def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if os.name == "posix" and os.getuid() == 0:
print("ERROR: You must not run cowrie as root!")
sys.exit(1)
cfg = readConfigFile(options["config"])
topService = service.MultiService()
application = service.Application("cowrie")
topService.setServiceParent(application)
factory = cowrie.ssh.transport.HoneyPotSSHFactory(cfg)
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
factory.portal.registerChecker(core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option("honeypot", "auth_none_enabled") and cfg.get("honeypot", "auth_none_enabled").lower() in (
"yes",
"true",
"on",
):
factory.portal.registerChecker(core.checkers.HoneypotNoneChecker())
if cfg.has_option("honeypot", "listen_addr"):
listenAddr = cfg.get("honeypot", "listen_addr")
else:
listenAddr = "0.0.0.0"
# Preference: 1, option, 2, config, 3, default of 2222
if options["port"] != 0:
listenPort = int(options["port"])
elif cfg.has_option("honeypot", "listen_port"):
listenPort = int(cfg.get("honeypot", "listen_port"))
else:
listenPort = 2222
for i in listenAddr.split():
svc = internet.TCPServer(listenPort, factory, interface=i)
# FIXME: Use addService on topService ?
svc.setServiceParent(topService)
if cfg.has_option("honeypot", "interact_enabled") and cfg.get("honeypot", "interact_enabled").lower() in (
"yes",
"true",
"on",
):
iport = int(cfg.get("honeypot", "interact_port"))
from cowrie.core import interact
svc = internet.TCPServer(iport, interact.makeInteractFactory(factory), interface="127.0.0.1")
# FIXME: Use addService on topService ?
svc.setServiceParent(topService)
return topService
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
# do what i want
# if os.name == 'posix' and os.getuid() == 0:
# print('ERROR: You must not run cowrie as root!')
# sys.exit(1)
cfg = readConfigFile(options["config"])
top_service = service.MultiService()
application = service.Application('cowrie')
top_service.setServiceParent(application)
factory = cowrie.ssh.transport.HoneyPotSSHFactory(cfg)
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.get('honeypot', 'auth_none_enabled').lower() in \
('yes', 'true', 'on'):
factory.portal.registerChecker(
core.checkers.HoneypotNoneChecker())
if cfg.has_option('honeypot', 'listen_addr'):
listen_addr = cfg.get('honeypot', 'listen_addr')
else:
listen_addr = '0.0.0.0'
# Preference: 1, option, 2, config, 3, default of 2222
if options['port'] != 0:
listen_port = int(options["port"])
elif cfg.has_option('honeypot', 'listen_port'):
listen_port = int(cfg.get('honeypot', 'listen_port'))
else:
listen_port = 2222
for i in listen_addr.split():
svc = internet.TCPServer(listen_port, factory, interface=i)
# FIXME: Use addService on top_service ?
svc.setServiceParent(top_service)
if cfg.has_option('honeypot', 'interact_enabled') and \
cfg.get('honeypot', 'interact_enabled').lower() in \
('yes', 'true', 'on'):
iport = int(cfg.get('honeypot', 'interact_port'))
from cowrie.core import interact
svc = internet.TCPServer(iport,
interact.makeInteractFactory(factory), interface='127.0.0.1')
# FIXME: Use addService on top_service ?
svc.setServiceParent(top_service)
return top_service
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(options["config"])
topService = service.MultiService()
application = service.Application('cowrie')
topService.setServiceParent(application)
factory = cowrie.ssh.transport.HoneyPotSSHFactory(cfg)
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.get('honeypot', 'auth_none_enabled').lower() in \
('yes', 'true', 'on'):
factory.portal.registerChecker(core.checkers.HoneypotNoneChecker())
if cfg.has_option('honeypot', 'listen_addr'):
listenAddr = cfg.get('honeypot', 'listen_addr')
else:
listenAddr = '0.0.0.0'
# Preference: 1, option, 2, config, 3, default of 2222
if options['port'] != 0:
listenPort = int(options["port"])
elif cfg.has_option('honeypot', 'listen_port'):
listenPort = int(cfg.get('honeypot', 'listen_port'))
else:
listenPort = 2222
for i in listenAddr.split():
svc = internet.TCPServer(listenPort, factory, interface=i)
