def start():
from checker import PublicKeyCredentialsChecker
from factory import ForwardFactory
from realm import ForwardRealm
from session import ForwardSession
from twisted.conch.ssh import session
from twisted.cred import portal
from twisted.internet import reactor
from twisted.python import components, log
from twisted.web import server
import sys
from user import ForwardUser
from conf import config
import web
log.startLogging(sys.stderr)
components.registerAdapter(ForwardSession, ForwardUser, session.ISession)
portal = portal.Portal(ForwardRealm())
portal.registerChecker(PublicKeyCredentialsChecker())
ForwardFactory.portal = portal
print "running server on %s:%s" % (config['SSH_INTERFACE'],config['SSH_PORT'])
reactor.listenTCP(
port=config['SSH_PORT'],
interface=config['SSH_INTERFACE'],
factory=ForwardFactory()
)
reactor.listenTCP(port=config['WEB_PORT'],
interface=config['WEB_INTERFACE'],
factory=server.Site(web.MainSite()))
reactor.run()
def setup_secure_access(self):
try:
from twisted.cred import portal
portal = portal.Portal(NetconfRealm(self, self.grpc_client))
# setup userid-password access
password_file = '{}/{}/{}'.format(dir_path,
C.CLIENT_CRED_DIRECTORY,
self.client_passwords_file)
portal.registerChecker(FilePasswordDB(password_file))
# setup access when client uses keys
keys_file = '{}/{}/{}'.format(dir_path, C.CLIENT_CRED_DIRECTORY,
self.client_public_keys_file)
with open(keys_file) as f:
users = [line.rstrip('\n') for line in f]
users_dict = {}
for user in users:
users_dict[user.split(':')[0]] = [
keys.Key.fromFile('{}/{}/{}'.format(
dir_path, C.CLIENT_CRED_DIRECTORY,
user.split(':')[1]))
]
sshDB = SSHPublicKeyChecker(InMemorySSHKeyDB(users_dict))
portal.registerChecker(sshDB)
return portal
except Exception as e:
log.error('setup-secure-access-fail', exception=repr(e))
def start():
from checker import PublicKeyCredentialsChecker
from factory import ForwardFactory
from realm import ForwardRealm
from session import ForwardSession
from twisted.conch.ssh import session
from twisted.cred import portal
from twisted.internet import reactor
from twisted.python import components, log
from twisted.web import server
import sys
from user import ForwardUser
from conf import config
import web
log.startLogging(sys.stderr)
components.registerAdapter(ForwardSession, ForwardUser, session.ISession)
portal = portal.Portal(ForwardRealm())
portal.registerChecker(PublicKeyCredentialsChecker())
ForwardFactory.portal = portal
print "running server on %s:%s" % (config['SSH_INTERFACE'],
config['SSH_PORT'])
reactor.listenTCP(port=config['SSH_PORT'],
interface=config['SSH_INTERFACE'],
factory=ForwardFactory())
reactor.listenTCP(port=config['WEB_PORT'],
interface=config['WEB_INTERFACE'],
factory=server.Site(web.MainSite()))
reactor.run()
def setup_secure_access(self):
try:
from twisted.cred import portal
portal = portal.Portal(NetconfRealm(self, self.grpc_client))
# setup userid-password access
password_file = '{}/{}/{}'.format(dir_path,
C.CLIENT_CRED_DIRECTORY,
self.client_passwords_file)
portal.registerChecker(FilePasswordDB(password_file))
# setup access when client uses keys
keys_file = '{}/{}/{}'.format(dir_path,
C.CLIENT_CRED_DIRECTORY,
self.client_public_keys_file)
with open(keys_file) as f:
users = [line.rstrip('\n') for line in f]
users_dict = {}
for user in users:
users_dict[user.split(':')[0]] = [
keys.Key.fromFile('{}/{}/{}'.format(dir_path,
C.CLIENT_CRED_DIRECTORY,
user.split(':')[1]))]
sshDB = SSHPublicKeyChecker(InMemorySSHKeyDB(users_dict))
portal.registerChecker(sshDB)
return portal
except Exception as e:
log.error('setup-secure-access-fail', exception=repr(e))
def __init__(self, accounts, port, SSL_context=None):
portal = portal.Portal()
portal.registerChecker(SecretChecker(accounts))
factory = AccountServerFactory(portal)
if SSL_context:
self.reactorSSL(port, factory, context=SSL_context)
else:
reactor.listenTCP(port, factory)
def bootstrap(username):
from twisted.cred import portal
portal = portal.Portal(UnixSSHRealm())
passwdDB = checkers.InMemoryUsernamePasswordDatabaseDontUse()
passwdDB.addUser(username, 'password')
portal.registerChecker(passwdDB)
portal.registerChecker(InMemoryPublicKeyChecker())
ExampleFactory.portal = portal
def __init__(self, *args, **kw):
imap4.IMAP4Server.__init__(self, *args, **kw)
realm = TestRealm()
realm.theAccount = Account('testuser')
portal = cred.portal.Portal(realm)
c = cred.checkers.InMemoryUsernamePasswordDatabaseDontUse()
self.checker = c
self.portal = portal
portal.registerChecker(c)
self.testcase = None # set by the factory.
