Exemplo n.º 1
0
 def setUpClass(cls):
     cls.auth_log_filename = "test_auth_log.log"
     cls.session_log_filename = "test_session_log.log"
     cls.session_json_filename = "test_session_log.json"
     cls.flogger = FileLogger(cls.session_log_filename,
                              cls.session_json_filename,
                              cls.auth_log_filename)
Exemplo n.º 2
0
    def start(self):
        """ Starts services. """

        if 'public_ip_as_destination_ip' in self.config and self.config['public_ip_as_destination_ip'] == True:
            self._greenlets.append(gevent.spawn(self._record_and_lookup_public_ip))

        # start activity logging
        if 'activity_logging' in self.config:
            if 'file' in self.config['activity_logging'] and self.config['activity_logging']['file']['enabled']:
                logFile = self.config['activity_logging']['file']['filename']
                FileLogger(logFile).start()
            if 'zmq' in self.config['activity_logging'] and self.config['activity_logging']['zmq']['enabled']:
                zmq_url = self.config['activity_logging']['zmq']['url']
                client_pub_key = self.config['activity_logging']['zmq']['client_public_key']
                client_secret_key = self.config['activity_logging']['zmq']['client_secret_key']
                server_pub_key = self.config['activity_logging']['zmq']['server_public_key']
                ZmqLogger(zmq_url, client_pub_key, client_secret_key, server_pub_key).start()

        for c in heralding.capabilities.handlerbase.HandlerBase.__subclasses__():

            cap_name = c.__name__.lower()
            if cap_name in self.config['capabilities']:
                if not self.config['capabilities'][cap_name]['enabled']:
                    continue
                port = self.config['capabilities'][cap_name]['port']
                # carve out the options for this specific service
                options = self.config['capabilities'][cap_name]
                # capabilities are only allowed to append to the session list
                cap = c(options)

                try:
                    # Convention: All capability names which end in 's' will be wrapped in ssl.
                    if cap_name.endswith('s'):
                        server = StreamServer(('0.0.0.0', port), cap.handle_session,
                                              keyfile=self.key, certfile=self.cert)
                    else:
                        server = StreamServer(('0.0.0.0', port), cap.handle_session)

                    logger.debug('Adding {0} capability with options: {1}'.format(cap_name, options))
                    self._servers.append(server)
                    server_greenlet = Greenlet(server.start())
                    self._greenlets.append(server_greenlet)
                except Exception as ex:
                    error_message = "Could not start {0} server on port {1}. Error: {2}".format(c.__name__, port, ex)
                    logger.error(error_message)
                    sys.exit(error_message)
                else:
                    logger.info('Started {0} capability listening on port {1}'.format(c.__name__, port))

        self.readyForDroppingPrivs.set()
        gevent.joinall(self._greenlets)
Exemplo n.º 3
0
    def start(self):
        """ Starts services. """

        if 'public_ip_as_destination_ip' in self.config and self.config[
                'public_ip_as_destination_ip'] is True:
            asyncio.ensure_future(self._record_and_lookup_public_ip(),
                                  loop=self.loop)

        # setup hash cracker's wordlist
        if self.config['hash_cracker']['enabled']:
            self.setup_wordlist()

        # start activity logging
        if 'activity_logging' in self.config:
            if 'file' in self.config['activity_logging'] and self.config[
                    'activity_logging']['file']['enabled']:
                auth_log = self.config['activity_logging']['file'][
                    'authentication_log_file']
                session_csv_log = self.config['activity_logging']['file'][
                    'session_csv_log_file']
                session_json_log = self.config['activity_logging']['file'][
                    'session_json_log_file']
                file_logger = FileLogger(session_csv_log, session_json_log,
                                         auth_log)
                self.file_logger_task = self.loop.run_in_executor(
                    None, file_logger.start)
                self.file_logger_task.add_done_callback(
                    common.on_unhandled_task_exception)
                self._loggers.append(file_logger)

