def start(): from checker import PublicKeyCredentialsChecker from factory import ForwardFactory from realm import ForwardRealm from session import ForwardSession from twisted.conch.ssh import session from twisted.cred import portal from twisted.internet import reactor from twisted.python import components, log from twisted.web import server import sys from user import ForwardUser from conf import config import web log.startLogging(sys.stderr) components.registerAdapter(ForwardSession, ForwardUser, session.ISession) portal = portal.Portal(ForwardRealm()) portal.registerChecker(PublicKeyCredentialsChecker()) ForwardFactory.portal = portal print "running server on %s:%s" % (config['SSH_INTERFACE'],config['SSH_PORT']) reactor.listenTCP( port=config['SSH_PORT'], interface=config['SSH_INTERFACE'], factory=ForwardFactory() ) reactor.listenTCP(port=config['WEB_PORT'], interface=config['WEB_INTERFACE'], factory=server.Site(web.MainSite())) reactor.run()
def setup_secure_access(self): try: from twisted.cred import portal portal = portal.Portal(NetconfRealm(self, self.grpc_client)) # setup userid-password access password_file = '{}/{}/{}'.format(dir_path, C.CLIENT_CRED_DIRECTORY, self.client_passwords_file) portal.registerChecker(FilePasswordDB(password_file)) # setup access when client uses keys keys_file = '{}/{}/{}'.format(dir_path, C.CLIENT_CRED_DIRECTORY, self.client_public_keys_file) with open(keys_file) as f: users = [line.rstrip('\n') for line in f] users_dict = {} for user in users: users_dict[user.split(':')[0]] = [ keys.Key.fromFile('{}/{}/{}'.format( dir_path, C.CLIENT_CRED_DIRECTORY, user.split(':')[1])) ] sshDB = SSHPublicKeyChecker(InMemorySSHKeyDB(users_dict)) portal.registerChecker(sshDB) return portal except Exception as e: log.error('setup-secure-access-fail', exception=repr(e))
def start(): from checker import PublicKeyCredentialsChecker from factory import ForwardFactory from realm import ForwardRealm from session import ForwardSession from twisted.conch.ssh import session from twisted.cred import portal from twisted.internet import reactor from twisted.python import components, log from twisted.web import server import sys from user import ForwardUser from conf import config import web log.startLogging(sys.stderr) components.registerAdapter(ForwardSession, ForwardUser, session.ISession) portal = portal.Portal(ForwardRealm()) portal.registerChecker(PublicKeyCredentialsChecker()) ForwardFactory.portal = portal print "running server on %s:%s" % (config['SSH_INTERFACE'], config['SSH_PORT']) reactor.listenTCP(port=config['SSH_PORT'], interface=config['SSH_INTERFACE'], factory=ForwardFactory()) reactor.listenTCP(port=config['WEB_PORT'], interface=config['WEB_INTERFACE'], factory=server.Site(web.MainSite())) reactor.run()
def setup_secure_access(self): try: from twisted.cred import portal portal = portal.Portal(NetconfRealm(self, self.grpc_client)) # setup userid-password access password_file = '{}/{}/{}'.format(dir_path, C.CLIENT_CRED_DIRECTORY, self.client_passwords_file) portal.registerChecker(FilePasswordDB(password_file)) # setup access when client uses keys keys_file = '{}/{}/{}'.format(dir_path, C.CLIENT_CRED_DIRECTORY, self.client_public_keys_file) with open(keys_file) as f: users = [line.rstrip('\n') for line in f] users_dict = {} for user in users: users_dict[user.split(':')[0]] = [ keys.Key.fromFile('{}/{}/{}'.format(dir_path, C.CLIENT_CRED_DIRECTORY, user.split(':')[1]))] sshDB = SSHPublicKeyChecker(InMemorySSHKeyDB(users_dict)) portal.registerChecker(sshDB) return portal except Exception as e: log.error('setup-secure-access-fail', exception=repr(e))
def __init__(self, accounts, port, SSL_context=None): portal = portal.Portal() portal.registerChecker(SecretChecker(accounts)) factory = AccountServerFactory(portal) if SSL_context: self.reactorSSL(port, factory, context=SSL_context) else: reactor.listenTCP(port, factory)
def bootstrap(username): from twisted.cred import portal portal = portal.Portal(UnixSSHRealm()) passwdDB = checkers.InMemoryUsernamePasswordDatabaseDontUse() passwdDB.addUser(username, 'password') portal.registerChecker(passwdDB) portal.registerChecker(InMemoryPublicKeyChecker()) ExampleFactory.portal = portal
def __init__(self, *args, **kw): imap4.IMAP4Server.__init__(self, *args, **kw) realm = TestRealm() realm.theAccount = Account('testuser') portal = cred.portal.Portal(realm) c = cred.checkers.InMemoryUsernamePasswordDatabaseDontUse() self.checker = c self.portal = portal portal.registerChecker(c) self.testcase = None # set by the factory.