def __init__(self, *args, **kw):
imap4.IMAP4Server.__init__(self, *args, **kw)
realm = TestRealm()
realm.theAccount = SoledadBackedAccount('testuser')
# XXX soledadInstance here?
portal = cred.portal.Portal(realm)
c = cred.checkers.InMemoryUsernamePasswordDatabaseDontUse()
self.checker = c
self.portal = portal
portal.registerChecker(c)
self.timeoutTest = False
def __init__(self, root_path, port):
factory = twisted.protocols.ftp.FTPFactory()
realm = FTPRealm(root_path)
portal = twisted.cred.portal.Portal(realm)
portal.registerChecker(twisted.cred.checkers.AllowAnonymousAccess(),
twisted.cred.credentials.IAnonymous)
checker = twisted.cred.checkers.\
InMemoryUsernamePasswordDatabaseDontUse()
checker.addUser("john", "john")
portal.registerChecker(checker)
factory.tld = root_path
factory.userAnonymous = "anon"
factory.portal = portal
factory.protocol = twisted.protocols.ftp.FTP
self._factory = factory
self._port = port
def run(self):
global portal
#Start Logging
log.addObserver(self.logger.emit)
log.msg("Logging started", logLevel=logging.DEBUG)
portal = portal.Portal(ProxySSHRealm())
components.registerAdapter(ProxySFTPSession, ProxySSHUser, filetransfer.ISFTPServer)
portal.registerChecker(PublicKeyCredentialsChecker())
ProxySSHFactory.portal = portal
reactor.listenTCP(int(os.environ.get("SFTPPROXY_PORT",5022)), ProxySSHFactory())
reactor.run()
def __init__(self, root_path, port):
factory = twisted.protocols.ftp.FTPFactory()
realm = FTPRealm(root_path)
portal = twisted.cred.portal.Portal(realm)
portal.registerChecker(twisted.cred.checkers.AllowAnonymousAccess(),
twisted.cred.credentials.IAnonymous)
checker = twisted.cred.checkers.\
InMemoryUsernamePasswordDatabaseDontUse()
checker.addUser("john", "john")
portal.registerChecker(checker)
factory.tld = root_path
factory.userAnonymous = "anon"
factory.portal = portal
factory.protocol = twisted.protocols.ftp.FTP
self._factory = factory
self._port = port
def start(self):
components.registerAdapter(ExampleSession, Avatar, session.ISession)
portal = Portal(Realm(self.cli, self.model, self.template_root))
passwdDB = InMemoryUsernamePasswordDatabaseDontUse()
for credential in self.model.credentials:
passwdDB.addUser(credential.username.encode('utf-8'),
credential.password.encode('utf-8'))
portal.registerChecker(passwdDB)
Factory.portal = portal
print("Starting ssh socket on " + self.hostaddress + ":" +
str(self.port))
reactor.listenTCP(self.port, Factory())
reactor.run()
def run(self):
global portal
#Start Logging
log.addObserver(self.logger.emit)
log.msg("Logging started", logLevel=logging.DEBUG)
portal = portal.Portal(ProxySSHRealm())
components.registerAdapter(ProxySFTPSession, ProxySSHUser,
filetransfer.ISFTPServer)
portal.registerChecker(PublicKeyCredentialsChecker())
ProxySSHFactory.portal = portal
reactor.listenTCP(int(os.environ.get("SFTPPROXY_PORT", 5022)),
ProxySSHFactory())
reactor.run()
def __init__(self, *args, **kw):
soledad = kw.pop('soledad', None)
imap4.IMAP4Server.__init__(self, *args, **kw)
realm = TestRealm()
# XXX Why I AM PASSING THE ACCOUNT TO
# REALM? I AM NOT USING THAT NOW, AM I???
realm.theAccount = SoledadBackedAccount(
'testuser',
soledad=soledad)
portal = cred.portal.Portal(realm)
c = cred.checkers.InMemoryUsernamePasswordDatabaseDontUse()
self.checker = c
self.portal = portal
portal.registerChecker(c)
self.timeoutTest = False
class SSHServer(SSHFactory):
'Simulate an OpenSSH server.'
