def connectionMade(self): if self.transport.getHost().port == Config.smtp.port: self.name = Config.smtp.name elif self.transport.getHost().port == Config.smtps.port: self.name = Config.smtps.name else: log.err("Please check SMTP/SMTPS port Configuration!") self.name = "SMTP/SMTPS" self.setTimeout(self.timeoutPreAuth) log.info(self.name + " established connection to " + str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) # add connection to dictionary self.factory.clients[self] = (str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) # protocol state self.state["connected"] = True self.peerOfAttacker = self.transport.getPeer().host response = "220 Service ready ESMTP\r\n" self.transport.write(response.encode("UTF-8"))
def save_database(): try: with open(str(Config.ssh.database_path), 'w') as fp: fp.write(json.dumps(lastLoginTime)) except Exception: # e.g. insufficient write permissions, io error etc. log.err("Failed to write lastLoginTime to file \""+str(Config.ssh.database_path)+"\"")
def stopService(self): self._stop = True self._transport.stopListening() try: self._transport.connectionLost("Force close/cleanup due to next service scheduling") except AttributeError as err: log.err("HTTPService.connectionLost threw AttributeError: " + err)
def connectionMade(self): if (self.transport.getHost().port == Config.imap.port): self.name = Config.imap.name elif (self.transport.getHost().port == Config.imaps.port): self.name = Config.imaps.name else: log.err("Please check IMAP/IMAPS port Configuration!") self.name = "IMAP/IMAPS" self.setTimeout(self.timeoutPreAuth) log.info(self.name + " established connection to " + str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) # add connection to dictionary self.factory.clients[self] = (str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) # protocol state self.state["connected"] = True self.stateRFC = IMAPState.NotAuth self.peerOfAttacker = self.transport.getPeer().host # server hello response = "* OK IMAP4rev1 Service Ready\r\n" self.transport.write(response.encode("UTF-8"))
def lookupChannel(self, channelType, windowSize, maxPacket, data): klass = self.channelLookup.get(channelType, None) if not klass: log.err("Channel {} requested but not found!".format(channelType.decode())) else: return klass(remoteWindow=windowSize, remoteMaxPacket=maxPacket, data=data, avatar=self)
def load_database(): global lastLoginTime try: with open(str(Config.ssh.database_path), 'r') as fp: lastLoginTime = json.loads(fp.read()) except FileNotFoundError: pass except Exception: # e.g. damaged json encoding log.err("Failed to load lastLoginTime from existing file \""+str(Config.ssh.database_path)+"\"")
def write_to_database(self, user, pw, services): if type(user) is bytes: user = user.decode() if type(pw) is bytes: pw = pw.decode() try: with open(self.filepath, "a") as fp: log.info("Begin Honeytoken creation: {} : {}".format(user, pw)) # TODO make this a proper log type fp.write("\n" + services + self.sep + user + self.sep + pw + self.sep) except Exception as e: log.err("Honeytoken DB write exception: {}".format(e))
def stopService(self): """ Closes all open ports and stops the Service """ if not self._stop: for key, _ in self._transport.items(): self._transport[key].stopListening() try: self._transport[key].connectionLost( "Force close/cleanup due to next service scheduling") except AttributeError: log.err( "ListenService connectionLost wirft AttributeError!", key) self._stop = True self._active = False
def stopOnPort(self, port): """ Stop service on a specific port. :param port: the port where the service should stop listening """ if port in self._transport and self._active: self._transport[port].stopListening() try: self._transport[port].connectionLost( "Force close/cleanup due to next service scheduling") except AttributeError: log.err("ListenService connectionLost wirft AttributeError!", port) self._transport.pop(port, None) # Dict is Empty if not self._transport: self._stop = True
def startService(self): """ Start service on all ports defined in Config.py. Ignores ports where it can't listen. :return: """ try: self._stop = False for port in self._ports: try: self._transport[port] = reactor.listenTCP( port, self._fService, interface=self._interface) except CannotListenError: pass self._active = True except Exception as e: log.err(e) self._stop = True
def connectionMade(self): if (self.transport.getHost().port == Config.pop3.port): self.name = Config.pop3.name elif (self.transport.getHost().port == Config.pop3s.port): self.name = Config.pop3s.name else: log.err("Please check POP3/POP3S port Configuration!") self.name = "POP3/POP3S" self.setTimeout(self.timeoutPreAuth) log.info(self.name+" established connection to "+str(self.transport.getPeer().host)+":"+str(self.transport.getPeer().port)) # add connection to dictionary self.factory.clients[self] = (str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) # protocol state self.state["connected"] = True self.peerOfAttacker = self.transport.getPeer().host # TODO: modify server name response = "+OK example.com POP3 server\r\n" self.transport.write(response.encode("UTF-8"))
def __init__(self): """ Opens a RAW socket which is able to monitor all TCP/IP Traffic within the machine. Root priv. are needed! """ super(TCPFlagSniffer, self).__init__() self._name = Config.tcp_scan.name self.synConnections = dict([]) self.finConnections = dict([]) self.xmasConnections = dict([]) self.reInstanceThreads() self.synConnectionsLock = threading.Lock() self.rootStatus = True try: self.rSock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP) except socket.error: log.info("RAW Socket could not be created. You are root?") log.err( "TCPFlagSniffer wird nicht ordnungsgemäß ausgeführt werden!") self.rootStatus = False