def api_configuration():
"""
API Config (could be modify by user)
Returns:
a JSON with API configuration
"""
# DOCKER_ENV variable is set in the docker-compose file.
if os.environ.get('MONGODB_DOCKER_ENV') == "true":
db_url = "mongodb://mongodb:27017/"
else:
db_url = "mongodb://127.0.0.1:27017/"
return { # OWASP Honeypot API Default Configuration
"api_host": "0.0.0.0",
"api_port": 5000,
"api_debug_mode": False,
"api_access_without_key": True,
"api_access_key": generate_token(), # or any string, or None
"api_client_white_list": {
"enabled": False,
"ips": ["127.0.0.1", "10.0.0.1", "192.168.1.1"]
},
"api_access_log": {
"enabled": False,
"filename": "ohp_api_access.log"
},
# mongodb://user:[email protected]:27017/
"api_database": db_url,
"api_database_connection_timeout": 2000, # miliseconds
"api_database_name": "ohp_events"
}
def api_configuration():
"""
API Config (could be modify by user)
Returns:
a JSON with API configuration
"""
return { # OWASP Honeypot API Default Configuration
"api_host": "127.0.0.1",
"api_port": 5000,
"api_debug_mode": False,
"api_access_without_key": True,
"api_access_key": generate_token(), # or any string, or None
"api_client_white_list": {
"enabled": False,
"ips": ["127.0.0.1", "10.0.0.1", "192.168.1.1"]
},
"api_access_log": {
"enabled": False,
"filename": "ohp_api_access.log"
},
"api_database": "mongodb://127.0.0.1:27017/", # mongodb://user:[email protected]:27017/
"api_database_connection_timeout": 2000, # miliseconds
"api_database_name": "ohp_events"
}
def api_configuration():
"""
API Config (could be modify by user)
Returns:
a JSON with API configuration
"""
# DOCKER_ENV variable is set in the docker-compose file.
if os.environ.get('ELASTICSEARCH_DOCKER_ENV') == "true":
db_url = "elasticsearch:9200"
else:
db_url = "127.0.0.1:9200"
return { # OWASP Honeypot API Default Configuration
"api_host": "0.0.0.0",
"api_port": 5000,
"api_debug_mode": False,
"api_access_without_key": True,
"api_access_key": generate_token(), # or any string, or None
"api_client_white_list": {
"enabled": False,
"ips": ["127.0.0.1", "10.0.0.1", "192.168.1.1"]
},
"api_access_log": {
"enabled": False,
"filename": "ohp_api_access.log"
},
# http://127.0.0.1:9200/ # todo: add SSL support later
"api_database": db_url,
"api_database_http_auth": ('elastic', 'changeme')
}
def startVM(sample):
VMName = sample["guest_image"]
runTime = sample["time_to_run"]
sample_file = sample["submission_file"]
try:
if api_config["VM"][VMName]["snapshot"]:
snapshot_name = api_config["VM"][VMName]["snapshot"]
except KeyError:
return abort(404, "Internal memory snapshot not present.")
tenjint_path = check_path("tenjint_config_path")
emulator_path = check_path("emulator_path")
VM_folder = check_path("VM_folder_name")
samples_folder = check_path("samples_store")
disk_snapshot = check_disk_snapshot(VMName)
destFile = generate_token()
destPath = VM_folder + destFile + '.qcow2'
sample["domain"] = destFile
sample["status"] = "running"
shutil.copyfile(disk_snapshot, destPath)
domain_uuid = uuid.uuid4()
xmlPath = os.getcwd() + '/template.xml'
tree = ET.parse(xmlPath)
root = tree.getroot()
vmi_string = "vmi=on,vmi-configs=" + tenjint_path
root[0][3].set('value', vmi_string)
root[1].text = destFile
root[2].text = str(domain_uuid)
root[12][0].text = emulator_path
root[12][1][1].set('file', destPath)
root[12][3][0].set("dir", samples_folder)
root[13][5].set('value', snapshot_name)
tree.write(xmlPath)
xmlstr = ET.tostring(root, method='xml')
xmlstr = str(xmlstr, 'utf-8')
plugin_dir = check_path("plugin_dir")
with open(plugin_dir + "sample.json", "w") as outfile:
json.dump({"file": sample_file}, outfile)
try:
conn = libvirt.open('qemu:///system')
if conn == None:
print('Failed to open connection to qemu:///system',
file=sys.stderr)
exit(1)
dom = conn.defineXML(xmlstr)
if dom == None:
print('Failed to define a domain from an XML definition.',
file=sys.stderr)
exit(1)
if dom.create() < 0:
print('Can not boot guest domain.', file=sys.stderr)
exit(1)
libvirt.virEventAddTimeout(runTime, myDomainTimeoutCalllback, destFile)
db.submission.started.insert_one(sample)
except libvirt.libvirtError:
abort(404, "Libvirt could not be configured")
def module_configuration():
"""
module configuration
Returns:
JSON/Dict module configuration
"""
return {"username": "******", "password": generate_token(16)}
def samplesubmit():
try:
if request.args["api_key"]:
if not (isauthenticated(request.args["api_key"])):
return abort(404, "Invalid authenctication api key")
except KeyError:
return abort(404, "Authentication api key not availabale")
try:
if request.args["runTime"]:
runTime = int(request.args["runTime"])
if runTime <= api_config["max_tenjint_run_time"]:
if runTime >= api_config["min_tenjint_run_time"]:
time_to_run = runTime
else:
return abort(404, "Duration to run Tenjint is less than minimum allowed")
else:
return abort(404, "Duration to run Tenjint more than maximum allowed")
except KeyError:
return abort(404, "Duration to run Tenjint not availabale")
try:
if request.args["guestImage"]:
guest_image = request.args["guestImage"]
if guest_image not in api_config["VM"]:
return abort(404, "Requested Guest Image not available.")