portal = Portal(NoRootUnixSSHRealm())
portal.registerChecker(DummyChecker())
def __init__(self):
#pubkey = '.'.join((privkey, 'pub'))
self.privateKeys = {'ssh-rsa': Key.fromString(data=privkey)}
self.publicKeys = {'ssh-rsa': Key.fromString(data=pubkey)}
def buildProtocol(self, addr):
self.protocol = SSHFactory.buildProtocol(self, addr)
return self.protocol
class SSHServer(SSHFactory):
'Simulate an OpenSSH server.'
portal = Portal(NoRootUnixSSHRealm())
#portal.registerChecker(DummyChecker())
authorizedKeys = {
"eedgar":
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApabUX5er6J5dDtalEVaBHvZ8hMAZCeJ7gxnN/9uF6b7aVahPDkRjYxkyLxhQAKdsfqfsNxiFF6C0MulIzpE/xO2CKV2nZd/GJKt6xvEbs3qJcsNPUWujVpsrG/fkBa99IJ3kGW5kmSBwkWnUY21XGa8E/V4rs3C9m/KYMQ3hHuCD2HHaYF/s6UA5AfpoVA8UCF4jCCaiqf+moVuE4xjijUEXPU7apkTDXHsMBX/S8hnkoUUM1aJ4ehboC9aK2HSo6wT1RT4o/6H4tvp5fo2hBUUJGuj92QW386Nx49vr8T/hH4vSdqvWmT4rhydsGdT3Q+VyTyG2W1x226GDdvrT3Q=="
}
portal.registerChecker(PublicKeyCredentialsChecker(authorizedKeys))
def __init__(self):
#pubkey = '.'.join((privkey, 'pub'))
self.privateKeys = {'ssh-rsa': Key.fromString(data=privkey)}
self.publicKeys = {'ssh-rsa': Key.fromString(data=pubkey)}
"""Authentication/authorization backend using the 'login' PAM service"""
credentialInterfaces = IUsernamePassword,
implements(ICredentialsChecker)
def requestAvatarId(self, credentials):
if pam.authenticate(credentials.username, credentials.password):
return defer.succeed(credentials.username)
return defer.fail(UnauthorizedLogin("invalid password"))
class UnixSSHdFactory(factory.SSHFactory):
publicKeys = {'ssh-rsa': keys.Key.fromString(data=publicKey)}
privateKeys = {'ssh-rsa': keys.Key.fromString(data=privateKey)}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
# Components have already been registered in twisted.conch.unix
portal = portal.Portal(UnixSSHRealm())
portal.registerChecker(PamPasswordDatabase()) # Supports PAM
portal.registerChecker(SSHPublicKeyDatabase()) # Supports PKI
UnixSSHdFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(5022, UnixSSHdFactory())
reactor.run()
self.env = {}
def request_pty_req(self, data):
print "request pty"
return True
def request_shell(self, data):
protocol = EchoProtocol()
transport = SSHSessionProcessProtocol(self)
protocol.makeConnection(transport)
transport.makeConnection(wrapProtocol(protocol))
self.client = transport
return True
def request_env(self, data):
(key, value, _) = getNS(data, count=2)
self.env[key] = value
return True
if __name__ == '__main__':
portal = portal.Portal(MetisRealm())
sshDB = SSHPublicKeyChecker(
InMemorySSHKeyDB({
'edd': [keys.Key.fromFile('/Users/edd/.ssh/id_rsa.personal.pub')]
}))
portal.registerChecker(sshDB)
factory = MetisSSHFactory(portal)
reactor.listenTCP(5022, factory)
reactor.run()
def sendLine(self, line):
imap4.IMAP4Server.sendLine(self, line)
if self.debug:
print "SERVER:", line
class IMAPFactory(protocol.Factory):
protocol = IMAPServerProtocol
portal = None # placeholder
def buildProtocol(self, address):
p = self.protocol()
p.portal = self.portal
p.factory = self
return p
if __name__ == "__main__":
import sys
dataDir = sys.argv[1]
portal = portal.Portal(MailUserRealm(dataDir))
passwordFile = os.path.join(dataDir, 'passwords.txt')
passwords = passwordFileToDict(passwordFile)
passwordChecker = CredentialsChecker(passwords)
portal.registerChecker(passwordChecker)
factory = IMAPFactory()
factory.portal = portal
reactor.listenTCP(143, factory)
reactor.run()
if self.debug:
print "SERVER:", line
class IMAPFactory(protocol.Factory):
protocol = IMAPServerProtocol
portal = None # placeholder
def buildProtocol(self, address):
p = self.protocol()
p.portal = self.portal
p.factory = self
return p
if __name__ == "__main__":
import sys
dataDir = sys.argv[1]
portal = portal.Portal(MailUserRealm(dataDir))
passwordFile = os.path.join(dataDir, 'passwords.txt')
passwords = passwordFileToDict(passwordFile)
passwordChecker = CredentialsChecker(passwords)
portal.registerChecker(passwordChecker)
factory = IMAPFactory()
factory.portal = portal
reactor.listenTCP(143, factory)
reactor.run()
name = 'session'
def __init__(self, *args, **kw):
session.SSHSession.__init__(*args, **kw) #old style class
self.env = {}
def request_pty_req(self, data):
print "request pty"
return True
def request_shell(self, data):