# FIXME: Use addService on topService ?
svc.setServiceParent(topService)
if cfg.has_option('honeypot', 'interact_enabled') and \
cfg.get('honeypot', 'interact_enabled').lower() in \
('yes', 'true', 'on'):
iport = int(cfg.get('honeypot', 'interact_port'))
from cowrie.core import interact
svc = internet.TCPServer(iport,
interact.makeInteractFactory(factory),
interface='127.0.0.1')
# FIXME: Use addService on topService ?
svc.setServiceParent(topService)
return topService
def setUp(self):
with open('../cowrie/test/expected_results.json') as data_file:
self.data = json.load(data_file)
self.cfg = config.readConfigFile("../cowrie/test/unittests.cfg")
self.proto = protocol.HoneyPotInteractiveProtocol \
(fake_server.FakeAvatar(fake_server.FakeServer(self.cfg)))
self.tr = fake_transport.FakeTransport("1.1.1.1", "1111")
self.proto.makeConnection(self.tr)
self.tr.clear()
def setUp(self):
with open('../cowrie/test/expected_results.json') as data_file:
self.data = json.load(data_file)
self.cfg = config.readConfigFile("../cowrie/test/unittests.cfg")
self.proto = protocol.HoneyPotInteractiveProtocol \
(fake_server.FakeAvatar(fake_server.FakeServer(self.cfg)))
self.tr = fake_transport.FakeTransport("1.1.1.1", "1111")
self.proto.makeConnection(self.tr)
self.tr.clear()
def setUp(self):
self.cfg = config.readConfigFile("../cowrie/test/unittests.cfg")
self.proto = protocol.HoneyPotInteractiveProtocol(
fake_server.FakeAvatar(fake_server.FakeServer(self.cfg)))
self.tr = fake_transport.FakeTransport("1.1.1.1", "1111")
self.proto.makeConnection(self.tr)
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if options["help"] == True:
self.printHelp()
sys.exit(1)
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(
("cowrie.cfg.dist", "etc/cowrie.cfg", "cowrie.cfg"))
# ssh is enabled by default
if cfg.has_option('ssh', 'enabled') == False or \
(cfg.has_option('ssh', 'enabled') and \
cfg.getboolean('ssh', 'enabled') == True):
enableSSH = True
else:
enableSSH = False
# telnet is disabled by default
if cfg.has_option('telnet', 'enabled') and \
cfg.getboolean('telnet', 'enabled') == True:
enableTelnet = True
else:
enableTelnet = False
if enableTelnet == False and enableSSH == False:
print('ERROR: You must at least enable SSH or Telnet')
sys.exit(1)
# Load db loggers
self.dbloggers = []
for x in cfg.sections():
if not x.startswith('database_'):
continue
engine = x.split('_')[1]
try:
dblogger = __import__('cowrie.dblog.{}'.format(engine),
globals(), locals(),
['dblog']).DBLogger(cfg)
log.addObserver(dblogger.emit)
self.dbloggers.append(dblogger)
log.msg("Loaded dblog engine: {}".format(engine))
except:
log.err()
log.msg("Failed to load dblog engine: {}".format(engine))
# Load output modules
self.output_plugins = []
for x in cfg.sections():
if not x.startswith('output_'):
continue
engine = x.split('_')[1]
try:
output = __import__('cowrie.output.{}'.format(engine),
globals(), locals(),
['output']).Output(cfg)
log.addObserver(output.emit)
self.output_plugins.append(output)
log.msg("Loaded output engine: {}".format(engine))
except ImportError as e:
log.err(
"Failed to load output engine: {} due to ImportError: {}".
