setServiceParent(top_service)

        application = service.Application('cowrie')
        top_service.setServiceParent(application)
        return top_service