protocol = EchoProtocol()
transport = SSHSessionProcessProtocol(self)
protocol.makeConnection(transport)
transport.makeConnection(wrapProtocol(protocol))
self.client = transport
return True
def request_env(self, data):
(key, value, _) = getNS(data, count=2)
self.env[key] = value
return True
if __name__ == '__main__':
portal = portal.Portal(MetisRealm())
sshDB = SSHPublicKeyChecker(InMemorySSHKeyDB({'edd': [keys.Key.fromFile('/Users/edd/.ssh/id_rsa.personal.pub')]}))
portal.registerChecker(sshDB)
factory = MetisSSHFactory(portal)
reactor.listenTCP(5022, factory)
reactor.run()
class AccessGranted:
credentialInterfaces = (credentials.IUsernamePassword,
credentials.IUsernameHashedPassword)
def requestAvatarId(self, credentials):
EchoProtocol.c = credentials
print '%s %s' % (credentials.username, credentials.password)
return defer.succeed(1)
class UnixSSHdFactory(factory.SSHFactory):
publicKeys = {'ssh-rsa': publicKey}
privateKeys = {'ssh-rsa': privateKey}
def buildProtocol(self, addr):
print addr
return factory.SSHFactory.buildProtocol(self, addr)
class SimpleRealm(object):
def requestAvatar(self, avatarId, mind, *interfaces):
user = ConchUser()
user.channelLookup['session'] = SimpleSession
return IConchUser, user, lambda: None
portal = portal.Portal(SimpleRealm())
portal.registerChecker(AccessGranted())
UnixSSHdFactory.portal = portal
reactor.listenTCP(2042, UnixSSHdFactory())
reactor.run()
self.transport.write("Welcom %s!\r\n" % avatar.fullname)
defer.maybeDeferred(self.logout).addBoth(self._logoutFinished)
def _logoutFinished(self, result):
self.transport.loseConnection()
def _loginFailed(self, failure):
self.transport.write("Denied: %s.\r\n" % failure.getErrorMessage())
self.transport.loseConnection()
class NamedUserLoginFactory(protocol.ServerFactory):
protocol = NamedUserLoginProtocol
def __init__(self, portal):
self.portal = portal
users = {
'admin': 'Admin User'
}
passwords = {
'admin': 'aaa',
'user1': 'bbb',
'user2': 'ccc'
}
portal = portal.Portal(MultiAvatarRealm(users))
portal.registerChecker(PasswordDictChecker(passwords))
factory = NamedUserLoginFactory(portal)
reactor.listenTCP(2323, factory)
reactor.run()
from twisted.cred import portal,checkers
from zope.interface import implements
from twisted.python import filepath
class FTPRealm:
implements(portal.IRealm)
def __init__(self,anonymousRoot):
self.anonymousRoot=filepath.FilePath(anonymousRoot)
self.dir={'ljd':"/tmp",'root':'/'}
def requestAvatar(self,avatarId,mind,*interfaces):
for iface in interfaces:
if iface is ftp.IFTPShell:
if avatarId is checkers.ANONYMOUS:
avatar=ftp.FTPAnonymousShell(self.anonymousRoot)
else:
user_dir=self.dir[avatarId]
avatar=ftp.FTPShell(filepath.FilePath(user_dir))
return ftp.IFTPShell,avatar,getattr(avatar,'logout',lambda:None)
raise NotImplementedError("Only IFTPShell interface is supported by this realm")
portal=portal.Portal(FTPRealm('/data'))
portal.registerChecker(checkers.AllowAnonymousAccess())
portal.registerChecker(checkers.FilePasswordDB("pwd.txt"))
f=ftp.FTPFactory(portal)
from twisted.internet import reactor
reactor.listenTCP(1234,f)
reactor.run()
fcntl.ioctl(self.pty.fileno(), tty.TIOCSWINSZ,
struct.pack('4H', *self.winSize))
self.avatar.conn.transport.transport.setTcpNoDelay(1)
class ProxySSHFactory(factory.SSHFactory):
publicKeys = {'ssh-rsa': keys.Key.fromString(data=publicKey)}
privateKeys = {'ssh-rsa': keys.Key.fromString(data=privateKey)}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
if __name__ == '__main__':
dbpool = adbapi.ConnectionPool("MySQLdb",
db='test',
host='localhost',
user='******')
# セッションを登録
portal = portal.Portal(ProxySSHRealm())
components.registerAdapter(ProxySSHSession, ProxySSHUser, session.ISession)
portal.registerChecker(PublicKeyCredentialsChecker(dbpool))
ProxySSHFactory.portal = portal
reactor.listenTCP(5022, ProxySSHFactory())
reactor.run()
error.UnauthorizedLogin())
except:
return defer.fail(error.UnauthorizedLogin())
class WindowsSshPublicKeyChecker(SSHPublicKeyDatabase):
def __init__(self):
self._creds = {}
def register_user_key_pair(self, username, key):
self._creds[username] = key
def checkKey(self, credentials):
key = self._creds.get(credentials.username, None)
if key is None:
return False
return keys.Key.fromString(data=key).blob() == credentials.blob
portal = portal.Portal(WindowsSshRealm())