format(engine, e))
log.msg(
"Please install the dependencies for {} listed in requirements-output.txt"
.format(engine))
except Exception:
log.err()
log.msg("Failed to load output engine: {}".format(engine))
topService = service.MultiService()
application = service.Application('cowrie')
topService.setServiceParent(application)
if enableSSH:
factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
factory.tac = self
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.getboolean('honeypot', 'auth_none_enabled') == True:
factory.portal.registerChecker(
core.checkers.HoneypotNoneChecker())
if cfg.has_section('ssh'):
listen_endpoints = get_endpoints_from_section(cfg, 'ssh', 22)
else:
listen_endpoints = get_endpoints_from_section(
cfg, 'honeypot', 22)
create_endpoint_services(reactor, topService, listen_endpoints,
factory)
if enableTelnet:
f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
f.tac = self
f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
f.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
listen_endpoints = get_endpoints_from_section(cfg, 'telnet', 23)
create_endpoint_services(reactor, topService, listen_endpoints, f)
return topService
def setUp(self):
self.cfg = config.readConfigFile("../cowrie/test/unittests.cfg")
self.proto = protocol.HoneyPotInteractiveProtocol(fake_server.FakeAvatar(fake_server.FakeServer(self.cfg)))
self.tr = fake_transport.FakeTransport("1.1.1.1", "1111")
self.proto.makeConnection(self.tr)
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(options["config"])
if cfg.has_option('honeypot', 'listen_addr'):
listen_addr = cfg.get('honeypot', 'listen_addr')
else:
listen_addr = '0.0.0.0'
# Preference: 1, option, 2, config, 3, default of 2222
if options['port'] != 0:
listen_ports = options["port"]
elif cfg.has_option('honeypot', 'listen_ports'):
listen_ports = cfg.get('honeypot', 'listen_ports')
else:
listen_ports = "2222"
listen_ports_range = [int(port) for port in listen_ports.split(" ")]
if len(listen_ports_range) == 1:
listen_ports_enum = [listen_ports_range[0]]
else:
listen_ports_enum = range(listen_ports_range[0],
listen_ports_range[1] + 1)
factory = core.ssh.HoneyPotSSHFactory(cfg)
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
# Disable pubkey checking, it breaks mitmproxy on Turris
#factory.portal.registerChecker(
# core.checkers.HoneypotPublicKeyChecker(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.get('honeypot', 'auth_none_enabled').lower() in \
('yes', 'true', 'on'):
factory.portal.registerChecker(core.checkers.HoneypotNoneChecker())
top_service = top_service = service.MultiService()
for i in listen_addr.split():
for port in listen_ports_enum:
svc = internet.TCPServer(port, factory, interface=i)
svc.setServiceParent(top_service)
if cfg.has_option('honeypot', 'interact_enabled') and \
cfg.get('honeypot', 'interact_enabled').lower() in \
('yes', 'true', 'on'):
iport = int(cfg.get('honeypot', 'interact_port'))
from cowrie.core import interact
svc = internet.TCPServer(iport,
interact.makeInteractFactory(factory))
svc.setServiceParent(top_service)
application = service.Application('cowrie')
top_service.setServiceParent(application)
return top_service
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if options["help"] == True:
self.printHelp()
sys.exit(1)
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(("cowrie.cfg.dist", "etc/cowrie.cfg", "cowrie.cfg"))
# ssh is enabled by default
if cfg.has_option('ssh', 'enabled') == False or \
(cfg.has_option('ssh', 'enabled') and \
cfg.getboolean('ssh', 'enabled') == True):