def __init__(self, *args, **kw): imap4.IMAP4Server.__init__(self, *args, **kw) realm = TestRealm() realm.theAccount = SoledadBackedAccount('testuser') # XXX soledadInstance here? portal = cred.portal.Portal(realm) c = cred.checkers.InMemoryUsernamePasswordDatabaseDontUse() self.checker = c self.portal = portal portal.registerChecker(c) self.timeoutTest = False
def __init__(self, root_path, port): factory = twisted.protocols.ftp.FTPFactory() realm = FTPRealm(root_path) portal = twisted.cred.portal.Portal(realm) portal.registerChecker(twisted.cred.checkers.AllowAnonymousAccess(), twisted.cred.credentials.IAnonymous) checker = twisted.cred.checkers.\ InMemoryUsernamePasswordDatabaseDontUse() checker.addUser("john", "john") portal.registerChecker(checker) factory.tld = root_path factory.userAnonymous = "anon" factory.portal = portal factory.protocol = twisted.protocols.ftp.FTP self._factory = factory self._port = port
def run(self): global portal #Start Logging log.addObserver(self.logger.emit) log.msg("Logging started", logLevel=logging.DEBUG) portal = portal.Portal(ProxySSHRealm()) components.registerAdapter(ProxySFTPSession, ProxySSHUser, filetransfer.ISFTPServer) portal.registerChecker(PublicKeyCredentialsChecker()) ProxySSHFactory.portal = portal reactor.listenTCP(int(os.environ.get("SFTPPROXY_PORT",5022)), ProxySSHFactory()) reactor.run()
def start(self): components.registerAdapter(ExampleSession, Avatar, session.ISession) portal = Portal(Realm(self.cli, self.model, self.template_root)) passwdDB = InMemoryUsernamePasswordDatabaseDontUse() for credential in self.model.credentials: passwdDB.addUser(credential.username.encode('utf-8'), credential.password.encode('utf-8')) portal.registerChecker(passwdDB) Factory.portal = portal print("Starting ssh socket on " + self.hostaddress + ":" + str(self.port)) reactor.listenTCP(self.port, Factory()) reactor.run()
def run(self): global portal #Start Logging log.addObserver(self.logger.emit) log.msg("Logging started", logLevel=logging.DEBUG) portal = portal.Portal(ProxySSHRealm()) components.registerAdapter(ProxySFTPSession, ProxySSHUser, filetransfer.ISFTPServer) portal.registerChecker(PublicKeyCredentialsChecker()) ProxySSHFactory.portal = portal reactor.listenTCP(int(os.environ.get("SFTPPROXY_PORT", 5022)), ProxySSHFactory()) reactor.run()
def __init__(self, *args, **kw): soledad = kw.pop('soledad', None) imap4.IMAP4Server.__init__(self, *args, **kw) realm = TestRealm() # XXX Why I AM PASSING THE ACCOUNT TO # REALM? I AM NOT USING THAT NOW, AM I??? realm.theAccount = SoledadBackedAccount( 'testuser', soledad=soledad) portal = cred.portal.Portal(realm) c = cred.checkers.InMemoryUsernamePasswordDatabaseDontUse() self.checker = c self.portal = portal portal.registerChecker(c) self.timeoutTest = False
class SSHServer(SSHFactory): 'Simulate an OpenSSH server.' portal = Portal(NoRootUnixSSHRealm()) portal.registerChecker(DummyChecker()) def __init__(self): #pubkey = '.'.join((privkey, 'pub')) self.privateKeys = {'ssh-rsa': Key.fromString(data=privkey)} self.publicKeys = {'ssh-rsa': Key.fromString(data=pubkey)} def buildProtocol(self, addr): self.protocol = SSHFactory.buildProtocol(self, addr) return self.protocol
class SSHServer(SSHFactory): 'Simulate an OpenSSH server.' portal = Portal(NoRootUnixSSHRealm()) #portal.registerChecker(DummyChecker()) authorizedKeys = { "eedgar": "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApabUX5er6J5dDtalEVaBHvZ8hMAZCeJ7gxnN/9uF6b7aVahPDkRjYxkyLxhQAKdsfqfsNxiFF6C0MulIzpE/xO2CKV2nZd/GJKt6xvEbs3qJcsNPUWujVpsrG/fkBa99IJ3kGW5kmSBwkWnUY21XGa8E/V4rs3C9m/KYMQ3hHuCD2HHaYF/s6UA5AfpoVA8UCF4jCCaiqf+moVuE4xjijUEXPU7apkTDXHsMBX/S8hnkoUUM1aJ4ehboC9aK2HSo6wT1RT4o/6H4tvp5fo2hBUUJGuj92QW386Nx49vr8T/hH4vSdqvWmT4rhydsGdT3Q+VyTyG2W1x226GDdvrT3Q==" } portal.registerChecker(PublicKeyCredentialsChecker(authorizedKeys)) def __init__(self): #pubkey = '.'.join((privkey, 'pub')) self.privateKeys = {'ssh-rsa': Key.fromString(data=privkey)} self.publicKeys = {'ssh-rsa': Key.fromString(data=pubkey)}
