def __init__(self, work_dir, config):
"""
Main class which runs Beeswarm in Client mode.
:param work_dir: Working directory (usually the current working directory)
:param config_arg: Beeswarm configuration dictionary.
"""
self.run_flag = True
# maps honeypot id to IP
self.honeypot_map = {}
with open('beeswarmcfg.json', 'r') as config_file:
self.config = json.load(config_file, object_hook=asciify)
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
BaitSession.client_id = self.config['general']['id']
if self.config['general']['fetch_ip']:
self.my_ip = urllib2.urlopen(
'http://api-sth01.exip.org/?call=ip').read()
logger.info('Fetched {0} as my external ip.'.format(self.my_ip))
else:
self.my_ip = get_most_likely_ip()
self.dispatcher_greenlets = []
def __init__(self, work_dir, config, key='server.key', cert='server.crt', curses_screen=None, **kwargs):
"""
:param work_dir: Working directory (usually the current working directory)
:param config: Beeswarm configuration dictionary, None if no configuration was supplied.
:param key: Key file used for SSL enabled capabilities
:param cert: Cert file used for SSL enabled capabilities
:param curses_screen: Contains a curses screen object, if UI is enabled. Default is None.
"""
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
self.work_dir = work_dir
self.config = config
self.key = key
self.cert = cert
self.id = self.config['general']['id']
# Honeypot / Client
self.drone = None
self.drone_greenlet = None
self.outgoing_msg_greenlet = None
self.incoming_msg_greenlet = None
if self.config['general']['fetch_ip']:
try:
url = 'http://api.externalip.net/ip'
req = requests.get(url)
self.ip = req.text
logger.info('Fetched {0} as external ip for Honeypot.'.format(self.ip))
except (Timeout, ConnectionError) as e:
logger.warning('Could not fetch public ip: {0}'.format(e))
else:
self.ip = ''
def __init__(self, work_dir, config):
"""
Main class which runs Beeswarm in Client mode.
:param work_dir: Working directory (usually the current working directory)
:param config_arg: Beeswarm configuration dictionary.
"""
self.run_flag = True
# maps honeypot id to IP
self.honeypot_map = {}
with open('beeswarmcfg.json', 'r') as config_file:
self.config = json.load(config_file, object_hook=asciify)
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
BaitSession.client_id = self.config['general']['id']
if self.config['general']['fetch_ip']:
self.my_ip = urllib2.urlopen('http://api-sth01.exip.org/?call=ip').read()
logger.info('Fetched {0} as my external ip.'.format(self.my_ip))
else:
self.my_ip = get_most_likely_ip()
self.dispatcher_greenlets = []
def __init__(self, work_dir, config, key='server.key', cert='server.crt', **kwargs):
"""
Main class which runs Beeswarm in Honeypot mode.
:param work_dir: Working directory (usually the current working directory)
:param config: Beeswarm configuration dictionary, None if no configuration was supplied.
:param key: Key file used for SSL enabled capabilities
:param cert: Cert file used for SSL enabled capabilities
"""
if config is None or not os.path.isdir(os.path.join(work_dir, 'data')):
Honeypot.prepare_environment(work_dir)
self.work_dir = work_dir
self.config = config
self.key = os.path.join(work_dir, key)
self.cert = os.path.join(work_dir, cert)
self._servers = []
self._server_greenlets = []
self.honeypot_id = self.config['general']['id']
Session.honeypot_id = self.honeypot_id
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
if not (os.path.isfile(os.path.join(work_dir, 'server.key'))):
cert_info = config['certificate_info']
if cert_info['common_name']:
cert_info['common_name'] = cert_info['common_name']
else:
cert_info['common_name'] = get_most_likely_ip()
cert, priv_key = create_self_signed_cert(cert_info['country'], cert_info['state'],
cert_info['organization'], cert_info['locality'],
cert_info['organization_unit'], cert_info['common_name'])
cert_path = os.path.join(work_dir, 'server.crt')
key_path = os.path.join(work_dir, 'server.key')
with open(cert_path, 'w') as certfile:
certfile.write(cert)
with open(key_path, 'w') as keyfile:
keyfile.write(priv_key)
send_zmq_push(SocketNames.SERVER_RELAY.value,
'{0} {1} {2}'.format(Messages.KEY.value, self.honeypot_id, priv_key))
send_zmq_push(SocketNames.SERVER_RELAY.value,
'{0} {1} {2}'.format(Messages.CERT.value, self.honeypot_id, cert))
if self.config['general']['fetch_ip']:
try:
url = 'http://api.externalip.net/ip'
req = requests.get(url)
self.honeypot_ip = req.text
logger.info('Fetched {0} as external ip for Honeypot.'.format(self.honeypot_ip))
except (Timeout, ConnectionError) as e:
logger.warning('Could not fetch public ip: {0}'.format(e))
else:
self.honeypot_ip = ''
# spawning time checker
if self.config['timecheck']['enabled']:
Greenlet.spawn(self.check_time)
def __init__(self,
work_dir,
config,
key='server.key',
cert='server.crt',
**kwargs):
"""
:param work_dir: Working directory (usually the current working directory)
:param config: Beeswarm configuration dictionary, None if no configuration was supplied.