enableSSH = True
else:
enableSSH = False
# telnet is disabled by default
if cfg.has_option('telnet', 'enabled') and \
cfg.getboolean('telnet', 'enabled') == True:
enableTelnet = True
else:
enableTelnet = False
# coap is enabled by default
if cfg.has_option('coap', 'enabled') == False or \
(cfg.has_option('coap', 'enabled') and \
cfg.getboolean('coap', 'enabled') == True):
enableCoAP = True
else:
enableCoAP = False
if enableTelnet == False and enableSSH == False and enableCoAP == False:
print('ERROR: You must at least enable SSH or Telnet or CoAP')
sys.exit(1)
# Load db loggers
self.dbloggers = []
for x in cfg.sections():
if not x.startswith('database_'):
continue
engine = x.split('_')[1]
try:
dblogger = __import__( 'cowrie.dblog.{}'.format(engine),
globals(), locals(), ['dblog']).DBLogger(cfg)
log.addObserver(dblogger.emit)
self.dbloggers.append(dblogger)
log.msg("Loaded dblog engine: {}".format(engine))
except:
log.err()
log.msg("Failed to load dblog engine: {}".format(engine))
# Load output modules
self.output_plugins = []
for x in cfg.sections():
if not x.startswith('output_'):
continue
engine = x.split('_')[1]
try:
output = __import__( 'cowrie.output.{}'.format(engine),
globals(), locals(), ['output']).Output(cfg)
log.addObserver(output.emit)
self.output_plugins.append(output)
log.msg("Loaded output engine: {}".format(engine))
except ImportError as e:
log.err("Failed to load output engine: {} due to ImportError: {}".format(engine, e))
log.msg("Please install the dependencies for {} listed in requirements-output.txt".format(engine))
except Exception:
log.err()
log.msg("Failed to load output engine: {}".format(engine))
topService = service.MultiService()
application = service.Application('cowrie')
topService.setServiceParent(application)
if enableSSH:
factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
factory.tac = self
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.getboolean('honeypot', 'auth_none_enabled') == True:
factory.portal.registerChecker(
core.checkers.HoneypotNoneChecker())
if cfg.has_section('ssh'):
listen_endpoints = get_endpoints_from_section(cfg, 'ssh', 2222)
else:
listen_endpoints = get_endpoints_from_section(cfg, 'honeypot', 2222)
create_endpoint_services(reactor, topService, listen_endpoints, factory)
if enableTelnet:
f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
f.tac = self
f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
f.portal.registerChecker(core.checkers.HoneypotPasswordChecker(cfg))
listen_endpoints = get_endpoints_from_section(cfg, 'telnet', 2223)
create_endpoint_services(reactor, topService, listen_endpoints, f)
if enableCoAP:
# fact = cowrie.coap.factory.CowrieCoAPFactory(cfg)
# factory.tac = self
# fact.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
# fact.portal.registerChecker(core.checkers.HoneypotPasswordChecker(cfg))
listen_endpoints = get_endpoints_from_section(cfg, 'coap', 5683)
# print (listen_endpoints[0].split(':')[1])
# create_endpoint_services(reactor, topService, listen_endpoints, fact)
root = resource.CoAPResource()
well_known = resource.CoAPResource()
root.putChild('.well-known', well_known)
coreCoAP = CoreResource(root)
well_known.putChild('core', coreCoAP)
counter = CounterResource(5000)
root.putChild('counter', counter)
time = TimeResource()
root.putChild('time', time)
other = resource.CoAPResource()
root.putChild('other', other)
block = BlockResource()
other.putChild('block', block)
separate = SeparateLargeResource()
other.putChild('separate', separate)
endpoint = resource.Endpoint(root)