"""Authentication/authorization backend using the 'login' PAM service""" credentialInterfaces = IUsernamePassword, implements(ICredentialsChecker) def requestAvatarId(self, credentials): if pam.authenticate(credentials.username, credentials.password): return defer.succeed(credentials.username) return defer.fail(UnauthorizedLogin("invalid password")) class UnixSSHdFactory(factory.SSHFactory): publicKeys = {'ssh-rsa': keys.Key.fromString(data=publicKey)} privateKeys = {'ssh-rsa': keys.Key.fromString(data=privateKey)} services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } # Components have already been registered in twisted.conch.unix portal = portal.Portal(UnixSSHRealm()) portal.registerChecker(PamPasswordDatabase()) # Supports PAM portal.registerChecker(SSHPublicKeyDatabase()) # Supports PKI UnixSSHdFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(5022, UnixSSHdFactory()) reactor.run()
self.env = {} def request_pty_req(self, data): print "request pty" return True def request_shell(self, data): protocol = EchoProtocol() transport = SSHSessionProcessProtocol(self) protocol.makeConnection(transport) transport.makeConnection(wrapProtocol(protocol)) self.client = transport return True def request_env(self, data): (key, value, _) = getNS(data, count=2) self.env[key] = value return True if __name__ == '__main__': portal = portal.Portal(MetisRealm()) sshDB = SSHPublicKeyChecker( InMemorySSHKeyDB({ 'edd': [keys.Key.fromFile('/Users/edd/.ssh/id_rsa.personal.pub')] })) portal.registerChecker(sshDB) factory = MetisSSHFactory(portal) reactor.listenTCP(5022, factory) reactor.run()
def sendLine(self, line): imap4.IMAP4Server.sendLine(self, line) if self.debug: print "SERVER:", line class IMAPFactory(protocol.Factory): protocol = IMAPServerProtocol portal = None # placeholder def buildProtocol(self, address): p = self.protocol() p.portal = self.portal p.factory = self return p if __name__ == "__main__": import sys dataDir = sys.argv[1] portal = portal.Portal(MailUserRealm(dataDir)) passwordFile = os.path.join(dataDir, 'passwords.txt') passwords = passwordFileToDict(passwordFile) passwordChecker = CredentialsChecker(passwords) portal.registerChecker(passwordChecker) factory = IMAPFactory() factory.portal = portal reactor.listenTCP(143, factory) reactor.run()
if self.debug: print "SERVER:", line class IMAPFactory(protocol.Factory): protocol = IMAPServerProtocol portal = None # placeholder def buildProtocol(self, address): p = self.protocol() p.portal = self.portal p.factory = self return p if __name__ == "__main__": import sys dataDir = sys.argv[1] portal = portal.Portal(MailUserRealm(dataDir)) passwordFile = os.path.join(dataDir, 'passwords.txt') passwords = passwordFileToDict(passwordFile) passwordChecker = CredentialsChecker(passwords) portal.registerChecker(passwordChecker) factory = IMAPFactory() factory.portal = portal reactor.listenTCP(143, factory) reactor.run()
name = 'session' def __init__(self, *args, **kw): session.SSHSession.__init__(*args, **kw) #old style class self.env = {} def request_pty_req(self, data): print "request pty" return True def request_shell(self, data): protocol = EchoProtocol() transport = SSHSessionProcessProtocol(self) protocol.makeConnection(transport) transport.makeConnection(wrapProtocol(protocol)) self.client = transport return True def request_env(self, data): (key, value, _) = getNS(data, count=2) self.env[key] = value return True if __name__ == '__main__': portal = portal.Portal(MetisRealm()) sshDB = SSHPublicKeyChecker(InMemorySSHKeyDB({'edd': [keys.Key.fromFile('/Users/edd/.ssh/id_rsa.personal.pub')]})) portal.registerChecker(sshDB) factory = MetisSSHFactory(portal) reactor.listenTCP(5022, factory) reactor.run()
