def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal("mysql.port", default=3306)) self.banner = config.getVal("mysql.banner", default="5.5.43-0ubuntu0.14.04.1").encode() self.logtype = logger.LOG_MYSQL_LOGIN_ATTEMPT if re.search('^[3456]\.[-_~.+\w]+$', self.banner) is None: raise ConfigException("sql.banner", "Invalid MySQL Banner")
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.port = int(instanceParams.get('httpproxy.port', 8443)) self.banner = instanceParams.get('httpproxy.banner', '').encode('utf8') self.skin = instanceParams.get('httpproxy.skin', 'squid') self.maskpassword = instanceParams.get('httpproxy.maskpassword', True) else: self.port = int(config.getVal('httpproxy.port', default=8443)) self.banner = config.getVal('httpproxy.banner', '').encode('utf8') self.skin = config.getVal('httpproxy.skin', default='squid') self.maskpassword = config.getVal('httpproxy.maskpassword', True) self.skindir = os.path.join(HTTPProxy.resource_dir(), 'skin', self.skin) self.logtype = logger.LOG_HTTPPROXY_LOGIN_ATTEMPT self.listen_addr = config.getVal('device.listen_addr', default='') authfilename = os.path.join(self.skindir, 'auth.html') try: with open(authfilename, 'r') as f: self.auth_template = Template(f.read()) except: self.auth_template = Template("")
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal("ssh.port", default=22)) self.version = config.getVal( "ssh.version", default="SSH-2.0-OpenSSH_5.1p1 Debian-5").encode('utf8') self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal("mssql.port", default=1433)) self.version = config.getVal("mssql.version", default="2012") self.listen_addr = config.getVal('device.listen_addr', default='') if self.version not in MSSQLProtocol.NMAP_PROBE_1_RESP: raise ConfigException("mssql.version", "Invalid MSSQL Version")
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) self.audit_file = config.getVal('smb.auditfile', default='/var/log/samba-audit.log') self.sharepath = config.getVal('smb.sharepath', default='/briar/smb/openshare') self.config = config
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.port = int(instanceParams['sip.port']) else: self.port = int(config.getVal('sip.port', default=5060)) self.logtype = self.logger.LOG_SIP_REQUEST self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config, logger) self.hostname = config.getVal('device.node_id') self.localip = config.getVal('device.listen_addr') self.serverip = config.getVal('server.ip') self.last_time = datetime.now().strftime("%Y-%m-%d %H:%M:%S.%f") self.status = "online" self.logtype = logger.LOG_HOST
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.port = int(instanceParams['ntp.port']) else: self.port = int(config.getVal('ntp.port', default=123)) self.logtype = logger.LOG_NTP_MONLIST self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal('telnet.port', default=8023)) self.banner = config.getVal('telnet.banner', '').encode('utf8') self.logtype = logger.LOG_TELNET_LOGIN_ATTEMPT if self.banner: self.banner += "\n"
def __init__(self,config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.banner = config.getVal('ftp.banner', default='FTP Ready.').encode('utf8') self.port = config.getVal('ftp.port', default=21) # find a place to check that logtype is initialised # find a place to check that factory has service attached self.logtype = logger.LOG_FTP_LOGIN_ATTEMPT
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal('telnet.port', default=8023)) self.banner = config.getVal('telnet.banner', '').encode('utf8') self.logtype = logger.LOG_TELNET_LOGIN_ATTEMPT if self.banner: self.banner += "\n"
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.port = int(instanceParams['snmp.port']) else: self.port = int(config.getVal('snmp.port', default=161)) self.logtype = logger.LOG_SNMP_CMD self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config, logger) if instanceParams: self.port = int(instanceParams["vnc.port"]) else: self.port = int(config.getVal("vnc.port", 5900)) self.logtype = logger.LOG_VNC
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal("mysql.port", default=3306)) self.banner = config.getVal("mysql.banner", default="5.5.43-0ubuntu0.14.04.1").encode() self.logtype = logger.LOG_MYSQL_LOGIN_ATTEMPT self.listen_addr = config.getVal('device.listen_addr', default='') if re.search('^[3456]\.[-_~.+\w]+$', self.banner.decode()) is None: raise ConfigException("sql.banner", "Invalid MySQL Banner")
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.banner = config.getVal('ftp.banner', default='FTP Ready.').encode('utf8') self.port = config.getVal('ftp.port', default=21) # find a place to check that logtype is initialised # find a place to check that factory has service attached self.logtype = logger.LOG_FTP_LOGIN_ATTEMPT
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.audit_file = config.getVal('portscan.logfile', default='/var/log/kern.log') self.synrate = int(config.getVal('portscan.synrate', default=5)) self.listen_addr = config.getVal('device.listen_addr', default='') self.listen_interface = config.getVal('device.listen_interface', default='') self.config = config
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.skin = config.getVal('http.skin', default='basicLogin') self.skindir = os.path.join( CanaryHTTP.resource_dir(), "skin", self.skin) self.staticdir = os.path.join(self.skindir, "static") self.port = int(config.getVal('http.port', default=80)) ubanner = config.getVal('http.banner', default="Apache/2.2.22 (Ubuntu)") self.banner = ubanner.encode('utf8') StaticNoDirListing.BANNER = self.banner
