def __init__(self): self.cfg = Config.getInstance() self.otherVersionString = '' self.connections = connections.Connections() self.plugin_servers = [] self.ourVersionString = self.cfg.get(['honeypot', 'ssh_banner']) if len(self.ourVersionString) > 0: log.msg(log.LPURPLE, '[SERVER]', 'Using ssh_banner for SSH Version String: ' + self.ourVersionString) else: if self.cfg.getboolean(['honeypot-static', 'enabled']): log.msg(log.LPURPLE, '[SERVER]', 'Acquiring SSH Version String from honey_ip:honey_port') client_factory = client.HonsshSlimClientFactory() client_factory.server = self reactor.connectTCP(self.cfg.get(['honeypot-static', 'honey_ip']), int(self.cfg.get(['honeypot-static', 'honey_port'])), client_factory) elif self.cfg.getboolean(['honeypot-docker', 'enabled']): log.msg(log.LRED, '[SERVER][ERR]', 'You need to configure the ssh_banner for docker manually!') plugin_list = plugins.get_plugin_list() loaded_plugins = plugins.import_plugins(plugin_list) for plugin in loaded_plugins: plugin_server = plugins.run_plugins_function([plugin], 'start_server', False) plugin_name = plugins.get_plugin_name(plugin) self.plugin_servers.append({'name': plugin_name, 'server': plugin_server}) if self.ourVersionString != '': log.msg(log.LGREEN, '[HONSSH]', 'HonSSH Boot Sequence Complete - Ready for attacks!')
class HonsshServerFactory(factory.SSHFactory): cfg = config() otherVersionString = '' connections = connections.Connections() hpLog = None dbLog = None def __init__(self): clientFactory = client.HonsshSlimClientFactory() clientFactory.server = self reactor.connectTCP(self.cfg.get('honeypot', 'honey_addr'), int(self.cfg.get('honeypot', 'honey_port')), clientFactory) if self.cfg.get('hpfeeds', 'enabled') == 'true': hp = hpfeeds.HPLogger() self.hpLog = hp.start(self.cfg) if self.cfg.get('database_mysql', 'enabled') == 'true': db = mysql.DBLogger() self.dbLog = db.start(self.cfg) log.msg( '[SERVER] Acquiring SSH Version String from honey_addr:honey_port') def buildProtocol(self, addr): t = HonsshServerTransport() t.ourVersionString = self.ourVersionString t.factory = self t.supportedPublicKeys = self.privateKeys.keys() if not self.primes: ske = t.supportedKeyExchanges[:] ske.remove('diffie-hellman-group-exchange-sha1') t.supportedKeyExchanges = ske t.supportedCiphers = [ 'aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc' ] t.supportedPublicKeys = ['ssh-rsa', 'ssh-dss'] t.supportedMACs = ['hmac-md5', 'hmac-sha1'] return t
class HonsshServerFactory(factory.SSHFactory): cfg = config() otherVersionString = '' connections = connections.Connections() plugin_servers = [] def __init__(self): self.ourVersionString = self.cfg.get('honeypot', 'ssh_banner') if self.ourVersionString == '': log.msg(log.LPURPLE, '[SERVER]', 'Acquiring SSH Version String from honey_ip:honey_port') clientFactory = client.HonsshSlimClientFactory() clientFactory.server = self reactor.connectTCP( self.cfg.get('honeypot-static', 'honey_ip'), int(self.cfg.get('honeypot-static', 'honey_port')), clientFactory) else: log.msg( log.LPURPLE, '[SERVER]', 'Using ssh_banner for SSH Version String: ' + self.ourVersionString) plugin_list = plugins.get_plugin_list(type='output') loaded_plugins = plugins.import_plugins(plugin_list, self.cfg) for plugin in loaded_plugins: plugin_server = plugins.run_plugins_function([plugin], 'start_server', False) plugin_name = plugins.get_plugin_name(plugin) self.plugin_servers.append({ 'name': plugin_name, 'server': plugin_server }) if self.ourVersionString != '': log.msg(log.LGREEN, '[HONSSH]', 'HonSSH Boot Sequence Complete - Ready for attacks!') def buildProtocol(self, addr): t = HonsshServerTransport() t.ourVersionString = self.ourVersionString t.factory = self t.supportedPublicKeys = self.privateKeys.keys() if not self.primes: ske = t.supportedKeyExchanges[:] if 'diffie-hellman-group-exchange-sha1' in ske: ske.remove('diffie-hellman-group-exchange-sha1') if 'diffie-hellman-group-exchange-sha256' in ske: ske.remove('diffie-hellman-group-exchange-sha256') t.supportedKeyExchanges = ske t.supportedCiphers = [ 'aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc' ] t.supportedPublicKeys = ['ssh-rsa', 'ssh-dss'] t.supportedMACs = ['hmac-md5', 'hmac-sha1'] return t