:param key: Key file used for SSL enabled capabilities
:param cert: Cert file used for SSL enabled capabilities
"""
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
self.work_dir = work_dir
self.config = config
self.key = key
self.cert = cert
self.id = self.config['general']['id']
# Honeypot / Client
self.drone = None
self.drone_greenlet = None
self.outgoing_msg_greenlet = None
self.incoming_msg_greenlet = None
self.config_url_dropper_greenlet = None
# messages from server relayed to internal listeners
ctx = beeswarm.shared.zmq_context
self.internal_server_relay = ctx.socket(zmq.PUSH)
self.internal_server_relay.bind('inproc://serverCommands')
self.config_received = gevent.event.Event()
if self.config['general']['fetch_ip']:
try:
url = 'http://api.externalip.net/ip'
req = requests.get(url)
self.ip = req.text
logger.info('Fetched {0} as external ip for Honeypot.'.format(
self.ip))
except (Timeout, ConnectionError) as e:
logger.warning('Could not fetch public ip: {0}'.format(e))
else:
self.ip = ''
def __init__(self, work_dir, config, curses_screen=None):
"""
Main class which runs Beeswarm in Client mode.
:param work_dir: Working directory (usually the current working directory)
:param config_arg: Beeswarm configuration dictionary.
:param curses_screen: Contains a curses screen object, if UI is enabled. Default is None.
"""
self.run_flag = True
self.curses_screen = curses_screen
with open('beeswarmcfg.json', 'r') as config_file:
self.config = json.load(config_file, object_hook=asciify)
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
BaitSession.client_id = self.config['general']['id']
# TODO: Handle peering in other place
BaitSession.honeypot_id = self.config['general']['id']
if self.config['public_ip']['fetch_ip']:
self.my_ip = urllib2.urlopen('http://api-sth01.exip.org/?call=ip').read()
logger.info('Fetched {0} as my external ip.'.format(self.my_ip))
else:
self.my_ip = '127.0.0.1'
self.status = {
'mode': 'Client',
'total_bees': 0,
'active_bees': 0,
'enabled_bees': [],
'client_id': self.config['general']['client_id'],
'managment_url': self.config['beeswarm_server']['managment_url'],
'ip_address': self.my_ip
}
self.dispatchers = {}
self.dispatcher_greenlets = []
if self.curses_screen is not None:
self.uihandler = ClientUIHandler(self.status, self.curses_screen)
Greenlet.spawn(self.show_status_ui)
def __init__(self, work_dir, config, key='server.key', cert='server.crt', local_pull_socket=None, **kwargs):
"""
:param work_dir: Working directory (usually the current working directory)
:param config: Beeswarm configuration dictionary, None if no configuration was supplied.
