def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(options["config"])
if cfg.has_option('honeypot', 'listen_addr'):
listen_addr = cfg.get('honeypot', 'listen_addr')
else:
listen_addr = '0.0.0.0'
# Preference: 1, option, 2, config, 3, default of 2222
if options['port'] != 0:
listen_ports = options["port"]
elif cfg.has_option('honeypot', 'listen_ports'):
listen_ports = cfg.get('honeypot', 'listen_ports')
else:
listen_ports = "2222"
listen_ports_range = [int(port) for port in listen_ports.split(" ")]
if len(listen_ports_range) == 1:
listen_ports_enum = [listen_ports_range[0]]
else:
listen_ports_enum = range(listen_ports_range[0],
listen_ports_range[1] + 1)
factory = core.ssh.HoneyPotSSHFactory(cfg)
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
# Disable pubkey checking, it breaks mitmproxy on Turris
#factory.portal.registerChecker(
# core.checkers.HoneypotPublicKeyChecker(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.get('honeypot', 'auth_none_enabled').lower() in \
('yes', 'true', 'on'):
factory.portal.registerChecker(core.checkers.HoneypotNoneChecker())
top_service = top_service = service.MultiService()
for i in listen_addr.split():
for port in listen_ports_enum:
svc = internet.TCPServer(port, factory, interface=i)
svc.setServiceParent(top_service)
if cfg.has_option('honeypot', 'interact_enabled') and \
cfg.get('honeypot', 'interact_enabled').lower() in \
('yes', 'true', 'on'):
iport = int(cfg.get('honeypot', 'interact_port'))
from cowrie.core import interact
svc = internet.TCPServer(iport,
interact.makeInteractFactory(factory))
svc.setServiceParent(top_service)
application = service.Application('cowrie')
top_service.setServiceParent(application)
return top_service
class Fish_Service(service.Service):
def __init__(self):
pass
def startService(self):
service.Service.startService(self) # 什么都不做,开始服务
# def stopService(self):
# return self._port.stopListening()
# 配置参数
port = 10000
iface = '127.0.0.1'
top_server = service.MultiService() # 定义服务容器
fish_server = Fish_Service() # 实例化我们的服务
factory = Mornitor_Factory(Fish_Service) # 工厂化服务
fish_server.setServiceParent(top_server) # 把自定义的服务加入到服务容器
tcp_server = internet.TCPServer(port, factory) # 定义tcp服务
#tcp_server = reactor.listenTCP(port, factory)
tcp_server.setServiceParent(top_server) # 把tcp服务加入到服务容器
#
application = service.Application('Fish_Service') # 给应用起个名字
top_server.setServiceParent(application) # 把服务容器丢到应用中去
## this sets up the application
application = service.Application('dnsserver', 1, 1)
# set up a resolver that uses the mapping or a secondary nameserver
p2presolver = MapResolver(servers=[('8.8.8.8', 53)])
# create the protocols
f = server.DNSServerFactory(caches=[cache.CacheResolver()],
clients=[p2presolver])
p = dns.DNSDatagramProtocol(f)
f.noisy = p.noisy = False
# register as tcp and udp
ret = service.MultiService()
PORT = 53
for (klass, arg) in [(internet.TCPServer, f), (internet.UDPServer, p)]:
s = klass(PORT, arg)
s.setServiceParent(ret)
# run all of the above as a twistd application
ret.setServiceParent(service.IServiceCollection(application))