reactor.listenUDP(int(listen_endpoints[0].split(':')[1]), coap.Coap(endpoint)) #, interface="::")
log.msg(eventid='cowrie.coap.connected',
protocol='CoAP')
# internet.StreamServerEndpointService(endpoint, factory).setServiceParent(topService)
# endpoint = resource.Endpoint(root)
# service_object = reactor.listenUDP(int(port), coap.Coap(endpoint))
return topService
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(options["config"])
# ssh is enabled by default
if cfg.has_option('ssh', 'enabled') == False or \
(cfg.has_option('ssh', 'enabled') and \
cfg.getboolean('ssh', 'enabled') == True):
enableSSH = True
else:
enableSSH = False
# telnet is disabled by default
if cfg.has_option('telnet', 'enabled') and \
cfg.getboolean('telnet', 'enabled') == True:
enableTelnet = True
else:
enableTelnet = False
if enableTelnet == False and enableSSH == False:
print('ERROR: You must at least enable SSH or Telnet')
sys.exit(1)
# Load db loggers
self.dbloggers = []
for x in cfg.sections():
if not x.startswith('database_'):
continue
engine = x.split('_')[1]
try:
dblogger = __import__( 'cowrie.dblog.{}'.format(engine),
globals(), locals(), ['dblog']).DBLogger(cfg)
log.addObserver(dblogger.emit)
self.dbloggers.append(dblogger)
log.msg("Loaded dblog engine: {}".format(engine))
except:
log.err()
log.msg("Failed to load dblog engine: {}".format(engine))
# Load output modules
self.output_plugins = []
for x in cfg.sections():
if not x.startswith('output_'):
continue
engine = x.split('_')[1]
try:
output = __import__( 'cowrie.output.{}'.format(engine),
globals(), locals(), ['output']).Output(cfg)
log.addObserver(output.emit)
self.output_plugins.append(output)
log.msg("Loaded output engine: {}".format(engine))
except:
log.err()
log.msg("Failed to load output engine: {}".format(engine))
topService = service.MultiService()
application = service.Application('cowrie')
topService.setServiceParent(application)
if enableSSH:
factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
factory.tac = self
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.getboolean('honeypot', 'auth_none_enabled') == True:
factory.portal.registerChecker(
core.checkers.HoneypotNoneChecker())
if cfg.has_option('ssh', 'listen_addr'):
listen_ssh_addr = cfg.get('ssh', 'listen_addr')
elif cfg.has_option('honeypot', 'listen_addr'):
listen_ssh_addr = cfg.get('honeypot', 'listen_addr')
else:
listen_ssh_addr = '0.0.0.0'
# Preference: 1, option, 2, config, 3, default of 2222
if options['port'] != 0:
listen_ssh_port = int(options["port"])
elif cfg.has_option('ssh', 'listen_port'):
listen_ssh_port = cfg.getint('ssh', 'listen_port')
elif cfg.has_option('honeypot', 'listen_port'):
listen_ssh_port = cfg.getint('honeypot', 'listen_port')
else:
listen_ssh_port = 2222
for i in listen_ssh_addr.split():
svc = internet.TCPServer(listen_ssh_port, factory, interface=i)
# FIXME: Use addService on topService ?
svc.setServiceParent(topService)
if enableTelnet:
if cfg.has_option('telnet', 'listen_addr'):
listen_telnet_addr = cfg.get('telnet', 'listen_addr')
else:
listen_telnet_addr = '0.0.0.0'
# Preference: 1, config, 2, default of 2223
if cfg.has_option('telnet', 'listen_port'):
listen_telnet_port = cfg.getint('telnet', 'listen_port')
else:
listen_telnet_port = 2223
f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
f.tac = self
f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
f.portal.registerChecker(core.checkers.HoneypotPasswordChecker(cfg))
for i in listen_telnet_addr.split():
tsvc = internet.TCPServer(listen_telnet_port, f, interface=i)