            if 'syslog' in self.config['activity_logging'] and self.config[
                    'activity_logging']['syslog']['enabled']:
                sys_logger = SyslogLogger()
                self.sys_logger_task = self.loop.run_in_executor(
                    None, sys_logger.start)
                self.sys_logger_task.add_done_callback(
                    common.on_unhandled_task_exception)
                self._loggers.append(sys_logger)

            if 'hpfeeds' in self.config['activity_logging'] and self.config[
                    'activity_logging']['hpfeeds']['enabled']:
                session_channel = self.config['activity_logging']['hpfeeds'][
                    'session_channel']
                auth_channel = self.config['activity_logging']['hpfeeds'][
                    'auth_channel']
                host = self.config['activity_logging']['hpfeeds']['host']
                port = self.config['activity_logging']['hpfeeds']['port']
                ident = self.config['activity_logging']['hpfeeds']['ident']
                secret = self.config['activity_logging']['hpfeeds']['secret']
                hpfeeds_logger = HpFeedsLogger(session_channel, auth_channel,
                                               host, port, ident, secret)
                self.hpfeeds_logger_task = self.loop.run_in_executor(
                    None, hpfeeds_logger.start)
                self.hpfeeds_logger_task.add_done_callback(
                    common.on_unhandled_task_exception)

            if 'curiosum' in self.config['activity_logging'] and self.config[
                    'activity_logging']['curiosum']['enabled']:
                port = self.config['activity_logging']['curiosum']['port']
                curiosum_integration = CuriosumIntegration(port)
                self.hpfeeds_logger_task = self.loop.run_in_executor(
                    None, curiosum_integration.start)
                self.hpfeeds_logger_task.add_done_callback(
                    common.on_unhandled_task_exception)

        bind_host = self.config['bind_host']
        listen_ports = []
        for c in heralding.capabilities.handlerbase.HandlerBase.__subclasses__(
        ):
            cap_name = c.__name__.lower()
            if cap_name in self.config['capabilities']:
                if not self.config['capabilities'][cap_name]['enabled']:
                    continue
                port = self.config['capabilities'][cap_name]['port']
                listen_ports.append(port)
                # carve out the options for this specific service
                options = self.config['capabilities'][cap_name]
                # capabilities are only allowed to append to the session list
                cap = c(options, self.loop)
                try:
                    # # Convention: All capability names which end in 's' will be wrapped in ssl.
                    if cap_name.endswith('s'):
                        pem_file = '{0}.pem'.format(cap_name)
                        self.create_cert_if_not_exists(cap_name, pem_file)
                        ssl_context = self.create_ssl_context(pem_file)
                        server_coro = asyncio.start_server(cap.handle_session,
                                                           bind_host,
                                                           port,
                                                           loop=self.loop,
                                                           ssl=ssl_context)
                    elif cap_name == 'ssh':
                        # Since dicts and user-defined classes are mutable, we have
                        # to save ssh class and ssh options somewhere.
                        ssh_options = options
                        SshClass = c
                        self.SshClass = SshClass

                        ssh_key_file = 'ssh.key'
                        SshClass.generate_ssh_key(ssh_key_file)

                        banner = ssh_options['protocol_specific_data'][
                            'banner']
                        SshClass.change_server_banner(banner)

                        server_coro = asyncssh.create_server(
                            lambda: SshClass(ssh_options, self.loop),
                            bind_host,
                            port,
                            server_host_keys=[ssh_key_file],
                            login_timeout=cap.timeout)
                    elif cap_name == 'rdp':
                        pem_file = '{0}.pem'.format(cap_name)
                        self.create_cert_if_not_exists(cap_name, pem_file)
                        server_coro = asyncio.start_server(cap.handle_session,
                                                           bind_host,
                                                           port,
                                                           loop=self.loop)
                    else:
                        server_coro = asyncio.start_server(cap.handle_session,
                                                           bind_host,
                                                           port,
                                                           loop=self.loop)