:param key: Key file used for SSL enabled capabilities
:param cert: Cert file used for SSL enabled capabilities
"""
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
self.work_dir = work_dir
self.config = config
self.config_file = os.path.join(work_dir, 'beeswarmcfg.json')
self.key = key
self.cert = cert
self.id = self.config['general']['id']
self.local_pull_socket = local_pull_socket
# Honeypot / Client
self.drone = None
self.drone_greenlet = None
self.outgoing_msg_greenlet = None
self.incoming_msg_greenlet = None
# messages from server relayed to internal listeners
ctx = beeswarm.shared.zmq_context
self.internal_server_relay = ctx.socket(zmq.PUSH)
self.internal_server_relay.bind(SocketNames.SERVER_COMMANDS.value)
if self.config['general']['fetch_ip']:
try:
url = 'http://api.externalip.net/ip'
req = requests.get(url)
self.ip = req.text
logger.info('Fetched {0} as external ip for Honeypot.'.format(self.ip))
except (Timeout, ConnectionError) as e:
logger.warning('Could not fetch public ip: {0}'.format(e))
else:
self.ip = ''
self.greenlets = []
self.config_received = gevent.event.Event()
def __init__(self,
work_dir,
config,
key='server.key',
cert='server.crt',
**kwargs):
"""
Main class which runs Beeswarm in Honeypot mode.
:param work_dir: Working directory (usually the current working directory)
:param config: Beeswarm configuration dictionary, None if no configuration was supplied.
:param key: Key file used for SSL enabled capabilities
:param cert: Cert file used for SSL enabled capabilities
"""
if fs.__version__ != '0.5.4':
os.exit('the python fs package must be verison 0.5.4')
if config is None or not os.path.isdir(os.path.join(work_dir, 'data')):
Honeypot.prepare_environment(work_dir)
self.work_dir = work_dir
self.config = config
self.key = os.path.join(work_dir, key)
self.cert = os.path.join(work_dir, cert)
self._servers = []
self._server_greenlets = []
self.honeypot_id = self.config['general']['id']
Session.honeypot_id = self.honeypot_id
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
if not (os.path.isfile(os.path.join(work_dir, 'server.key'))):
cert_info = config['certificate_info']
if cert_info['common_name']:
cert_info['common_name'] = cert_info['common_name']
else:
cert_info['common_name'] = get_most_likely_ip()
cert, priv_key = create_self_signed_cert(
cert_info['country'], cert_info['state'],
cert_info['organization'], cert_info['locality'],
cert_info['organization_unit'], cert_info['common_name'])
cert_path = os.path.join(work_dir, 'server.crt')
key_path = os.path.join(work_dir, 'server.key')
with open(cert_path, 'w') as certfile:
certfile.write(cert)
with open(key_path, 'w') as keyfile:
keyfile.write(priv_key)
send_zmq_push(
SocketNames.SERVER_RELAY.value,
'{0} {1} {2}'.format(Messages.KEY.value, self.honeypot_id,
priv_key))
send_zmq_push(
SocketNames.SERVER_RELAY.value,
'{0} {1} {2}'.format(Messages.CERT.value, self.honeypot_id,
cert))
if self.config['general']['fetch_ip']:
try:
url = 'http://api.externalip.net/ip'
req = requests.get(url)
self.honeypot_ip = req.text
logger.info('Fetched {0} as external ip for Honeypot.'.format(
self.honeypot_ip))
except (Timeout, ConnectionError) as e:
logger.warning('Could not fetch public ip: {0}'.format(e))
else:
self.honeypot_ip = ''
# spawning time checker
if self.config['timecheck']['enabled']:
Greenlet.spawn(self.check_time)
def __init__(self, work_dir, config, key='server.key', cert='server.crt',
curses_screen=None, **kwargs):
"""
Main class which runs Beeswarm in Honeypot mode.
:param work_dir: Working directory (usually the current working directory)
:param config: Beeswarm configuration dictionary, None if no configuration was supplied.
:param key: Key file used for SSL enabled capabilities
:param cert: Cert file used for SSL enabled capabilities
:param curses_screen: Contains a curses screen object, if UI is enabled. Default is None.
"""
if config is None or not os.path.isdir(os.path.join(work_dir, 'data')):
Honeypot.prepare_environment(work_dir)
with open('beeswarmcfg.json', 'r') as config_file:
config = json.load(config_file, object_hook=asciify)
self.work_dir = work_dir
self.config = config
self.key = key
self.cert = cert
self.curses_screen = curses_screen
# TODO: pass honeypot otherwise
Session.honeypot_id = self.config['general']['id']
self.id = self.config['general']['id']
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
if not (os.path.isfile(os.path.join(work_dir, 'server.key'))):
cert_info = config['certificate_info']
#TODO: IF NOT COMMON_NAME: Use own ip address...