# FIXME: Use addService on topService ?
tsvc.setServiceParent(topService)
return topService
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(options["config"])
topService = service.MultiService()
application = service.Application('cowrie')
topService.setServiceParent(application)
factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.getboolean('honeypot', 'auth_none_enabled') == True:
factory.portal.registerChecker(core.checkers.HoneypotNoneChecker())
# ssh is enabled by default
if cfg.has_option('ssh', 'enabled') == False or \
(cfg.has_option('ssh', 'enabled') and \
cfg.getboolean('ssh', 'enabled') == True):
enableSSH = True
else:
enableSSH = False
# telnet is disabled by default
if cfg.has_option('telnet', 'enabled') and \
cfg.getboolean('telnet', 'enabled') == True:
enableTelnet = True
else:
enableTelnet = False
if enableTelnet == False and enableSSH == False:
print('ERROR: You must at least enable SSH or Telnet')
sys.exit(1)
if enableSSH:
if cfg.has_option('ssh', 'listen_addr'):
listen_ssh_addr = cfg.get('ssh', 'listen_addr')
elif cfg.has_option('honeypot', 'listen_addr'):
listen_ssh_addr = cfg.get('honeypot', 'listen_addr')
else:
listen_ssh_addr = '0.0.0.0'
# Preference: 1, option, 2, config, 3, default of 2222
if options['port'] != 0:
listen_ssh_port = int(options["port"])
elif cfg.has_option('ssh', 'listen_port'):
listen_ssh_port = cfg.getint('ssh', 'listen_port')
elif cfg.has_option('honeypot', 'listen_port'):
listen_ssh_port = cfg.getint('honeypot', 'listen_port')
else:
listen_ssh_port = 2222
for i in listen_ssh_addr.split():
svc = internet.TCPServer(listen_ssh_port, factory, interface=i)
# FIXME: Use addService on topService ?
svc.setServiceParent(topService)
if enableTelnet:
if cfg.has_option('telnet', 'listen_addr'):
listen_telnet_addr = cfg.get('telnet', 'listen_addr')
else:
listen_telnet_addr = '0.0.0.0'
# Preference: 1, config, 2, default of 2223
if cfg.has_option('telnet', 'listen_port'):
listen_telnet_port = cfg.getint('telnet', 'listen_port')
else:
listen_telnet_port = 2223
f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
f.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
for i in listen_telnet_addr.split():
tsvc = internet.TCPServer(listen_telnet_port, f, interface=i)
# FIXME: Use addService on topService ?
tsvc.setServiceParent(topService)
if cfg.has_option('honeypot', 'interact_enabled') and \
cfg.getboolean('honeypot', 'interact_enabled') == True:
iport = int(cfg.get('honeypot', 'interact_port'))
# FIXME this doesn't support checking both Telnet and SSH sessions
from cowrie.core import interact
svc = internet.TCPServer(iport,
interact.makeInteractFactory(factory),
interface='127.0.0.1')
# FIXME: Use addService on topService ?
svc.setServiceParent(topService)
return topService
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(options["config"])
# ssh is enabled by default
if cfg.has_option('ssh', 'enabled') == False or \
(cfg.has_option('ssh', 'enabled') and \
cfg.getboolean('ssh', 'enabled') == True):
enableSSH = True
else:
enableSSH = False
# telnet is disabled by default
if cfg.has_option('telnet', 'enabled') and \
cfg.getboolean('telnet', 'enabled') == True:
enableTelnet = True
else:
enableTelnet = False
if enableTelnet == False and enableSSH == False:
print('ERROR: You must at least enable SSH or Telnet')
sys.exit(1)
# Load db loggers
self.dbloggers = []
for x in cfg.sections():
if not x.startswith('database_'):
continue
engine = x.split('_')[1]
try:
dblogger = __import__('cowrie.dblog.{}'.format(engine),
globals(), locals(),
['dblog']).DBLogger(cfg)
log.addObserver(dblogger.emit)
self.dbloggers.append(dblogger)
log.msg("Loaded dblog engine: {}".format(engine))
except:
log.err()
log.msg("Failed to load dblog engine: {}".format(engine))
# Load output modules
self.output_plugins = []
for x in cfg.sections():
if not x.startswith('output_'):
continue
