def __init__(self, work_dir, config):
"""
Main class which runs Beeswarm in Client mode.
:param work_dir: Working directory (usually the current working directory)
:param config_arg: Beeswarm configuration dictionary.
"""
self.run_flag = True
# maps honeypot id to IP
self.honeypot_map = {}
with open('beeswarmcfg.json', 'r') as config_file:
self.config = json.load(config_file, object_hook=asciify)
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
BaitSession.client_id = self.config['general']['id']
if self.config['general']['fetch_ip']:
self.my_ip = urllib2.urlopen(
'http://api-sth01.exip.org/?call=ip').read()
logger.info('Fetched {0} as my external ip.'.format(self.my_ip))
else:
self.my_ip = get_most_likely_ip()
self.dispatcher_greenlets = []
def __init__(self, work_dir, config):
"""
Main class which runs Beeswarm in Client mode.
:param work_dir: Working directory (usually the current working directory)
:param config_arg: Beeswarm configuration dictionary.
"""
self.run_flag = True
# maps honeypot id to IP
self.honeypot_map = {}
with open('beeswarmcfg.json', 'r') as config_file:
self.config = json.load(config_file, object_hook=asciify)
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
BaitSession.client_id = self.config['general']['id']
if self.config['general']['fetch_ip']:
self.my_ip = urllib2.urlopen('http://api-sth01.exip.org/?call=ip').read()
logger.info('Fetched {0} as my external ip.'.format(self.my_ip))
else:
self.my_ip = get_most_likely_ip()
self.dispatcher_greenlets = []
def monitor_worker(self, monitor_socket, log_name):
monitor_socket.linger = 0
poller = zmq.Poller()
poller.register(monitor_socket, zmq.POLLIN)
while True:
socks = poller.poll(1)
gevent.sleep(0.1)
if len(socks) > 0:
data = recv_monitor_message(monitor_socket)
event = data['event']
if event == zmq.EVENT_CONNECTED:
logger.info('Connected to {0}'.format(log_name))
# always ask for config to avoid race condition.
send_zmq_push(SocketNames.SERVER_RELAY.value, '{0}'.format(Messages.DRONE_WANT_CONFIG.value))
if 'outgoing' in log_name:
send_zmq_push(SocketNames.SERVER_RELAY.value, '{0}'.format(Messages.PING.value))
own_ip = get_most_likely_ip()
send_zmq_push(SocketNames.SERVER_RELAY.value, '{0} {1}'.format(Messages.IP.value, own_ip))
elif 'incomming':
pass
else:
assert False
elif event == zmq.EVENT_DISCONNECTED:
logger.warning('Disconnected from {0}, will reconnect in {1} seconds.'.format(log_name, 5))
gevent.sleep()
def __init__(self, work_dir, config, key='server.key', cert='server.crt', **kwargs):
"""
Main class which runs Beeswarm in Honeypot mode.
:param work_dir: Working directory (usually the current working directory)
:param config: Beeswarm configuration dictionary, None if no configuration was supplied.
:param key: Key file used for SSL enabled capabilities
:param cert: Cert file used for SSL enabled capabilities
"""
if config is None or not os.path.isdir(os.path.join(work_dir, 'data')):
Honeypot.prepare_environment(work_dir)
self.work_dir = work_dir
self.config = config
self.key = os.path.join(work_dir, key)
self.cert = os.path.join(work_dir, cert)
self._servers = []
self._server_greenlets = []
self.honeypot_id = self.config['general']['id']
Session.honeypot_id = self.honeypot_id
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
if not (os.path.isfile(os.path.join(work_dir, 'server.key'))):
cert_info = config['certificate_info']
if cert_info['common_name']:
cert_info['common_name'] = cert_info['common_name']
else:
cert_info['common_name'] = get_most_likely_ip()
cert, priv_key = create_self_signed_cert(cert_info['country'], cert_info['state'],
cert_info['organization'], cert_info['locality'],
cert_info['organization_unit'], cert_info['common_name'])
cert_path = os.path.join(work_dir, 'server.crt')
key_path = os.path.join(work_dir, 'server.key')
with open(cert_path, 'w') as certfile:
certfile.write(cert)
with open(key_path, 'w') as keyfile:
keyfile.write(priv_key)
send_zmq_push(SocketNames.SERVER_RELAY.value,
'{0} {1} {2}'.format(Messages.KEY.value, self.honeypot_id, priv_key))
send_zmq_push(SocketNames.SERVER_RELAY.value,
'{0} {1} {2}'.format(Messages.CERT.value, self.honeypot_id, cert))
if self.config['general']['fetch_ip']:
try:
url = 'http://api.externalip.net/ip'
req = requests.get(url)
self.honeypot_ip = req.text
logger.info('Fetched {0} as external ip for Honeypot.'.format(self.honeypot_ip))
except (Timeout, ConnectionError) as e:
logger.warning('Could not fetch public ip: {0}'.format(e))
else:
self.honeypot_ip = ''
# spawning time checker
if self.config['timecheck']['enabled']:
Greenlet.spawn(self.check_time)
def __init__(self,
work_dir,
config,
key='server.key',
cert='server.crt',
**kwargs):
"""
Main class which runs Beeswarm in Honeypot mode.