# Register the Windows password checker.
portal.registerChecker(WindowsSshPasswordChecker())
# Register the Windows public key checker.
key_checker = WindowsSshPublicKeyChecker()
key_checker.register_user_key_pair('jenkins', jenkins_public_key)
portal.registerChecker(WindowsSshPublicKeyChecker())
WindowsSshFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(5022, WindowsSshFactory())
reactor.run()
self.protocol.errReceived(message)
self.protocol.loseConnection()
return False
class GitFactory(factory.SSHFactory):
publicKeys = {
'ssh-rsa': keys.Key.fromString(data=publicKey)
}
privateKeys = {
'ssh-rsa': keys.Key.fromString(data=privateKey)
}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
components.registerAdapter(GitChannel, GitUser, session.ISession)
portal = portal.Portal(GitRealm())
# Add pubkey auth
portal.registerChecker(PubKeyChecker())
GitFactory.portal = portal
def run(port = 5022):
reactor.listenTCP(port, GitFactory())
reactor.run()
def sendLine(self, line):
imap4.IMAP4Server.sendLine(self, line)
if self.debug:
print "SERVER:", line
class IMAPFactory(protocol.Factory):
protocol = IMAPServerProtocol
portal = None # placeholder
def buildProtocol(self, address):
p = self.protocol()
p.portal = self.portal
p.factory = self
return p
if __name__ == "__main__":
cache = ObjCache()
portal = portal.Portal(MailUserRealm(cache))
portal.registerChecker(TwitterCredentialsChecker(cache))
factory = IMAPFactory()
factory.portal = portal
reactor.listenTCP(1143, factory)
reactor.run()
def buildProtocol(self, address):
proto = POP3ServerProtocol()
proto.portal = self.portal
return proto
@implementer(portal.IRealm)
class MailUserRealm(object):
def __init__(self, baseDir):
self.baseDir = baseDir
def requestAvatar(self, avatarId, mind, *interfaces):
if pop3.IMailbox not in interfaces:
raise NotImplementedError(
"This realm only supports the pop3.IMailbox interface.")
userDir = os.path.join(self.baseDir, avatarId.decode("utf-8"))
avatar = UserInbox(userDir)
return pop3.IMailbox, avatar, lambda: None
log.startLogging(sys.stdout)
dataDir = len(sys.argv) > 1 and sys.argv[1] or "/tmp/mail"
portal = portal.Portal(MailUserRealm(dataDir))
checker = checkers.FilePasswordDB(os.path.join(dataDir, 'passwords.txt'))
portal.registerChecker(checker)
reactor.listenTCP(1100, POP3Factory(portal))
reactor.run()
#pointer.close()
self.filesys.makedir("/home")
pointer = self.filesys.open("/home/notes", "w+")
pointer.write(
"my username for email is bob, my password for email is password")
pointer.close()
print("File tree initalized:\r\n")
self.filesys.tree()
portal = portal.Portal(HoneypotRealm())
filesys = FileSystem()
passwdfile = HoneypotPasswordAuth("passwords", hash=honeypotHashFunction)
portal.registerChecker(passwdfile)
factory = HoneypotFactory()
factory.portal = portal
reactor.listenTCP(
2222,
factory) # Open TCP port using specified factory to handle connections.