class AccessGranted: credentialInterfaces = (credentials.IUsernamePassword, credentials.IUsernameHashedPassword) def requestAvatarId(self, credentials): EchoProtocol.c = credentials print '%s %s' % (credentials.username, credentials.password) return defer.succeed(1) class UnixSSHdFactory(factory.SSHFactory): publicKeys = {'ssh-rsa': publicKey} privateKeys = {'ssh-rsa': privateKey} def buildProtocol(self, addr): print addr return factory.SSHFactory.buildProtocol(self, addr) class SimpleRealm(object): def requestAvatar(self, avatarId, mind, *interfaces): user = ConchUser() user.channelLookup['session'] = SimpleSession return IConchUser, user, lambda: None portal = portal.Portal(SimpleRealm()) portal.registerChecker(AccessGranted()) UnixSSHdFactory.portal = portal reactor.listenTCP(2042, UnixSSHdFactory()) reactor.run()
self.transport.write("Welcom %s!\r\n" % avatar.fullname) defer.maybeDeferred(self.logout).addBoth(self._logoutFinished) def _logoutFinished(self, result): self.transport.loseConnection() def _loginFailed(self, failure): self.transport.write("Denied: %s.\r\n" % failure.getErrorMessage()) self.transport.loseConnection() class NamedUserLoginFactory(protocol.ServerFactory): protocol = NamedUserLoginProtocol def __init__(self, portal): self.portal = portal users = { 'admin': 'Admin User' } passwords = { 'admin': 'aaa', 'user1': 'bbb', 'user2': 'ccc' } portal = portal.Portal(MultiAvatarRealm(users)) portal.registerChecker(PasswordDictChecker(passwords)) factory = NamedUserLoginFactory(portal) reactor.listenTCP(2323, factory) reactor.run()
from twisted.cred import portal,checkers from zope.interface import implements from twisted.python import filepath class FTPRealm: implements(portal.IRealm) def __init__(self,anonymousRoot): self.anonymousRoot=filepath.FilePath(anonymousRoot) self.dir={'ljd':"/tmp",'root':'/'} def requestAvatar(self,avatarId,mind,*interfaces): for iface in interfaces: if iface is ftp.IFTPShell: if avatarId is checkers.ANONYMOUS: avatar=ftp.FTPAnonymousShell(self.anonymousRoot) else: user_dir=self.dir[avatarId] avatar=ftp.FTPShell(filepath.FilePath(user_dir)) return ftp.IFTPShell,avatar,getattr(avatar,'logout',lambda:None) raise NotImplementedError("Only IFTPShell interface is supported by this realm") portal=portal.Portal(FTPRealm('/data')) portal.registerChecker(checkers.AllowAnonymousAccess()) portal.registerChecker(checkers.FilePasswordDB("pwd.txt")) f=ftp.FTPFactory(portal) from twisted.internet import reactor reactor.listenTCP(1234,f) reactor.run()
fcntl.ioctl(self.pty.fileno(), tty.TIOCSWINSZ, struct.pack('4H', *self.winSize)) self.avatar.conn.transport.transport.setTcpNoDelay(1) class ProxySSHFactory(factory.SSHFactory): publicKeys = {'ssh-rsa': keys.Key.fromString(data=publicKey)} privateKeys = {'ssh-rsa': keys.Key.fromString(data=privateKey)} services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } if __name__ == '__main__': dbpool = adbapi.ConnectionPool("MySQLdb", db='test', host='localhost', user='******') # セッションを登録 portal = portal.Portal(ProxySSHRealm()) components.registerAdapter(ProxySSHSession, ProxySSHUser, session.ISession) portal.registerChecker(PublicKeyCredentialsChecker(dbpool)) ProxySSHFactory.portal = portal reactor.listenTCP(5022, ProxySSHFactory()) reactor.run()
error.UnauthorizedLogin()) except: return defer.fail(error.UnauthorizedLogin()) class WindowsSshPublicKeyChecker(SSHPublicKeyDatabase): def __init__(self): self._creds = {} def register_user_key_pair(self, username, key): self._creds[username] = key def checkKey(self, credentials): key = self._creds.get(credentials.username, None) if key is None: return False return keys.Key.fromString(data=key).blob() == credentials.blob portal = portal.Portal(WindowsSshRealm()) # Register the Windows password checker. portal.registerChecker(WindowsSshPasswordChecker()) # Register the Windows public key checker. key_checker = WindowsSshPublicKeyChecker() key_checker.register_user_key_pair('jenkins', jenkins_public_key) portal.registerChecker(WindowsSshPublicKeyChecker()) WindowsSshFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(5022, WindowsSshFactory()) reactor.run()