:param work_dir: Working directory (usually the current working directory)
:param config: Beeswarm configuration dictionary, None if no configuration was supplied.
:param key: Key file used for SSL enabled capabilities
:param cert: Cert file used for SSL enabled capabilities
"""
if fs.__version__ != '0.5.4':
os.exit('the python fs package must be verison 0.5.4')
if config is None or not os.path.isdir(os.path.join(work_dir, 'data')):
Honeypot.prepare_environment(work_dir)
self.work_dir = work_dir
self.config = config
self.key = os.path.join(work_dir, key)
self.cert = os.path.join(work_dir, cert)
self._servers = []
self._server_greenlets = []
self.honeypot_id = self.config['general']['id']
Session.honeypot_id = self.honeypot_id
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
if not (os.path.isfile(os.path.join(work_dir, 'server.key'))):
cert_info = config['certificate_info']
if cert_info['common_name']:
cert_info['common_name'] = cert_info['common_name']
else:
cert_info['common_name'] = get_most_likely_ip()
cert, priv_key = create_self_signed_cert(
cert_info['country'], cert_info['state'],
cert_info['organization'], cert_info['locality'],
cert_info['organization_unit'], cert_info['common_name'])
cert_path = os.path.join(work_dir, 'server.crt')
key_path = os.path.join(work_dir, 'server.key')
with open(cert_path, 'w') as certfile:
certfile.write(cert)
with open(key_path, 'w') as keyfile:
keyfile.write(priv_key)
send_zmq_push(
SocketNames.SERVER_RELAY.value,
'{0} {1} {2}'.format(Messages.KEY.value, self.honeypot_id,
priv_key))
send_zmq_push(
SocketNames.SERVER_RELAY.value,
'{0} {1} {2}'.format(Messages.CERT.value, self.honeypot_id,
cert))
if self.config['general']['fetch_ip']:
try:
url = 'http://api.externalip.net/ip'
req = requests.get(url)
self.honeypot_ip = req.text
logger.info('Fetched {0} as external ip for Honeypot.'.format(
self.honeypot_ip))
except (Timeout, ConnectionError) as e:
logger.warning('Could not fetch public ip: {0}'.format(e))
else:
self.honeypot_ip = ''
# spawning time checker
if self.config['timecheck']['enabled']:
Greenlet.spawn(self.check_time)
def __init__(self,
work_dir,
config,
key='server.key',
cert='server.crt',
**kwargs):
"""
Main class which runs Beeswarm in Honeypot mode.
:param work_dir: Working directory (usually the current working directory)
:param config: Beeswarm configuration dictionary, None if no configuration was supplied.
:param key: Key file used for SSL enabled capabilities
:param cert: Cert file used for SSL enabled capabilities
"""
if config is None or not os.path.isdir(os.path.join(work_dir, 'data')):
Honeypot.prepare_environment(work_dir)
with open('beeswarmcfg.json', 'r') as config_file:
config = json.load(config_file, object_hook=asciify)
self.work_dir = work_dir
self.config = config
self.key = key
self.cert = cert
self._servers = []
self._server_greenlets = []
# will contain Session objects
self._sessions = {}
self._session_consumer = None
# TODO: pass honeypot otherwise
Session.honeypot_id = self.config['general']['id']
self.id = self.config['general']['id']
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
if not (os.path.isfile(os.path.join(work_dir, 'server.key'))):
cert_info = config['certificate_info']
if cert_info['common_name']:
cert_info['common_name'] = cert_info['common_name']
else:
cert_info['common_name'] = get_most_likely_ip()
cert, priv_key = create_self_signed_cert(
cert_info['country'], cert_info['state'],
cert_info['organization'], cert_info['locality'],
cert_info['organization_unit'], cert_info['common_name'])
cert_path = os.path.join(work_dir, 'server.crt')
key_path = os.path.join(work_dir, 'server.key')
with open(cert_path, 'w') as certfile:
certfile.write(cert)
with open(key_path, 'w') as keyfile:
keyfile.write(priv_key)
send_zmq_push('inproc://serverRelay',
'{0} {1} {2}'.format(Messages.KEY, self.id, keyfile))
send_zmq_push('inproc://serverRelay',
'{0} {1} {2}'.format(Messages.CERT, self.id, cert))
if self.config['general']['fetch_ip']:
try:
url = 'http://api.externalip.net/ip'
req = requests.get(url)
self.honeypot_ip = req.text
logger.info('Fetched {0} as external ip for Honeypot.'.format(
self.honeypot_ip))
except (Timeout, ConnectionError) as e:
logger.warning('Could not fetch public ip: {0}'.format(e))
else:
self.honeypot_ip = ''
# spawning time checker
if self.config['timecheck']['enabled']:
Greenlet.spawn(self.checktime)