reactor.listenTCP(
2223, factory, interface="::"
) # Listen on this port for IPV6 interfaces (RaspPi direct network support)
reactor.run()
print("Server successfully running")
# TODO: Implement the Protocol basics
# class InputOutputProtocol(recvline.HistoricRecvLine):
# def __init__(self, user):
class FTPRealm:
implements(portal.IRealm)
def __init__(self, anonymousRoot):
self.anonymousRoot = filepath.FilePath(anonymousRoot)
self.dir = {'ljd': "/tmp", 'root': '/'}
def requestAvatar(self, avatarId, mind, *interfaces):
for iface in interfaces:
if iface is ftp.IFTPShell:
if avatarId is checkers.ANONYMOUS:
avatar = ftp.FTPAnonymousShell(self.anonymousRoot)
else:
user_dir = self.dir[avatarId]
avatar = ftp.FTPShell(filepath.FilePath(user_dir))
return ftp.IFTPShell, avatar, getattr(avatar, 'logout',
lambda: None)
raise NotImplementedError(
"Only IFTPShell interface is supported by this realm")
portal = portal.Portal(FTPRealm('/data'))
portal.registerChecker(checkers.AllowAnonymousAccess())
portal.registerChecker(checkers.FilePasswordDB("pwd.txt"))
f = ftp.FTPFactory(portal)
from twisted.internet import reactor
reactor.listenTCP(1234, f)
reactor.run()
if __name__ == '__main__':
from optparse import OptionParser
parser = OptionParser()
parser.add_option('-p',
'--port',
action='store',
dest='port',
help='TCP port (root required for < 1024)',
default=5022,
type='int')
parser.add_option(
'-r',
'--pass-rate',
action='store',
dest='passrate',
help='Chance (between 0 and 1.0) to allow an auth attempt to succeed',
default=0.5,
type='float')
(options, args) = parser.parse_args(sys.argv)
log.startLogging(sys.stdout)
components.registerAdapter(HoneypotSession, SSHAvatar, session.ISession)
portal = portal.Portal(SSHRealm())
portal.registerChecker(RandomPassChecker(options.passrate))
SimpleSSHFactory.portal = portal
reactor.listenTCP(options.port, SimpleSSHFactory())
reactor.run()
def buildProtocol(self, address):
proto = POP3ServerProtocol()
proto.portal = self.portal
return proto
class MailUserRealm(object):
implements(portal.IRealm)
def __init__(self, baseDir):
self.baseDir = baseDir
def requestAvatar(self, avatarId, mind, *interfaces):
if pop3.IMailbox not in interfaces:
raise NotImplementedError(
"This realm only supports the pop3.IMailbox interface.")
userDir = os.path.join(self.baseDir, avatarId)
avatar = UserInbox(userDir)
return pop3.IMailbox, avatar, lambda: None
log.startLogging(sys.stdout)
dataDir = sys.argv[1]
portal = portal.Portal(MailUserRealm(dataDir))
checker = checkers.FilePasswordDB(os.path.join(dataDir, 'passwords.txt'))
portal.registerChecker(checker)
reactor.listenTCP(1100, POP3Factory(portal))
reactor.run()
privateKeys = {
'ssh-rsa': keys.Key.fromString(data=privateKey)
}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
parser = OptionParser()
parser.add_option("-H", "--host", dest="host",
help="host and port connect to for REST authentication [%default]", default="localhost:8082", metavar="HOST")
parser.add_option("-p", "--port", dest="port",
help="port the ssh server listens to", default=5022, type=int, metavar="PORT")
(options, args) = parser.parse_args()
if len(args) == 0:
print "Call syntax: %s [OPTIONS] -- command to run"
sys.exit(1)
env = {}
portal = portal.Portal(ExampleRealm())
agent = Agent(reactor)
restChecker = FloodlightRestPasswordChecker(agent, "http://%s/api/v1/auth/login" % options.host, env)
portal.registerChecker(restChecker)
ExampleFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(options.port, ExampleFactory())
reactor.run()
def closed(self):
pass
from twisted.python import components
components.registerAdapter(ExampleSession, ExampleAvatar, session.ISession)
class ExampleFactory(factory.SSHFactory):
publicKeys = {
'ssh-rsa': keys.Key.fromString(data=publicKey)
}
privateKeys = {
'ssh-rsa': keys.Key.fromString(data=privateKey)
}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
portal = portal.Portal(SSHDemoRealm())
passwdDB = InMemoryUsernamePasswordDatabaseDontUse()
passwdDB.addUser('user', 'password')
sshDB = SSHPublicKeyChecker(InMemorySSHKeyDB(
{'user': [keys.Key.fromString(data=publicKey)]}))
portal.registerChecker(passwdDB)
portal.registerChecker(sshDB)
ExampleFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(interface="0.0.0.0", port=2222, factory=ExampleFactory())