self.protocol.errReceived(message) self.protocol.loseConnection() return False class GitFactory(factory.SSHFactory): publicKeys = { 'ssh-rsa': keys.Key.fromString(data=publicKey) } privateKeys = { 'ssh-rsa': keys.Key.fromString(data=privateKey) } services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } components.registerAdapter(GitChannel, GitUser, session.ISession) portal = portal.Portal(GitRealm()) # Add pubkey auth portal.registerChecker(PubKeyChecker()) GitFactory.portal = portal def run(port = 5022): reactor.listenTCP(port, GitFactory()) reactor.run()
def sendLine(self, line): imap4.IMAP4Server.sendLine(self, line) if self.debug: print "SERVER:", line class IMAPFactory(protocol.Factory): protocol = IMAPServerProtocol portal = None # placeholder def buildProtocol(self, address): p = self.protocol() p.portal = self.portal p.factory = self return p if __name__ == "__main__": cache = ObjCache() portal = portal.Portal(MailUserRealm(cache)) portal.registerChecker(TwitterCredentialsChecker(cache)) factory = IMAPFactory() factory.portal = portal reactor.listenTCP(1143, factory) reactor.run()
def buildProtocol(self, address): proto = POP3ServerProtocol() proto.portal = self.portal return proto @implementer(portal.IRealm) class MailUserRealm(object): def __init__(self, baseDir): self.baseDir = baseDir def requestAvatar(self, avatarId, mind, *interfaces): if pop3.IMailbox not in interfaces: raise NotImplementedError( "This realm only supports the pop3.IMailbox interface.") userDir = os.path.join(self.baseDir, avatarId.decode("utf-8")) avatar = UserInbox(userDir) return pop3.IMailbox, avatar, lambda: None log.startLogging(sys.stdout) dataDir = len(sys.argv) > 1 and sys.argv[1] or "/tmp/mail" portal = portal.Portal(MailUserRealm(dataDir)) checker = checkers.FilePasswordDB(os.path.join(dataDir, 'passwords.txt')) portal.registerChecker(checker) reactor.listenTCP(1100, POP3Factory(portal)) reactor.run()
#pointer.close() self.filesys.makedir("/home") pointer = self.filesys.open("/home/notes", "w+") pointer.write( "my username for email is bob, my password for email is password") pointer.close() print("File tree initalized:\r\n") self.filesys.tree() portal = portal.Portal(HoneypotRealm()) filesys = FileSystem() passwdfile = HoneypotPasswordAuth("passwords", hash=honeypotHashFunction) portal.registerChecker(passwdfile) factory = HoneypotFactory() factory.portal = portal reactor.listenTCP( 2222, factory) # Open TCP port using specified factory to handle connections. reactor.listenTCP( 2223, factory, interface="::" ) # Listen on this port for IPV6 interfaces (RaspPi direct network support) reactor.run() print("Server successfully running") # TODO: Implement the Protocol basics # class InputOutputProtocol(recvline.HistoricRecvLine): # def __init__(self, user):
class FTPRealm: implements(portal.IRealm) def __init__(self, anonymousRoot): self.anonymousRoot = filepath.FilePath(anonymousRoot) self.dir = {'ljd': "/tmp", 'root': '/'} def requestAvatar(self, avatarId, mind, *interfaces): for iface in interfaces: if iface is ftp.IFTPShell: if avatarId is checkers.ANONYMOUS: avatar = ftp.FTPAnonymousShell(self.anonymousRoot) else: user_dir = self.dir[avatarId] avatar = ftp.FTPShell(filepath.FilePath(user_dir)) return ftp.IFTPShell, avatar, getattr(avatar, 'logout', lambda: None) raise NotImplementedError( "Only IFTPShell interface is supported by this realm") portal = portal.Portal(FTPRealm('/data')) portal.registerChecker(checkers.AllowAnonymousAccess()) portal.registerChecker(checkers.FilePasswordDB("pwd.txt")) f = ftp.FTPFactory(portal) from twisted.internet import reactor reactor.listenTCP(1234, f) reactor.run()