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.skin = config.getVal('http.skin', default='basicLogin') self.skindir = os.path.join( CanaryHTTP.resource_dir(), "skin", self.skin) self.staticdir = os.path.join(self.skindir, "static") self.port = int(config.getVal('http.port', default=80)) ubanner = config.getVal('http.banner', default="Apache/2.2.22 (Ubuntu)") self.banner = ubanner.encode('utf8') StaticNoDirListing.BANNER = self.banner self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.port = int(instanceParams["ssh.port"]) self.version = instanceParams["ssh.version"].encode('utf8') self.maskpassword = instanceParams.get('ssh.maskpassword', True) else: self.port = int(config.getVal("ssh.port", default=22)) self.version = config.getVal( "ssh.version", default="SSH-2.0-OpenSSH_5.1p1 Debian-5").encode('utf8') self.maskpassword = config.getVal('ssh.maskpassword', True) self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.port = int(instanceParams.get("mssql.port", 1433)) self.version = instanceParams.get("mssql.version", "2012") self.maskpassword = instanceParams.get("mssql.maskpassword", True) else: self.port = int(config.getVal("mssql.port", default=1433)) self.version = config.getVal("mssql.version", default="2012") self.maskpassword = config.getVal("mssql.maskpassword", True) self.listen_addr = config.getVal('device.listen_addr', default='') if self.version not in MSSQLProtocol.NMAP_PROBE_1_RESP: raise ConfigException("mssql.version", "Invalid MSSQL Version")
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal('httpproxy.port', default=8443)) self.banner = config.getVal('httpproxy.banner', '').encode('utf8') self.skin = config.getVal('httpproxy.skin', default='squid') self.skindir = os.path.join(HTTPProxy.resource_dir(), 'skin', self.skin) self.logtype = logger.LOG_HTTPPROXY_LOGIN_ATTEMPT authfilename = os.path.join(self.skindir, 'auth.html') try: with open(authfilename, 'r') as f: self.auth_template = Template(f.read()) except: self.auth_template = Template("")
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.banner = instanceParams['ftp.banner'].encode('utf8') self.port = instanceParams['ftp.port'] self.maskpassword = instanceParams.get('ftp.maskpassword', True) else: self.banner = config.getVal('ftp.banner', default='FTP Ready.').encode('utf8') self.port = config.getVal('ftp.port', default=21) self.maskpassword = config.getVal('ftp.maskpassword', True) # find a place to check that logtype is initialised # find a place to check that factory has service attached self.logtype = logger.LOG_FTP_LOGIN_ATTEMPT self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal('httpproxy.port', default=8443)) self.banner = config.getVal('httpproxy.banner', '').encode('utf8') self.skin = config.getVal('httpproxy.skin', default='squid') self.skindir = os.path.join( HTTPProxy.resource_dir(), 'skin', self.skin) self.logtype = logger.LOG_HTTPPROXY_LOGIN_ATTEMPT self.listen_addr = config.getVal('device.listen_addr', default='') authfilename = os.path.join(self.skindir, 'auth.html') try: with open(authfilename, 'r') as f: self.auth_template = Template(f.read()) except: self.auth_template = Template("")
def __init__(self, config=None, logger=None): ServerFactory.__init__(self, 16, None, None) CanaryService.__init__(self, config, logger) self.rssFile = self.resource_filename("login.rss") reader = rss.createReader(self.rssFile) self.rss = [] while True: e = reader.nextEvent() if e: self.rss.append(e) else: break self.port = config.getVal("rdp.port", 3389) self.logtype = logger.LOG_RDP
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.port = int(instanceParams.get('telnet.port', 23)) self.banner = instanceParams.get('telnet.banner', '').encode('utf8') self.maskpassword = instanceParams.get('telnet.maskpassword', True) else: self.port = int(config.getVal('telnet.port', default=8023)) self.banner = config.getVal('telnet.banner', '').encode('utf8') self.maskpassword = config.getVal('telnet.maskpassword', True) self.logtype = logger.LOG_TELNET_LOGIN_ATTEMPT self.listen_addr = config.getVal('device.listen_addr', default='') if self.banner: self.banner += "\n"
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.port = int(instanceParams['http.port']) ubanner = instanceParams['http.banner'] self.banner = ubanner.encode('utf8') self.skin = instanceParams['http.skin'] self.maskpassword = instanceParams.get('http.maskpassword', True) else: self.port = int(config.getVal('http.port', default=80)) ubanner = config.getVal('http.banner', default="Apache/2.2.22 (Ubuntu)") self.banner = ubanner.encode('utf8') self.skin = config.getVal('http.skin', default='basicLogin') self.maskpassword = config.getVal('http.maskpassword', True) self.skindir = os.path.join(CanaryHTTP.resource_dir(), "skin", self.skin) self.staticdir = os.path.join(self.skindir, "static") StaticNoDirListing.BANNER = self.banner self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self, config=None, logger=None, instanceParams={}): ServerFactory.__init__(self, 16, None, None) CanaryService.__init__(self, config, logger) if instanceParams: self.port = instanceParams["rdp.port"] self.maskpassword = instanceParams.get('rdp.maskpassword', True) else: self.port = config.getVal("rdp.port", 3389) self.maskpassword = config.getVal('rdp.maskpassword', True) self.rssFile = self.resource_filename("login.rss") reader = rss.createReader(self.rssFile) self.rss = [] while True: e = reader.nextEvent() if e: self.rss.append(e) else: break self.logtype = logger.LOG_RDP
