def _config_honeypot(self, drone, db_session, config): if drone.discriminator != 'honeypot': # meh, better way do do this? drone_id = drone.id ip_address = drone.ip_address db_session.delete(drone) db_session.commit() drone = Honeypot(id=drone_id) drone.ip_address = ip_address db_session.add(drone) db_session.commit() # common properties drone.name = config['name'] # certificate information drone.cert_common_name = config['certificate']['common_name'] drone.cert_country = config['certificate']['country'] drone.cert_state = config['certificate']['state'] drone.cert_locality = config['certificate']['locality'] drone.cert_organization = config['certificate']['organization'] drone.cert_organization_unit = config['certificate']['organization_unit'] # add capabilities drone.capabilities = [] for protocol_name, protocol_config in config['capabilities'].items(): if 'protocol_specific_data' in protocol_config: protocol_specific_data = protocol_config['protocol_specific_data'] else: protocol_specific_data = {} drone.add_capability(protocol_name, protocol_config['port'], protocol_specific_data) db_session.add(drone) db_session.commit() self._handle_command_drone_config_changed(drone.id)
def bootstrap(server_workdir, drone_workdir): """Bootstraps localhost configurations for a Beeswarm server and a honeypot. :param server_workdir: Output directory for the server configuration file. :param drone_workdir: Output directory for the drone configuration file. """ root_logger = logging.getLogger() root_logger.setLevel(logging.DEBUG) formatter = logging.Formatter('%(asctime)-15s (%(name)s) %(message)s') console_log = logging.StreamHandler() console_log.setLevel(logging.INFO) console_log.setFormatter(formatter) root_logger.addHandler(console_log) server_workdir_absolute = os.path.abspath(server_workdir) old_cwd = os.getcwd() os.chdir(server_workdir) server = Server(server_workdir_absolute, None, start_webui=False, customize=False, reset_password=False, max_sessions=0, server_hostname='127.0.0.1') logger.info('Server config has been written to {0}'.format(os.path.join(server_workdir, 'beeswarmcfg.json'))) gevent.spawn(server.start, False) # waiting game to ensure actors has started. gevent.sleep(2) os.chdir(old_cwd) # setting up socket to communicate with ZMQ actor. context = beeswarm.shared.zmq_context config_actor_socket = context.socket(zmq.REQ) config_actor_socket.connect(SocketNames.CONFIG_COMMANDS) db_session = database_setup.get_session() drone = Honeypot() protocol_config = ( ('ftp', 21, { 'max_attempts': 3, 'banner': 'Microsoft FTP Server', 'syst_type': 'Windows-NT' }), ('telnet', 23, { 'max_attempts': 3 }), ('pop3', 110, { 'max_attempts': 3 }), ('pop3s', 993, { 'max_attempts': 3 }), ('ssh', 22, {}), ('http', 80, { 'banner': 'Microsoft-IIS/5.0' }), ('https', 443, { 'banner': 'Microsoft-IIS/5.0' }), ('smtp', 25, { 'banner': 'Microsoft ESMTP MAIL service ready' }), ('vnc', 5900, {}) ) for protocol, port, protocol_specific_data in protocol_config: drone.add_capability(protocol, port, protocol_specific_data) drone.cert_common_name = '*' drone.cert_country = 'US' drone.cert_state = 'None' drone.cert_locality = 'None' drone.cert_organization = 'None' drone.cert_organization_unit = '' db_session.add(drone) db_session.commit() drone_config = send_zmq_request_socket(config_actor_socket, '{0} {1}'.format(Messages.DRONE_CONFIG, drone.id)) with open(os.path.join(drone_workdir, 'beeswarmcfg.json'), 'w') as drone_config_file: drone_config_file.write(json.dumps(drone_config, indent=4)) logger.info('Drone config has been written to {0}'.format(os.path.join(server_workdir, 'beeswarmcfg.json'))) server.stop()
def bootstrap(server_workdir, drone_workdir): """Bootstraps localhost configurations for a Beeswarm server and a honeypot. :param server_workdir: Output directory for the server configuration file. :param drone_workdir: Output directory for the drone configuration file. """ root_logger = logging.getLogger() root_logger.setLevel(logging.DEBUG) formatter = logging.Formatter('%(asctime)-15s (%(name)s) %(message)s') console_log = logging.StreamHandler() console_log.setLevel(logging.INFO) console_log.setFormatter(formatter) root_logger.addHandler(console_log) server_workdir_absolute = os.path.abspath(server_workdir) old_cwd = os.getcwd() os.chdir(server_workdir) server = Server(server_workdir_absolute, None, start_webui=False, customize=False, reset_password=False, max_sessions=0, server_hostname='127.0.0.1') logger.info('Server config has been written to {0}'.format(os.path.join(server_workdir, 'beeswarmcfg.json'))) gevent.spawn(server.start, False) # waiting game to ensure actors has started. gevent.sleep(2) os.chdir(old_cwd) # setting up socket to communicate with ZMQ actor. context = beeswarm.shared.zmq_context database_actor = context.socket(zmq.REQ) database_actor.connect(SocketNames.DATABASE_REQUESTS.value) db_session = database_setup.get_session() drone = Honeypot() protocol_config = ( ('ftp', 21, { 'max_attempts': 3, 'banner': 'Microsoft FTP Server', 'syst_type': 'Windows-NT' }), ('telnet', 23, { 'max_attempts': 3 }), ('pop3', 110, { 'max_attempts': 3 }), ('pop3s', 993, { 'max_attempts': 3 }), ('ssh', 22, {}), ('http', 80, { 'banner': 'Microsoft-IIS/5.0' }), ('https', 443, { 'banner': 'Microsoft-IIS/5.0' }), ('smtp', 25, { 'banner': 'Microsoft ESMTP MAIL service ready' }), ('vnc', 5900, {}) ) for protocol, port, protocol_specific_data in protocol_config: drone.add_capability(protocol, port, protocol_specific_data) drone.cert_common_name = '*' drone.cert_country = 'US' drone.cert_state = 'None' drone.cert_locality = 'None' drone.cert_organization = 'None' drone.cert_organization_unit = '' db_session.add(drone) db_session.commit() drone_config = send_zmq_request_socket(database_actor, '{0} {1}'.format(Messages.DRONE_CONFIG.value, drone.id)) with open(os.path.join(drone_workdir, 'beeswarmcfg.json'), 'w') as drone_config_file: drone_config_file.write(json.dumps(drone_config, indent=4)) logger.info('Drone config has been written to {0}'.format(os.path.join(server_workdir, 'beeswarmcfg.json'))) server.stop()