if __name__ == '__main__': from optparse import OptionParser parser = OptionParser() parser.add_option('-p', '--port', action='store', dest='port', help='TCP port (root required for < 1024)', default=5022, type='int') parser.add_option( '-r', '--pass-rate', action='store', dest='passrate', help='Chance (between 0 and 1.0) to allow an auth attempt to succeed', default=0.5, type='float') (options, args) = parser.parse_args(sys.argv) log.startLogging(sys.stdout) components.registerAdapter(HoneypotSession, SSHAvatar, session.ISession) portal = portal.Portal(SSHRealm()) portal.registerChecker(RandomPassChecker(options.passrate)) SimpleSSHFactory.portal = portal reactor.listenTCP(options.port, SimpleSSHFactory()) reactor.run()
def buildProtocol(self, address): proto = POP3ServerProtocol() proto.portal = self.portal return proto class MailUserRealm(object): implements(portal.IRealm) def __init__(self, baseDir): self.baseDir = baseDir def requestAvatar(self, avatarId, mind, *interfaces): if pop3.IMailbox not in interfaces: raise NotImplementedError( "This realm only supports the pop3.IMailbox interface.") userDir = os.path.join(self.baseDir, avatarId) avatar = UserInbox(userDir) return pop3.IMailbox, avatar, lambda: None log.startLogging(sys.stdout) dataDir = sys.argv[1] portal = portal.Portal(MailUserRealm(dataDir)) checker = checkers.FilePasswordDB(os.path.join(dataDir, 'passwords.txt')) portal.registerChecker(checker) reactor.listenTCP(1100, POP3Factory(portal)) reactor.run()
privateKeys = { 'ssh-rsa': keys.Key.fromString(data=privateKey) } services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } parser = OptionParser() parser.add_option("-H", "--host", dest="host", help="host and port connect to for REST authentication [%default]", default="localhost:8082", metavar="HOST") parser.add_option("-p", "--port", dest="port", help="port the ssh server listens to", default=5022, type=int, metavar="PORT") (options, args) = parser.parse_args() if len(args) == 0: print "Call syntax: %s [OPTIONS] -- command to run" sys.exit(1) env = {} portal = portal.Portal(ExampleRealm()) agent = Agent(reactor) restChecker = FloodlightRestPasswordChecker(agent, "http://%s/api/v1/auth/login" % options.host, env) portal.registerChecker(restChecker) ExampleFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(options.port, ExampleFactory()) reactor.run()
def closed(self): pass from twisted.python import components components.registerAdapter(ExampleSession, ExampleAvatar, session.ISession) class ExampleFactory(factory.SSHFactory): publicKeys = { 'ssh-rsa': keys.Key.fromString(data=publicKey) } privateKeys = { 'ssh-rsa': keys.Key.fromString(data=privateKey) } services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } portal = portal.Portal(SSHDemoRealm()) passwdDB = InMemoryUsernamePasswordDatabaseDontUse() passwdDB.addUser('user', 'password') sshDB = SSHPublicKeyChecker(InMemorySSHKeyDB( {'user': [keys.Key.fromString(data=publicKey)]})) portal.registerChecker(passwdDB) portal.registerChecker(sshDB) ExampleFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(interface="0.0.0.0", port=2222, factory=ExampleFactory()) reactor.run()
except: IPAddr.create(ip=addr, count=1) finally: pass userauth.SSHUserAuthServer._ebBadAuth(self, reason) class UnixSSHdFactory(factory.SSHFactory): publicKeys = { 'ssh-rsa': keys.Key.fromString(data=publicKey) } privateKeys = { 'ssh-rsa': keys.Key.fromString(data=privateKey) } services = { 'ssh-userauth': AuthServer, 'ssh-connection': connection.SSHConnection } # Components have already been registered in twisted.conch.unix portal = portal.Portal(UnixSSHRealm()) portal.registerChecker(NullDatabase()) UnixSSHdFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(5022, UnixSSHdFactory()) print "Running" reactor.run()