# run it through twistd!
if __name__ == '__main__':
import sys
print "Usage: twistd -y %s" % sys.argv[0]
def makeService(self, options):
srv = service.MultiService()
s = None
if "app" in options and (options["app"] or "")[-3:].lower() == ".py":
options["filename"] = options["app"]
if "filename" in options and os.path.exists(options["filename"]):
n = os.path.splitext(os.path.split(options["filename"])[-1])[0]
appmod = imp.load_source(n, options["filename"])
for name in dir(appmod):
kls = getattr(appmod, name)
if isinstance(kls, (type, types.ClassType)):
if issubclass(kls, cyclone.web.Application):
options["app"] = kls
if ssl_support and os.path.exists(options["ssl-cert"]):
options["ssl-app"] = kls
# http
if options["app"]:
if callable(options["app"]):
appmod = options["app"]
else:
appmod = reflect.namedAny(options["app"])
if options["appopts"]:
app = appmod(options["appopts"])
else:
app = appmod()
unix = options.get("unix")
if unix:
s = internet.UNIXServer(unix, app)
else:
s = internet.TCPServer(options["port"],
app,
interface=options["listen"])
s.setServiceParent(srv)
# https
if options["ssl-app"]:
if ssl_support:
if callable(options["ssl-app"]):
appmod = options["ssl-app"]
else:
appmod = reflect.namedAny(options["ssl-app"])
if options["ssl-appopts"]:
app = appmod(options["ssl-appopts"])
else:
app = appmod()
s = internet.SSLServer(options["ssl-port"],
app,
ssl.DefaultOpenSSLContextFactory(
options["ssl-key"],
options["ssl-cert"]),
interface=options["ssl-listen"])
s.setServiceParent(srv)
else:
print("SSL support is disabled. "
"Install PyOpenSSL and try again.")
if s is None:
print("usage: cyclone run [server.py|--help]")
sys.exit(1)
return srv
from twisted.internet import reactor
from twisted.internet.protocol import Protocol, Factory
from twisted.application import service, internet
#from twisted.internet.protocol import DatagramProtocol
#from twisted.internet.threads import deferToThread
from twisted.internet import defer
# import txredisapi as redis
from twisted.application import service, internet
from twisted.internet.protocol import DatagramProtocol
from twisted.internet.threads import deferToThread
from twisted.protocols.basic import LineReceiver
from twisted.internet.endpoints import TCP4ServerEndpoint
# 实例化时间服务容器
time_service_container = service.MultiService()
class Dict(LineReceiver):
'''字典协议'''
commands = {
"CLIENT": '',
"DEFINE": '',
"MATCH": '',
"SHOW": '',
"STATUS": '',
"HELP": '',
"QUIT": '',
"OPTION": '',
"AUTH": '',
"SASLAUTH": ''
from django.core.management import setup_environ
import settings as settings_mod
setup_environ(settings_mod)
from twisted.words.protocols import irc
from twisted.application import internet, service
from twisted.internet import protocol, reactor, task
from twisted.python import log
from django.conf import settings
from djangobot import DjangoBotService, ChannelPool, Channel
from djangobot import DjangoPeopleMonitorService
application = service.Application("djangobot")
serv = service.MultiService()
nickname = settings.BOT_NICKNAME
channels = ChannelPool()
for name in settings.BOT_CHANNELS:
channels.add(Channel(name, nickname))
dbs = DjangoBotService(channels, nickname, settings.BOT_PASSWORD)
internet.TCPClient(
settings.BOT_IRC_SERVER,
settings.BOT_IRC_PORT,
dbs.getFactory(),
).setServiceParent(serv)
def makeService(options):
"""
Create a manhole server service.
@type options: C{dict}
@param options: A mapping describing the configuration of
the desired service. Recognized key/value pairs are::
"telnetPort": strports description of the address on which
to listen for telnet connections. If None,
no telnet service will be started.
"sshPort": strports description of the address on which to
listen for ssh connections. If None, no ssh
service will be started.
"namespace": dictionary containing desired initial locals
for manhole connections. If None, an empty
dictionary will be used.
"passwd": Name of a passwd(5)-format username/password file.
"sshKeyDir": The folder that the SSH server key will be kept in.
"sshKeyName": The filename of the key.
"sshKeySize": The size of the key, in bits. Default is 4096.
@rtype: L{twisted.application.service.IService}
@return: A manhole service.