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.port = int(instanceParams["mysql.port"]) self.banner = instanceParams["mysql.banner"].encode() self.maskpassword = instanceParams.get("mysql.maskpassword", True) else: self.port = int(config.getVal("mysql.port", default=3306)) self.banner = config.getVal( "mysql.banner", default="5.5.43-0ubuntu0.14.04.1").encode() self.maskpassword = config.getVal("mysql.maskpassword", True) self.logtype = logger.LOG_MYSQL_LOGIN_ATTEMPT self.listen_addr = config.getVal('device.listen_addr', default='') if re.search('^[3456]\.[-_~.+\w]+$', self.banner) is None: mysql_version = re.search('x0A([^\\\\]+)', self.banner) if not self.banner: self.banner = "5.5.43" elif mysql_version: self.banner = mysql_version.groups()[0] else: self.banner = "5.5.43"
def __init__(self, config=None, logger=None, instanceParams={}): CanaryService.__init__(self, config=config, logger=logger) if instanceParams: self.port = int(instanceParams['generictcp.port']) self.probes = instanceParams['generictcp.probes'] else: self.port = int(config.getVal('generictcp.port', default=161)) self.probes = config.getVal('generictcp.probes', {}) self.blacklist = config.getVal('generictcp.blacklist', [139]) self.logtype = logger.LOG_GENERIC_TCP self.listen_addr = config.getVal('device.listen_addr', default='') if self.port in self.blacklist: self.probes = {} elif self.probes: for probe, response in self.probes.items(): try: self.probes[probe] = codecs.escape_decode(response)[0] except (ValueError): pass
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.audit_file = config.getVal('portscan.logfile', default='/var/log/kern.log') self.synrate = int(config.getVal('portscan.synrate', default=5)) self.nmaposrate = config.getVal('portscan.nmaposrate', default='5') self.lorate = config.getVal('portscan.lorate', default='3') self.listen_addr = config.getVal('device.listen_addr', default='') self.config = config try: self.synrate = int(self.synrate) except: self.synrate = 5 try: self.nmaposrate = int(self.nmaposrate) except: self.nmaposrate = 5 try: self.lorate = int(self.lorate) except: self.lorate = 3
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.audit_file = config.getVal('arpwatch.logfile', default='/var/log/arpwatch.log') self.config = config
def __init__(self,config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.audit_file = config.getVal('portscan.logfile', default='/var/log/kern.log') self.synrate = config.getVal('portscan.synrate', default='5') self.listen_addr = config.getVal('device.listen_addr', default='') self.config = config
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.audit_file = config.getVal("portscan.logfile", default="/var/log/kern.log") self.synrate = config.getVal("portscan.synrate", default="5") self.config = config
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal('ntp.port', default=123)) self.logtype = logger.LOG_NTP_MONLIST
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.audit_file = config.getVal("portscan.logfile", default="/var/log/kern.log") self.synrate = int(config.getVal("portscan.synrate", default=5)) self.listen_addr = config.getVal("device.listen_addr", default="") self.config = config
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal('snmp.port', default=161)) self.logtype = logger.LOG_SNMP_CMD
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.audit_file = config.getVal('smb.auditfile', default='/var/log/samba-audit.log') self.config = config
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal('sip.port', default=5060)) self.logtype=self.logger.LOG_SIP_REQUEST self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self,config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.audit_file = config.getVal('smb.auditfile', default='/var/log/samba-audit.log') self.sharepath = config.getVal('smb.sharepath', default='/briar/smb/openshare') self.config = config
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config, logger) self.port = 8007 self.logtype = logger.LOG_BASE_EXAMPLE
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal('tftp.port', default=69)) self.logtype=self.logger.LOG_TFTP
def __init__(self,config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal("ssh.port", default=22)) self.version = config.getVal("ssh.version", default="SSH-2.0-OpenSSH_5.1p1 Debian-5").encode('utf8') self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config=config, logger=logger) self.port = int(config.getVal('snmp.port', default=161)) self.logtype = logger.LOG_SNMP_CMD self.listen_addr = config.getVal('device.listen_addr', default='')
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config, logger) self.port = config.getVal("example1.port", 8025) self.logtype = logger.LOG_BASE_EXAMPLE
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config, logger) self.port = config.getVal("vnc.port", 5900) self.logtype = logger.LOG_VNC
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config, logger) self.port = config.getVal("vnc.port", 5900) self.logtype = logger.LOG_VNC
def __init__(self, config=None, logger=None): CanaryService.__init__(self, config, logger) self.port = config.getVal("example1.port", 8025) self.logtype = logger.LOG_BASE_EXAMPLE