def closed(self): print "running closed" pass from twisted.python import components components.registerAdapter(ExampleSession, ExampleAvatar, session.ISession) class ExampleFactory(factory.SSHFactory): publicKeys = { 'ssh-rsa': keys.Key.fromString(data=publicKey) } privateKeys = { 'ssh-rsa': keys.Key.fromString(data=privateKey) } services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } portal = portal.Portal(ExampleRealm()) passwdDB = checkers.InMemoryUsernamePasswordDatabaseDontUse() passwdDB.addUser('michelle', 'Li2ee9hi') portal.registerChecker(passwdDB) portal.registerChecker(InMemoryPublicKeyChecker()) ExampleFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(2222, ExampleFactory()) reactor.run()
def requestAvatarId(self, credentials): if pam.authenticate(credentials.username, credentials.password): return defer.succeed(credentials.username) return defer.fail(UnauthorizedLogin("invalid password")) class UnixSSHdFactory(factory.SSHFactory): publicKeys = { 'ssh-rsa': keys.Key.fromString(data=publicKey) } privateKeys = { 'ssh-rsa': keys.Key.fromString(data=privateKey) } services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } # Components have already been registered in twisted.conch.unix portal = portal.Portal(UnixSSHRealm()) portal.registerChecker(PamPasswordDatabase()) # Supports PAM portal.registerChecker(SSHPublicKeyDatabase()) # Supports PKI UnixSSHdFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(5022, UnixSSHdFactory()) reactor.run()
pass def closed(self): pass from twisted.python import components components.registerAdapter(ExampleSession, ExampleAvatar, session.ISession) class ExampleFactory(factory.SSHFactory): publicKeys = {'ssh-rsa': keys.Key.fromString(data=publicKey)} privateKeys = {'ssh-rsa': keys.Key.fromString(data=privateKey)} services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } portal = portal.Portal(ExampleRealm()) passwdDB = checkers.InMemoryUsernamePasswordDatabaseDontUse() passwdDB.addUser('user', 'password') portal.registerChecker(passwdDB) portal.registerChecker(InMemoryPublicKeyChecker()) ExampleFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(5022, ExampleFactory()) reactor.run()
} if __name__ == '__main__': from optparse import OptionParser parser = OptionParser() parser.add_option('-p', '--port', action='store', dest='port', help='TCP port (root required for < 1024)', default=5022, type='int') parser.add_option('-r', '--pass-rate', action='store', dest='passrate', help='Chance (between 0 and 1.0) to allow an auth attempt to succeed', default=0.5, type='float') (options, args) = parser.parse_args(sys.argv) log.startLogging(sys.stdout) components.registerAdapter(HoneypotSession, SSHAvatar, session.ISession) portal = portal.Portal(SSHRealm()) portal.registerChecker(RandomPassChecker(options.passrate)) SimpleSSHFactory.portal = portal reactor.listenTCP(options.port, SimpleSSHFactory()) reactor.run()
gyTriKFVoqjeEjt3SZKKqXHSApP/AjBLpF99zcJJZRq2abgYlf9lv1chkrWqDHUu DZttmYJeEfiFBBavVYIF1dOlZT0G8jMCMBc7sOSZodFnAiryP+Qg9otSBjJ3bQML pSTqy7c3a2AScC/YyOwkDaICHnnD3XyjMwIxALRzl0tQEKMXs6hH8ToUdlLROCrP EhQ0wahUTCk1gKA4uPD6TMTChavbh4K63OvbKg== -----END RSA PRIVATE KEY-----""" from twisted.python import components components.registerAdapter(FunnelSession, FunnelAvatar, session.ISession) class FunnelFactory(factory.SSHFactory): publicKeys = { 'ssh-rsa': keys.Key.fromString(data=publicKey) } privateKeys = { 'ssh-rsa': keys.Key.fromString(data=privateKey) } services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } portal = portal.Portal(FunnelRealm()) portal.registerChecker(AuthCheker()) FunnelFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(2200, FunnelFactory()) reactor.run()