                    server = self.loop.run_until_complete(server_coro)
                    logger.debug('Adding %s capability with options: %s',
                                 cap_name, options)
                    self._servers.append(server)
                except Exception as ex:
                    error_message = "Could not start {0} server on port {1}. Error: {2}".format(
                        c.__name__, port, ex)
                    logger.error(error_message)
                    raise ex
                else:
                    logger.info('Started %s capability listening on port %s',
                                c.__name__, port)
        ReportingRelay.logListenPorts(listen_ports)
Exemplo n.º 4
0
 def setUpClass(cls):
     log_filename = "test_csv.log"
     cls.flogger = FileLogger(log_filename)
Exemplo n.º 5
0
    def start(self):
        """ Starts services. """

        if 'public_ip_as_destination_ip' in self.config and self.config[
                'public_ip_as_destination_ip'] is True:
            asyncio.ensure_future(self._record_and_lookup_public_ip(),
                                  loop=self.loop)

        # start activity logging
        if 'activity_logging' in self.config:
            if 'file' in self.config['activity_logging'] and self.config[
                    'activity_logging']['file']['enabled']:
                log_file = self.config['activity_logging']['file']['filename']
                file_logger = FileLogger(log_file)
                self.file_logger_task = self.loop.run_in_executor(
                    None, file_logger.start)
                self.file_logger_task.add_done_callback(
                    common.on_unhandled_task_exception)
                self._loggers.append(file_logger)

            if 'syslog' in self.config['activity_logging'] and self.config[
                    'activity_logging']['syslog']['enabled']:
                sys_logger = SyslogLogger()
                self.sys_logger_task = self.loop.run_in_executor(
                    None, sys_logger.start)
                self.sys_logger_task.add_done_callback(
                    common.on_unhandled_task_exception)
                self._loggers.append(sys_logger)

        for c in heralding.capabilities.handlerbase.HandlerBase.__subclasses__(
        ):
            cap_name = c.__name__.lower()
            if cap_name in self.config['capabilities']:
                if not self.config['capabilities'][cap_name]['enabled']:
                    continue
                port = self.config['capabilities'][cap_name]['port']
                # carve out the options for this specific service
                options = self.config['capabilities'][cap_name]
                # capabilities are only allowed to append to the session list
                cap = c(options, self.loop)

                try:
                    # # Convention: All capability names which end in 's' will be wrapped in ssl.
                    if cap_name.endswith('s'):
                        pem_file = '{0}.pem'.format(cap_name)
                        self.create_cert_if_not_exists(cap_name, pem_file)
                        ssl_context = self.create_ssl_context(pem_file)
                        server_coro = asyncio.start_server(cap.handle_session,
                                                           '0.0.0.0',
                                                           port,
                                                           loop=self.loop,
                                                           ssl=ssl_context)
                    elif cap_name == 'ssh':
                        # Since dicts and user-defined classes are mutable, we have
                        # to save ssh class and ssh options somewhere.
                        ssh_options = options
                        SshClass = c
                        self.SshClass = SshClass

                        ssh_key_file = 'ssh.key'
                        SshClass.generate_ssh_key(ssh_key_file)

                        banner = ssh_options['protocol_specific_data'][
                            'banner']
                        SshClass.change_server_banner(banner)

                        server_coro = asyncssh.create_server(
                            lambda: SshClass(ssh_options, self.loop),
                            '0.0.0.0',
                            port,
                            server_host_keys=[ssh_key_file],
                            login_timeout=cap.timeout,
                            loop=self.loop)
                    else:
                        server_coro = asyncio.start_server(cap.handle_session,
                                                           '0.0.0.0',
                                                           port,
                                                           loop=self.loop)

                    server = self.loop.run_until_complete(server_coro)
                    logger.debug(
                        'Adding {0} capability with options: {1}'.format(
                            cap_name, options))
                    self._servers.append(server)
                except Exception as ex:
                    error_message = "Could not start {0} server on port {1}. Error: {2}".format(
                        c.__name__, port, ex)
                    logger.error(error_message)
                    task_killer = common.cancel_all_pending_tasks(self.loop)
                    self.loop.run_until_complete(task_killer)
                    sys.exit(error_message)
                else:
                    logger.info(
                        'Started {0} capability listening on port {1}'.format(
                            c.__name__, port))