cert, priv_key = create_self_signed_cert(cert_info['country'], cert_info['state'],
cert_info['organization'], cert_info['locality'],
cert_info['organization_unit'], cert_info['common_name'])
cert_path = os.path.join(work_dir, 'server.crt')
key_path = os.path.join(work_dir, 'server.key')
with open(cert_path, 'w') as certfile:
certfile.write(cert)
with open(key_path, 'w') as keyfile:
keyfile.write(priv_key)
send_zmq_push('ipc://serverRelay', '{0} {1} {2}'.format(Messages.KEY, self.id, keyfile))
send_zmq_push('ipc://serverRelay', '{0} {1} {2}'.format(Messages.CERT, self.id, cert))
if self.config['general']['fetch_ip']:
try:
url = 'http://api.externalip.net/ip'
req = requests.get(url)
self.honeypot_ip = req.text
logger.info('Fetched {0} as external ip for Honeypot.'.format(self.honeypot_ip))
except (Timeout, ConnectionError) as e:
logger.warning('Could not fetch public ip: {0}'.format(e))
else:
self.honeypot_ip = ''
self.status = {
'mode': 'Honeypot',
'ip_address': self.honeypot_ip,
'honeypot_id': self.config['general']['id'],
'total_sessions': 0,
'active_sessions': 0,
'enabled_capabilities': [],
'managment_url': ''
}
# will contain BaitUser objects
self.users = self.create_users()
# inject authentication mechanism
Session.authenticator = Authenticator(self.users)
# spawning time checker
if self.config['timecheck']['enabled']:
Greenlet.spawn(self.checktime)
# show curses UI
if self.curses_screen is not None:
self.uihandler = HoneypotUIHandler(self.status, self.curses_screen)
Greenlet.spawn(self.show_status_ui)
def __init__(self,
work_dir,
config,
key='server.key',
cert='server.crt',
**kwargs):
"""
Main class which runs Beeswarm in Honeypot mode.
:param work_dir: Working directory (usually the current working directory)
:param config: Beeswarm configuration dictionary, None if no configuration was supplied.
:param key: Key file used for SSL enabled capabilities
:param cert: Cert file used for SSL enabled capabilities
"""
if config is None or not os.path.isdir(os.path.join(work_dir, 'data')):
Honeypot.prepare_environment(work_dir)
with open('beeswarmcfg.json', 'r') as config_file:
config = json.load(config_file, object_hook=asciify)
self.work_dir = work_dir
self.config = config
self.key = key
self.cert = cert
self._servers = []
self._server_greenlets = []
# will contain Session objects
self._sessions = {}
self._session_consumer = None
# TODO: pass honeypot otherwise
Session.honeypot_id = self.config['general']['id']
self.id = self.config['general']['id']
# write ZMQ keys to files - as expected by pyzmq
extract_keys(work_dir, config)
if not (os.path.isfile(os.path.join(work_dir, 'server.key'))):
cert_info = config['certificate_info']
if cert_info['common_name']:
cert_info['common_name'] = cert_info['common_name']
else:
cert_info['common_name'] = get_most_likely_ip()
cert, priv_key = create_self_signed_cert(
cert_info['country'], cert_info['state'],
cert_info['organization'], cert_info['locality'],
cert_info['organization_unit'], cert_info['common_name'])
cert_path = os.path.join(work_dir, 'server.crt')
key_path = os.path.join(work_dir, 'server.key')
with open(cert_path, 'w') as certfile:
certfile.write(cert)
with open(key_path, 'w') as keyfile:
keyfile.write(priv_key)
send_zmq_push('inproc://serverRelay',
'{0} {1} {2}'.format(Messages.KEY, self.id, keyfile))
send_zmq_push('inproc://serverRelay',
'{0} {1} {2}'.format(Messages.CERT, self.id, cert))
if self.config['general']['fetch_ip']:
try:
url = 'http://api.externalip.net/ip'
req = requests.get(url)
self.honeypot_ip = req.text
logger.info('Fetched {0} as external ip for Honeypot.'.format(
self.honeypot_ip))
except (Timeout, ConnectionError) as e:
logger.warning('Could not fetch public ip: {0}'.format(e))
else:
self.honeypot_ip = ''
# spawning time checker
if self.config['timecheck']['enabled']:
Greenlet.spawn(self.checktime)