"""
svc = service.MultiService()
namespace = options['namespace']
if namespace is None:
namespace = {}
checker = checkers.FilePasswordDB(options['passwd'])
if options['telnetPort']:
telnetRealm = _StupidRealm(telnet.TelnetBootstrapProtocol,
insults.ServerProtocol,
manhole.ColoredManhole, namespace)
telnetPortal = portal.Portal(telnetRealm, [checker])
telnetFactory = protocol.ServerFactory()
telnetFactory.protocol = makeTelnetProtocol(telnetPortal)
telnetService = strports.service(options['telnetPort'], telnetFactory)
telnetService.setServiceParent(svc)
if options['sshPort']:
sshRealm = manhole_ssh.TerminalRealm()
sshRealm.chainedProtocolFactory = chainedProtocolFactory(namespace)
sshPortal = portal.Portal(sshRealm, [checker])
sshFactory = manhole_ssh.ConchFactory(sshPortal)
if options['sshKeyDir'] != "<USER DATA DIR>":
keyDir = options['sshKeyDir']
else:
from twisted.python._appdirs import getDataDirectory
keyDir = getDataDirectory()
keyLocation = filepath.FilePath(keyDir).child(options['sshKeyName'])
sshKey = keys._getPersistentRSAKey(keyLocation,
int(options['sshKeySize']))
sshFactory.publicKeys["ssh-rsa"] = sshKey
sshFactory.privateKeys["ssh-rsa"] = sshKey
sshService = strports.service(options['sshPort'], sshFactory)
sshService.setServiceParent(svc)
return svc
def makeService(configuration):
settings = Config([''])
settings.load(configuration)
if not settings.header:
sys.exit(1)
serviceCollection = service.MultiService()
poker_service = PokerService(settings)
poker_service.setServiceParent(serviceCollection)
poker_factory = IPokerFactory(poker_service)
#
# Poker protocol (with or without SSL)
#
tcp_port = settings.headerGetInt("/server/listen/@tcp")
internet.TCPServer(tcp_port,
poker_factory).setServiceParent(serviceCollection)
tcp_ssl_port = settings.headerGetInt("/server/listen/@tcp_ssl")
if HAS_OPENSSL and tcp_ssl_port:
internet.SSLServer(
tcp_ssl_port, poker_factory,
SSLContextFactory(settings)).setServiceParent(serviceCollection)
rest_site = PokerSite(settings, PokerRestTree(poker_service))
#
# HTTP (with or without SLL) that implements REST
#
rest_port = settings.headerGetInt("/server/listen/@rest")
if rest_port:
internet.TCPServer(rest_port,
rest_site).setServiceParent(serviceCollection)
rest_ssl_port = settings.headerGetInt("/server/listen/@rest_ssl")
if HAS_OPENSSL and rest_ssl_port:
internet.SSLServer(
rest_ssl_port, rest_site,
SSLContextFactory(settings)).setServiceParent(serviceCollection)
http_site = server.Site(PokerTree(poker_service))
#
# HTTP (with or without SLL) that implements XML-RPC and SOAP
#
http_port = settings.headerGetInt("/server/listen/@http")
if http_port:
internet.TCPServer(http_port,
http_site).setServiceParent(serviceCollection)
http_ssl_port = settings.headerGetInt("/server/listen/@http_ssl")
if HAS_OPENSSL and http_ssl_port:
internet.SSLServer(
http_ssl_port, http_site,
SSLContextFactory(settings)).setServiceParent(serviceCollection)
#
# TELNET twisted.manhole (without SSL)
#
manhole_port = settings.headerGetInt("/server/listen/@manhole")
if manhole_port:
manhole_factory = telnet.ShellFactory()
manhole_factory.namespace['poker_service'] = poker_service
manhole_factory.namespace['poker_site'] = rest_site
manhole_service = internet.TCPServer(manhole_port,
manhole_factory,
interface='127.0.0.1')
manhole_service.setName("manhole")
manhole_service.setServiceParent(serviceCollection)
if settings.headerGetInt("/server/@verbose") > 0:
print "PokerManhole: manhole is useful for debugging, use with telnet admin/admin, however, it can be a security risk and should be used only during debugging"
return serviceCollection
def makeService(self, options):
TRACE_LEVEL_NUM = 5
logging.addLevelName(TRACE_LEVEL_NUM, "TRACE")
def trace(self, message, *args, **kws):
self._log(TRACE_LEVEL_NUM, message, args, **kws)
logging.Logger.trace = trace
import urllib3 # TODO: remove this code again, not sure why it doesn't just fix it by itself.