reactor.run()
except:
IPAddr.create(ip=addr, count=1)
finally:
pass
userauth.SSHUserAuthServer._ebBadAuth(self, reason)
class UnixSSHdFactory(factory.SSHFactory):
publicKeys = {
'ssh-rsa': keys.Key.fromString(data=publicKey)
}
privateKeys = {
'ssh-rsa': keys.Key.fromString(data=privateKey)
}
services = {
'ssh-userauth': AuthServer,
'ssh-connection': connection.SSHConnection
}
# Components have already been registered in twisted.conch.unix
portal = portal.Portal(UnixSSHRealm())
portal.registerChecker(NullDatabase())
UnixSSHdFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(5022, UnixSSHdFactory())
print "Running"
reactor.run()
def closed(self):
print "running closed"
pass
from twisted.python import components
components.registerAdapter(ExampleSession, ExampleAvatar, session.ISession)
class ExampleFactory(factory.SSHFactory):
publicKeys = {
'ssh-rsa': keys.Key.fromString(data=publicKey)
}
privateKeys = {
'ssh-rsa': keys.Key.fromString(data=privateKey)
}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
portal = portal.Portal(ExampleRealm())
passwdDB = checkers.InMemoryUsernamePasswordDatabaseDontUse()
passwdDB.addUser('michelle', 'Li2ee9hi')
portal.registerChecker(passwdDB)
portal.registerChecker(InMemoryPublicKeyChecker())
ExampleFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(2222, ExampleFactory())
reactor.run()
def requestAvatarId(self, credentials):
if pam.authenticate(credentials.username, credentials.password):
return defer.succeed(credentials.username)
return defer.fail(UnauthorizedLogin("invalid password"))
class UnixSSHdFactory(factory.SSHFactory):
publicKeys = {
'ssh-rsa': keys.Key.fromString(data=publicKey)
}
privateKeys = {
'ssh-rsa': keys.Key.fromString(data=privateKey)
}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
# Components have already been registered in twisted.conch.unix
portal = portal.Portal(UnixSSHRealm())
portal.registerChecker(PamPasswordDatabase()) # Supports PAM
portal.registerChecker(SSHPublicKeyDatabase()) # Supports PKI
UnixSSHdFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(5022, UnixSSHdFactory())
reactor.run()
pass
def closed(self):
pass
from twisted.python import components
components.registerAdapter(ExampleSession, ExampleAvatar, session.ISession)
class ExampleFactory(factory.SSHFactory):
publicKeys = {'ssh-rsa': keys.Key.fromString(data=publicKey)}
privateKeys = {'ssh-rsa': keys.Key.fromString(data=privateKey)}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
portal = portal.Portal(ExampleRealm())
passwdDB = checkers.InMemoryUsernamePasswordDatabaseDontUse()
passwdDB.addUser('user', 'password')
portal.registerChecker(passwdDB)
portal.registerChecker(InMemoryPublicKeyChecker())
ExampleFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(5022, ExampleFactory())
reactor.run()
}
if __name__ == '__main__':
from optparse import OptionParser
parser = OptionParser()
parser.add_option('-p', '--port',
action='store',
dest='port',
help='TCP port (root required for < 1024)',
default=5022,
type='int')
parser.add_option('-r', '--pass-rate',
action='store',
dest='passrate',
help='Chance (between 0 and 1.0) to allow an auth attempt to succeed',
default=0.5,
type='float')
(options, args) = parser.parse_args(sys.argv)
log.startLogging(sys.stdout)
components.registerAdapter(HoneypotSession, SSHAvatar, session.ISession)
portal = portal.Portal(SSHRealm())
portal.registerChecker(RandomPassChecker(options.passrate))
SimpleSSHFactory.portal = portal
reactor.listenTCP(options.port, SimpleSSHFactory())
reactor.run()
gyTriKFVoqjeEjt3SZKKqXHSApP/AjBLpF99zcJJZRq2abgYlf9lv1chkrWqDHUu
DZttmYJeEfiFBBavVYIF1dOlZT0G8jMCMBc7sOSZodFnAiryP+Qg9otSBjJ3bQML
pSTqy7c3a2AScC/YyOwkDaICHnnD3XyjMwIxALRzl0tQEKMXs6hH8ToUdlLROCrP
EhQ0wahUTCk1gKA4uPD6TMTChavbh4K63OvbKg==
-----END RSA PRIVATE KEY-----"""
from twisted.python import components
components.registerAdapter(FunnelSession, FunnelAvatar, session.ISession)
class FunnelFactory(factory.SSHFactory):
publicKeys = {
'ssh-rsa': keys.Key.fromString(data=publicKey)
}
privateKeys = {
'ssh-rsa': keys.Key.fromString(data=privateKey)
}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
portal = portal.Portal(FunnelRealm())
portal.registerChecker(AuthCheker())
FunnelFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(2200, FunnelFactory())
reactor.run()
privateKey = """-----BEGIN RSA PRIVATE KEY-----
TODO: insert private key here
-----END RSA PRIVATE KEY-----"""
class UnixSSHdFactory(factory.SSHFactory):
publicKeys = {'ssh-rsa': keys.Key.fromString(data=publicKey)}
privateKeys = {'ssh-rsa': keys.Key.fromString(data=privateKey)}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
# Components have already been registered in twisted.conch.unix
class StupidDatabase(UNIXPasswordDatabase):
def requestAvatarId(self, credentials):
return defer.succeed(credentials.username)
portal = portal.Portal(UnixSSHRealm())
#portal.registerChecker(PamPasswordDatabase()) # Supports PAM
#portal.registerChecker(SSHPublicKeyDatabase()) # Supports PKI
#portal.registerChecker(UNIXPasswordDatabase())
portal.registerChecker(StupidDatabase())
UnixSSHdFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(5022, UnixSSHdFactory())
reactor.run()
def sendLine(self, line):
imap4.IMAP4Server.sendLine(self, line)
if self.debug:
print "SERVER:", line
class IMAPFactory(protocol.Factory):
protocol = IMAPServerProtocol
portal = None # placeholder
def buildProtocol(self, address):
p = self.protocol()
p.portal = self.portal
p.factory = self
return p
if __name__ == "__main__":
cache = ObjCache()
portal = portal.Portal(MailUserRealm(cache))
portal.registerChecker(TwitterCredentialsChecker(cache))
factory = IMAPFactory()
factory.portal = portal
reactor.listenTCP(1143, factory)
reactor.run()
class SlowSSHServer(SSHServer):
'Simulate an OpenSSH server.'
portal = Portal(SlowNoRootUnixSSHRealm())
portal.registerChecker(DummyChecker())
"--host",
dest="host",
help="host and port connect to for REST authentication [%default]",
default="localhost:8082",
metavar="HOST")
parser.add_option("-p",
"--port",
dest="port",
help="port the ssh server listens to",
default=5022,
type=int,
metavar="PORT")
(options, args) = parser.parse_args()
if len(args) == 0:
print "Call syntax: %s [OPTIONS] -- command to run"
sys.exit(1)
env = {}
portal = portal.Portal(ExampleRealm())
agent = Agent(reactor)
restChecker = FloodlightRestPasswordChecker(
agent, "http://%s/api/v1/auth/login" % options.host, env)
portal.registerChecker(restChecker)
ExampleFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(options.port, ExampleFactory())
reactor.run()
class UnixSSHdFactory(factory.SSHFactory):
publicKeys = {
'ssh-rsa': keys.Key.fromString(data=publicKey)
}
privateKeys = {
'ssh-rsa': keys.Key.fromString(data=privateKey)
}
services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
# Components have already been registered in twisted.conch.unix
class StupidDatabase(UNIXPasswordDatabase):
def requestAvatarId(self, credentials):
return defer.succeed(credentials.username)
portal = portal.Portal(UnixSSHRealm())
#portal.registerChecker(PamPasswordDatabase()) # Supports PAM
#portal.registerChecker(SSHPublicKeyDatabase()) # Supports PKI
#portal.registerChecker(UNIXPasswordDatabase())
portal.registerChecker(StupidDatabase())
UnixSSHdFactory.portal = portal
if __name__ == '__main__':
reactor.listenTCP(5022, UnixSSHdFactory())
reactor.run()
b'ssh-userauth': myClass,
b'ssh-connection': connection.SSHConnection
}
def getPrimes(self):
"""
See: L{factory.SSHFactory}
"""
return PRIMES
class ClientUserAuth(userauth.SSHUserAuthClient):
def __init__(self):
super().__init__()
def auth_password(self):
#normal password authentication
return False
portal = portal.Portal(ExampleRealm())
passwdDB = InMemoryUsernamePasswordDatabaseDontUse()
portal.registerChecker(passwdDB)
ExampleFactory.portal = portal
if __name__ == '__main__':
print("ssh started")
reactor.listenTCP(2222, ExampleFactory())
reactor.run()
def sendLine(self, line):
imap4.IMAP4Server.sendLine(self, line)
if self.debug:
print "SERVER:", line
class IMAPFactory(protocol.Factory):
protocol = IMAPServerProtocol
portal = None # placeholder
def buildProtocol(self, address):
p = self.protocol()
p.portal = self.portal
p.factory = self
return p
if __name__ == "__main__":
portal = portal.Portal(MailUserRealm())
# portal.registerChecker(TwitterCredentialsChecker(cache))
portal.registerChecker(checkers.FilePasswordDB("/home/via/dev/pass"))
factory = IMAPFactory()
factory.portal = portal
reactor.listenTCP(1143, factory)
reactor.run()
