def preAuthConn(self, input):
success, theSensorName, theIP, thePort = input
if success:
if not self.disconnected:
log.msg('[SERVER] Connecting to Honeypot: ' + theSensorName +
' (' + theIP + ':' + str(thePort) + ')')
clientFactory = client.HonsshClientFactory()
clientFactory.server = self
self.bindIP = self.net.setupNetworking(self.endIP,
str(thePort))
self.networkingSetup = True
reactor.connectTCP(theIP,
thePort,
clientFactory,
bindAddress=(self.bindIP,
self.transport.getPeer().port),
timeout=10)
self.sshParse = ssh.SSH(self, self.out)
tunnelsUpDefer = threads.deferToThread(self.tunnelsUp)
tunnelsUpDefer.addCallback(self.tunnelsUpConn)
else:
log.msg("[SERVER][ERROR] SCRIPT ERROR - " + theSensorName)
log.msg("[SERVER][ERROR] - DISCONNECTING ATTACKER")
self.loseConnection()
def connectionMade(self):
if self.wasConnected:
print("FAIL")
return
self.out = output_handler.Output(self.factory)
self.net = networking.Networking()
self.sshParse = ssh.SSH(self, self.out)
self.peer_ip = self.transport.getPeer().host
self.peer_port = self.transport.getPeer().port + 1
self.local_ip = self.transport.getHost().host
self.local_port = self.transport.getHost().port
self.pre_auth = pre_auth_handler.PreAuth(self)
self.post_auth = post_auth_handler.PostAuth(self)
self.wasConnected = True
# Get auth plugins
plugin_list = plugins.get_plugin_list(plugin_type='honeypot')
pre_auth_plugin = plugins.import_auth_plugin(self.pre_auth.name,
plugin_list)
post_auth_plugin = plugins.import_auth_plugin(self.post_auth.name,
plugin_list)
# Check pre auth plugin is set
if pre_auth_plugin is None:
log.msg(log.LRED, '[SERVER]',
'NO AUTH PLUGIN ENABLED FOR ' + self.pre_auth.name)
else:
self.pre_auth.auth_plugin = pre_auth_plugin
# Check post auth plugin is set
if post_auth_plugin is None:
log.msg(log.LRED, '[SERVER]',
'NO AUTH PLUGIN ENABLED FOR ' + self.post_auth.name)
else:
self.post_auth.auth_plugin = post_auth_plugin
# Check for same auth plugin
if post_auth_plugin.__class__ is pre_auth_plugin.__class__:
# Share auth plugin instance
self.post_auth.auth_plugin = self.pre_auth.auth_plugin
# Execute pre auth
self.pre_auth.start()
honsshServer.HonsshServer.connectionMade(self)
def connectionMade(self):
self.sshParse = ssh.SSH(self)
self.peer_ip = self.transport.getPeer().host
self.peer_port = self.transport.getPeer().port + 1
self.local_ip = self.transport.getHost().host
self.local_port = self.transport.getHost().port
self.pre_auth = pre_auth_handler.PreAuth(self)
self.post_auth = post_auth_handler.PostAuth(self)
# Execute pre auth
self.pre_auth.start()
"""
Called when the connection is made to the other side. We sent our
version and the MSG_KEXINIT packet.
"""
self.transport.write('{0}\r\n'.format(self.ourVersionString).encode())
self.currentEncryptions = transport.SSHCiphers(b'none', b'none', b'none', b'none')
self.currentEncryptions.setKeys(b'', b'', b'', b'', b'', b'')
self.otherVersionString = 'Unknown'
def connectionMade(self):
self.timeoutCount = 0
self.interactors = []
global dockerId
try:
dockerId = honeydocker.start_container()
except:
log.msg("Port Already in use. Not starting a new container")
clientFactory = client.HonsshClientFactory()
clientFactory.server = self
self.factory.sessions[self.transport.sessionno] = self
self.out = output.Output(self.factory.hpLog, self.factory.dbLog)
self.net = networking.Networking()
self.clientConnected = False
self.delayedPackets = []
self.endIP = self.transport.getPeer().host
self.bindIP = self.net.setupNetworking(self.endIP)
reactor.connectTCP(self.cfg.get('honeypot', 'honey_addr'),
22,
clientFactory,
bindAddress=(self.bindIP,
self.transport.getPeer().port),
timeout=10)
d = threads.deferToThread(self.checkClientConnected)
d.addCallback(self.clientConn)
self.out.connectionMade(self.endIP, self.transport.getPeer().port)
self.sshParse = ssh.SSH(self, self.out)
honsshServer.HonsshServer.connectionMade(self)
def connectionMade(self):
self.timeoutCount = 0
self.interactors = []
self.wasConnected = False
self.out = output_handler.Output(self.factory)
self.net = networking.Networking()
self.sshParse = ssh.SSH(self, self.out)
self.disconnected = False
self.clientConnected = False
self.post_auth_started = False
self.spoofed = False
self.peer_ip = self.transport.getPeer().host
self.peer_port = self.transport.getPeer().port + 1
self.local_ip = self.transport.getHost().host
self.local_port = self.transport.getHost().port
self.pre_auth = pre_auth_handler.Pre_Auth(self)
self.post_auth = post_auth_handler.Post_Auth(self)
honsshServer.HonsshServer.connectionMade(self)