urllib3.disable_warnings()
if options["djangodebug"]:
os.environ["DJANGO_DEBUG"] = "1"
logging.getLogger("rebulk.rules").setLevel(logging.WARNING)
logging.getLogger("rebulk.rebulk").setLevel(logging.WARNING)
logging.getLogger("chardet.charsetprober").setLevel(logging.WARNING)
if options["trace"]:
log_level = TRACE_LEVEL_NUM
asyncio.set_event_loop(reactor._asyncioEventloop)
asyncio.get_event_loop().set_debug(True)
elif options["debug"]:
log_level = logging.DEBUG
else:
log_level = logging.WARNING
if options["stdout"]:
handler = logging.StreamHandler(sys.stdout)
else:
handler = logging.handlers.RotatingFileHandler(
"tridentstream.log", maxBytes=50 * 1024 * 1024, backupCount=5
)
handler.setLevel(log_level)
formatter = logging.Formatter(
"%(asctime)-15s:%(levelname)s:%(name)s:%(lineno)d:%(message)s"
)
handler.setFormatter(formatter)
root = logging.getLogger()
root.setLevel(log_level)
root.addHandler(handler)
observer = log.PythonLoggingObserver()
observer.start()
from django.conf import settings
if 'pidfile' in options.parent:
settings.TWISTD_PIDFILE = options.parent['pidfile']
if options["clearcache"]:
settings.DEBUG_CLEAR_CACHE = True
from django.core.cache import cache
cache.clear()
multi = service.MultiService()
django.setup()
application = get_default_application()
if options["reverseproxy"] == "on":
asgiresource = ASGIResource(
application, use_proxy_headers=True, use_x_sendfile=True
)
elif options["reverseproxy"] == "off":
asgiresource = ASGIResource(
application, use_proxy_proto_header=True, use_x_sendfile=True
)
else:
asgiresource = ASGIResource(
application, automatic_proxy_header_handling=True, use_x_sendfile=True
)
r = Root(asgiresource)
from thomas import OutputBase
http_output_cls = OutputBase.find_plugin("http")
http_output = http_output_cls(url_prefix="stream")
http_output.start()
r.putChild(b"stream", http_output.resource)
settings.THOMAS_HTTP_OUTPUT = http_output
from django.contrib import admin
r.putChild(
settings.STATIC_URL.strip("/").encode("utf-8"),
File(settings.STATIC_ROOT.encode("utf-8")),
)
# Gluing it all together
site = server.Site(r)
multi.addService(ASGIService(site, asgiresource, options["description"]))
scheduler_service = SchedulerService()
multi.addService(scheduler_service)
settings.SCHEDULER = scheduler_service.scheduler
def initialize():
def _initialize():
from unplugged.bootstrap import bootstrap_all
bootstrap_all()
loop = asyncio.get_running_loop()
asyncio.ensure_future(loop.run_in_executor(None, _initialize))
reactor.callLater(0, initialize)
# Django doesn't seem to want to kill connections
def cleanup_database_connections():
def cleanup_thread():
from django.db import close_old_connections
close_old_connections()
settings.SCHEDULER.add_job(cleanup_thread, "interval", minutes=15)
reactor.callLater(0, cleanup_database_connections)
return multi
def setUp(self):
self.s = service.MultiService()
self.target_tub, self.source_tub = self.makeTubs(2)
self.target_tub.setServiceParent(self.s)
self.source_tub.setServiceParent(self.s)
def makeService(options):
"""
Makes a new swftp-sftp service. The only option is the config file
location. See CONFIG_DEFAULTS for list of configuration options.