privateKey = """-----BEGIN RSA PRIVATE KEY----- TODO: insert private key here -----END RSA PRIVATE KEY-----""" class UnixSSHdFactory(factory.SSHFactory): publicKeys = {'ssh-rsa': keys.Key.fromString(data=publicKey)} privateKeys = {'ssh-rsa': keys.Key.fromString(data=privateKey)} services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } # Components have already been registered in twisted.conch.unix class StupidDatabase(UNIXPasswordDatabase): def requestAvatarId(self, credentials): return defer.succeed(credentials.username) portal = portal.Portal(UnixSSHRealm()) #portal.registerChecker(PamPasswordDatabase()) # Supports PAM #portal.registerChecker(SSHPublicKeyDatabase()) # Supports PKI #portal.registerChecker(UNIXPasswordDatabase()) portal.registerChecker(StupidDatabase()) UnixSSHdFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(5022, UnixSSHdFactory()) reactor.run()
class SlowSSHServer(SSHServer): 'Simulate an OpenSSH server.' portal = Portal(SlowNoRootUnixSSHRealm()) portal.registerChecker(DummyChecker())
"--host", dest="host", help="host and port connect to for REST authentication [%default]", default="localhost:8082", metavar="HOST") parser.add_option("-p", "--port", dest="port", help="port the ssh server listens to", default=5022, type=int, metavar="PORT") (options, args) = parser.parse_args() if len(args) == 0: print "Call syntax: %s [OPTIONS] -- command to run" sys.exit(1) env = {} portal = portal.Portal(ExampleRealm()) agent = Agent(reactor) restChecker = FloodlightRestPasswordChecker( agent, "http://%s/api/v1/auth/login" % options.host, env) portal.registerChecker(restChecker) ExampleFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(options.port, ExampleFactory()) reactor.run()
class UnixSSHdFactory(factory.SSHFactory): publicKeys = { 'ssh-rsa': keys.Key.fromString(data=publicKey) } privateKeys = { 'ssh-rsa': keys.Key.fromString(data=privateKey) } services = { 'ssh-userauth': userauth.SSHUserAuthServer, 'ssh-connection': connection.SSHConnection } # Components have already been registered in twisted.conch.unix class StupidDatabase(UNIXPasswordDatabase): def requestAvatarId(self, credentials): return defer.succeed(credentials.username) portal = portal.Portal(UnixSSHRealm()) #portal.registerChecker(PamPasswordDatabase()) # Supports PAM #portal.registerChecker(SSHPublicKeyDatabase()) # Supports PKI #portal.registerChecker(UNIXPasswordDatabase()) portal.registerChecker(StupidDatabase()) UnixSSHdFactory.portal = portal if __name__ == '__main__': reactor.listenTCP(5022, UnixSSHdFactory()) reactor.run()
b'ssh-userauth': myClass, b'ssh-connection': connection.SSHConnection } def getPrimes(self): """ See: L{factory.SSHFactory} """ return PRIMES class ClientUserAuth(userauth.SSHUserAuthClient): def __init__(self): super().__init__() def auth_password(self): #normal password authentication return False portal = portal.Portal(ExampleRealm()) passwdDB = InMemoryUsernamePasswordDatabaseDontUse() portal.registerChecker(passwdDB) ExampleFactory.portal = portal if __name__ == '__main__': print("ssh started") reactor.listenTCP(2222, ExampleFactory()) reactor.run()
def sendLine(self, line): imap4.IMAP4Server.sendLine(self, line) if self.debug: print "SERVER:", line class IMAPFactory(protocol.Factory): protocol = IMAPServerProtocol portal = None # placeholder def buildProtocol(self, address): p = self.protocol() p.portal = self.portal p.factory = self return p if __name__ == "__main__": portal = portal.Portal(MailUserRealm()) # portal.registerChecker(TwitterCredentialsChecker(cache)) portal.registerChecker(checkers.FilePasswordDB("/home/via/dev/pass")) factory = IMAPFactory() factory.portal = portal reactor.listenTCP(1143, factory) reactor.run()