def connectionMade(self):
if (self.transport.getHost().port == config.smtpPort):
self.name = config.smtpName
elif (self.transport.getHost().port == config.smtpsPort):
self.name = config.smtpsName
else:
log.err("Please check SMTP/SMTPS port configuration!")
self.name = "SMTP/SMTPS"
self.setTimeout(self.timeoutPreAuth)
log.info(self.name + " established connection to " +
str(self.transport.getPeer().host) + ":" +
str(self.transport.getPeer().port))
# add connection to dictionary
self.factory.clients[self] = (str(self.transport.getPeer().host) +
":" + str(self.transport.getPeer().port))
# protocol state
self.state["connected"] = True
self.peerOfAttacker = self.transport.getPeer().host
response = "220 Service ready ESMTP\r\n"
self.transport.write(response.encode("UTF-8"))
def timeoutConnection(self):
response = "* BYE Connection closed due to timeout\r\n"
log.info(self.name + " (" + self.peerOfAttacker +
"): Timeout waiting for client input")
self.transport.write(response.encode("UTF-8"))
# close connection gently (nonblocking, send buffers before closing, client is able to receive error message)
self.transport.loseConnection()
def connectionLost(self, reason):
log.info(self.name + " lost connection to " +
str(self.transport.getPeer().host) + ":" +
str(self.transport.getPeer().port))
self.setTimeout(None)
# remove connection from dictionary
del self.factory.clients[self]
def connectionMade(self):
if (self.transport.getHost().port == config.imapPort):
self.name = config.imapName
elif (self.transport.getHost().port == config.imapsPort):
self.name = config.imapsName
else:
log.err("Please check IMAP/IMAPS port configuration!")
self.name = "IMAP/IMAPS"
self.setTimeout(self.timeoutPreAuth)
log.info(self.name + " established connection to " +
str(self.transport.getPeer().host) + ":" +
str(self.transport.getPeer().port))
# add connection to dictionary
self.factory.clients[self] = (str(self.transport.getPeer().host) +
":" + str(self.transport.getPeer().port))
# protocol state
self.state["connected"] = True
self.stateRFC = IMAPState.NotAuth
self.peerOfAttacker = self.transport.getPeer().host
# server hello
response = "* OK IMAP4rev1 Service Ready\r\n"
self.transport.write(response.encode("UTF-8"))
def timeoutConnection(self):
response = "-ERR Timeout waiting for client input\r\n"
log.info(self.name+" ("+self.peerOfAttacker+"): Timeout waiting for client input")
self.transport.write(response.encode("UTF-8"))
# close connection gently (nonblocking, send buffers before closing, client is able to receive error message)
self.transport.loseConnection()
time.sleep(5)
# force close connection after waiting duration
self.transport.abortConnection()
def stopService(self, name):
"""
Stops the given service and removes it from threadDict
:param name: Name of the service (str)
"""
log.info("Stop Service: " + name)
if name in self.runningServicesDict:
self.serviceDict[name].stopService()
self.runningServicesDict.pop(name)
if name not in config.noPortSpecificService:
self.listen.startOnPort(self.serviceDict[name]._port)
return True
else:
return False
def startService(self, name):
"""
Starts the given service and adds it to threadDict
:param name: Name of the service (str)
"""
log.info("Try StartService: " + name)
if name not in self.runningServicesDict:
if name not in config.noPortSpecificService:
self.listen.stopOnPort(self.serviceDict[name]._port)
self.serviceDict[name].startService()
self.runningServicesDict[name] = self.serviceDict[name]
return True
else:
return False
def writeToDatabase(self, user, pw, services):
if type(user) is bytes:
user = user.decode()
if type(pw) is bytes:
pw = pw.decode()
try:
with open(self.filepath, "a") as file:
log.info("Begin Honeytoken creation: {} : {}".format(
user, pw)) #TODO make this a proper log type
file.write("\n" + services + self.sep + user + self.sep + pw +
self.sep)
except Exception as e:
log.err("Honeytoken DB write exception: {}".format(e))
def __init__(self):
"""
Opens a RAW socket which is able to monitor all TCP/IP Traffic within the machine.
Root priv. are needed!
"""
super(TCPFlagSniffer, self).__init__()
self._name = config.tcpFlagSnifferName
self.synConnections = dict([])
self.reInstanceThreads()
self.synConnectionsLock = threading.Lock()
self.rootStatus = True
try:
self.rSock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
except socket.error:
log.info("RAW Socket could not be created. You are root?")
log.err("TCPFlagSniffer wird nicht ordnungsgemäß ausgeführt werden!")
self.rootStatus = False
def connectionMade(self):
if (self.transport.getHost().port == config.pop3Port):
self.name = config.pop3Name
elif (self.transport.getHost().port == config.pop3sPort):
self.name = config.pop3sName
else:
log.err("Please check POP3/POP3S port configuration!")
self.name = "POP3/POP3S"
self.setTimeout(self.timeoutPreAuth)
log.info(self.name+" established connection to "+str(self.transport.getPeer().host)+":"+str(self.transport.getPeer().port))
# add connection to dictionary
self.factory.clients[self] = (str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port))
# protocol state
self.state["connected"] = True
self.peerOfAttacker = self.transport.getPeer().host
# TODO: modify server name
response = "+OK example.com POP3 server\r\n"
self.transport.write(response.encode("UTF-8"))
def shutdownHoneyGrove():
log.info("Shutting down")
ssh_database.save()
quit()
from honeygrove.logging import log
from honeygrove.resources.ssh_resources import database as ssh_database
from honeygrove.core.HoneyAdapter import HoneyAdapter
def shutdownHoneyGrove():
log.info("Shutting down")
ssh_database.save()
quit()
if __name__ == '__main__':
"""
Startup module. Name needs to be like this for the automatic import of the other modules.
"""
log.info("Starting HoneyGrove")
if not os.getuid() == 0:
print(
"[-] Honeygrove must be run as root. \n[!] Starting anyway! \n[!] Some functions are not working correctly!")
HoneyAdapter.init()
commandThread = threading.Thread(target=HoneyAdapter.command_message_loop, args=())
heartbeatThread = threading.Thread(target=HoneyAdapter.hearbeat, args=())
commandThread.name = "CommandThread"
heartbeatThread.name = "HeartbeatThread"
commandThread.start()
heartbeatThread.start()