except KeyError:
return abort(404, "Guest Image to run qemu not availabale")
if not request.files:
return abort(404, "Sample file not submitted")
file = request.files['sample']
new_filename = secure_filename(file.filename)
if len(new_filename) < 1:
return abort(404, "Sample not submitted")
origPath = os.getcwd()
os.chdir('./shared_samples')
if os.path.exists(new_filename):
os.chdir(origPath)
return abort(404, "Sample name already exists")
file.save(os.path.join(new_filename))
os.chdir(origPath)
sample = {
'time_to_run': time_to_run,
'guest_image': guest_image,
'status': 'ready',
'id': generate_token(32),
'submission_file': new_filename,
'domain': '',
}
db.submission.submission.insert_one(sample)
newSample(sample)
return jsonify(
[{
'submission_id': sample['id']
}])
def adduser():
try:
if request.args["token"]:
if request.args["token"] == api_config["api_admin_token"]:
user = {'token': generate_token(32)}
db.users.users.insert_one(user)
return user['token']
else:
return abort(404, "Invalid Authentication Token")
except KeyError:
return abort(404, "Authentication Token Not Availabale")
def module_configuration():
"""
module configuration
Returns:
JSON/Dict module configuration
"""
return {
"username": "******",
"password": generate_token(16),
"extra_docker_options":
["--volume {0}/tmp:/var/log/apache2/".format(os.getcwd())],
"module_processor": ModuleProcessor()
}
def module_configuration():
"""
module configuration
Returns:
JSON/Dict module configuration
"""
return {
"username": "******",
"password": generate_token(16),
"extra_docker_options": [
"--volume {0}/tmp:/root/logs/".format(os.getcwd()),
"--env MAILSERVER_NAME=localhost"
],
"module_processor": ModuleProcessor()
}
def startVM(sample):
VMName = sample["guest_image"]
runTime = sample["time_to_run"]
sample_file = sample["submission_file"]
tenjint_path = check_path("tenjint_config_path")
VM_folder = check_path("VM_folder_name")
samples_folder = check_path("samples_store")
disk_snapshot = check_disk_snapshot(VMName)
disk_snapshot_name = check_snapshot(VMName, "disk-snap-name")
snapshot_name = check_snapshot(VMName, "snapshot")
destFile = generate_token(32)
destPath = VM_folder + destFile + '.qcow2'
sample["domain"] = destFile
sample["status"] = "running"
shutil.copyfile(disk_snapshot, destPath)
xmlstr = VMTemplate(disk_snapshot_name, destFile, destPath, tenjint_path,
snapshot_name, samples_folder)
xmlstr = str(xmlstr, 'utf-8')
plugin_dir = check_path("plugin_dir")
with open(plugin_dir + "sample.json", "w") as outfile:
json.dump({"file": sample_file}, outfile)
db.submission.started.insert_one(sample)
try:
conn = libvirt.open('qemu:///system')
if conn == None:
print('Failed to open connection to qemu:///system',
file=sys.stderr)
exit(1)
dom = conn.defineXML(xmlstr)
if dom == None:
print('Failed to define a domain from an XML definition.',
file=sys.stderr)
exit(1)
if dom.create() < 0:
print('Can not boot guest domain.', file=sys.stderr)
exit(1)
libvirt.virEventAddTimeout(runTime, myDomainTimeoutCalllback, destFile)
except libvirt.libvirtError:
abort(404, "Libvirt could not be configured")
def test_generate_token(self):
self.assertEqual(len(generate_token(16)), 16)
self.assertEqual(len(generate_token(32)), 32)
self.assertEqual(len(generate_token(48)), 48)
self.assertEqual(len(generate_token(1)), 1)
self.assertEqual(len(generate_token()), 32) # default