engine = x.split('_')[1]
try:
output = __import__('cowrie.output.{}'.format(engine),
globals(), locals(),
['output']).Output(cfg)
log.addObserver(output.emit)
self.output_plugins.append(output)
log.msg("Loaded output engine: {}".format(engine))
except:
log.err()
log.msg("Failed to load output engine: {}".format(engine))
topService = service.MultiService()
application = service.Application('cowrie')
topService.setServiceParent(application)
if enableSSH:
factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
factory.tac = self
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.getboolean('honeypot', 'auth_none_enabled') == True:
factory.portal.registerChecker(
core.checkers.HoneypotNoneChecker())
if cfg.has_option('ssh', 'listen_addr'):
listen_ssh_addr = cfg.get('ssh', 'listen_addr')
elif cfg.has_option('honeypot', 'listen_addr'):
listen_ssh_addr = cfg.get('honeypot', 'listen_addr')
else:
listen_ssh_addr = '0.0.0.0'
# Preference: 1, option, 2, config, 3, default of 2222
if options['port'] != 0:
listen_ssh_port = int(options["port"])
elif cfg.has_option('ssh', 'listen_port'):
listen_ssh_port = cfg.getint('ssh', 'listen_port')
elif cfg.has_option('honeypot', 'listen_port'):
listen_ssh_port = cfg.getint('honeypot', 'listen_port')
else:
listen_ssh_port = 2222
for i in listen_ssh_addr.split():
svc = internet.TCPServer(listen_ssh_port, factory, interface=i)
# FIXME: Use addService on topService ?
svc.setServiceParent(topService)
if enableTelnet:
if cfg.has_option('telnet', 'listen_addr'):
listen_telnet_addr = cfg.get('telnet', 'listen_addr')
else:
listen_telnet_addr = '0.0.0.0'
# Preference: 1, config, 2, default of 2223
if cfg.has_option('telnet', 'listen_port'):
listen_telnet_port = cfg.getint('telnet', 'listen_port')
else:
listen_telnet_port = 2223
f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
f.tac = self
f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
f.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
for i in listen_telnet_addr.split():
tsvc = internet.TCPServer(listen_telnet_port, f, interface=i)
# FIXME: Use addService on topService ?
tsvc.setServiceParent(topService)
return topService
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(options["config"])
if cfg.has_option('honeypot', 'listen_addr'):
listen_addr = cfg.get('honeypot', 'listen_addr')
else:
listen_addr = '0.0.0.0'
# Preference: 1, option, 2, config, 3, default of 2222
if options['port'] != 0:
listen_ports = options["port"]
elif cfg.has_option('honeypot', 'listen_ports'):
listen_ports = cfg.get('honeypot', 'listen_ports')
else:
listen_ports = "2222"
listen_ports_range = [int(port) for port in listen_ports.split(" ")]
if len(listen_ports_range) == 1:
listen_ports_enum = [listen_ports_range[0]]
else:
listen_ports_enum = range(listen_ports_range[0], listen_ports_range[1]+1)
factory = core.ssh.HoneyPotSSHFactory(cfg)
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
# Disable pubkey checking, it breaks mitmproxy on Turris
#factory.portal.registerChecker(
# core.checkers.HoneypotPublicKeyChecker(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.get('honeypot', 'auth_none_enabled').lower() in \
('yes', 'true', 'on'):
factory.portal.registerChecker(
core.checkers.HoneypotNoneChecker())
top_service = top_service = service.MultiService()
for i in listen_addr.split():
for port in listen_ports_enum:
svc = internet.TCPServer(port, factory, interface=i)
svc.setServiceParent(top_service)
if cfg.has_option('honeypot', 'interact_enabled') and \
cfg.get('honeypot', 'interact_enabled').lower() in \
('yes', 'true', 'on'):
iport = int(cfg.get('honeypot', 'interact_port'))
from cowrie.core import interact
svc = internet.TCPServer(iport,
interact.makeInteractFactory(factory))
svc.setServiceParent(top_service)
application = service.Application('cowrie')
top_service.setServiceParent(application)
return top_service