"""
from twisted.conch.ssh.connection import SSHConnection
from twisted.conch.ssh.factory import SSHFactory
from twisted.conch.ssh.keys import Key
from twisted.cred.portal import Portal
from swftp.realm import SwftpRealm
from swftp.sftp.server import SwiftSSHUserAuthServer
from swftp.auth import SwiftBasedAuthDB
from swftp.utils import (
log_runtime_info, GLOBAL_METRICS, parse_key_value_config)
c = get_config(options['config_file'], options)
sftp_service = service.MultiService()
# ensure timezone is GMT
os.environ['TZ'] = 'GMT'
time.tzset()
print('Starting SwFTP-sftp %s' % VERSION)
# Add statsd service
if c.get('sftp', 'log_statsd_host'):
try:
from swftp.statsd import makeService as makeStatsdService
makeStatsdService(
c.get('sftp', 'log_statsd_host'),
c.getint('sftp', 'log_statsd_port'),
sample_rate=c.getfloat('sftp', 'log_statsd_sample_rate'),
prefix=c.get('sftp', 'log_statsd_metric_prefix')
).setServiceParent(sftp_service)
except ImportError:
sys.stderr.write('Missing Statsd Module. Requires "txstatsd" \n')
if c.get('sftp', 'stats_host'):
from swftp.report import makeService as makeReportService
known_fields = [
'command.login',
'command.logout',
'command.gotVersion',
'command.openFile',
'command.removeFile',
'command.renameFile',
'command.makeDirectory',
'command.removeDirectory',
'command.openDirectory',
'command.getAttrs',
] + GLOBAL_METRICS
makeReportService(
c.get('sftp', 'stats_host'),
c.getint('sftp', 'stats_port'),
known_fields=known_fields
).setServiceParent(sftp_service)
authdb = SwiftBasedAuthDB(
c.get('sftp', 'auth_url'),
global_max_concurrency=c.getint('sftp', 'num_persistent_connections'),
max_concurrency=c.getint('sftp', 'num_connections_per_session'),
timeout=c.getint('sftp', 'connection_timeout'),
extra_headers=parse_key_value_config(c.get('sftp', 'extra_headers')),
verbose=c.getboolean('sftp', 'verbose'),
rewrite_scheme=c.get('sftp', 'rewrite_storage_scheme'),
rewrite_netloc=c.get('sftp', 'rewrite_storage_netloc'),
)
rabbitmq_hosts = c.get('rabbitmq', 'rabbitmq_hosts')
rabbitmq_cluster = RabbitClusterClient([RabbitReplica(host, port) \
for host, port in [(h,int(p)) for h,p in [r.split(':') \
for r in rabbitmq_hosts.split(',')]]], \
c.get('rabbitmq', 'username'), \
c.get('rabbitmq', 'password')) \
if rabbitmq_hosts else None
queue_name = c.get('rabbitmq', 'queue_name')
realm = SwftpRealm(rabbitmq_cluster, queue_name)
sftpportal = Portal(realm)
sftpportal.registerChecker(authdb)
sshfactory = SSHFactory()
protocol = SwiftSSHServerTransport
protocol.maxConnectionsPerUser = c.getint('sftp', 'sessions_per_user')
protocol.supportedCiphers = c.get('sftp', 'chiphers')
protocol.supportedMACs = c.get('sftp', 'macs')
protocol.supportedCompressions = c.get('sftp', 'compressions')
sshfactory.protocol = protocol
sshfactory.noisy = False
sshfactory.portal = sftpportal
sshfactory.services['ssh-userauth'] = SwiftSSHUserAuthServer
sshfactory.services['ssh-connection'] = SSHConnection
pub_key_string = file(c.get('sftp', 'pub_key')).read()
priv_key_string = file(c.get('sftp', 'priv_key')).read()
sshfactory.publicKeys = {
'ssh-rsa': Key.fromString(data=pub_key_string)}
sshfactory.privateKeys = {
'ssh-rsa': Key.fromString(data=priv_key_string)}
signal.signal(signal.SIGUSR1, log_runtime_info)
signal.signal(signal.SIGUSR2, log_runtime_info)
internet.TCPServer(
c.getint('sftp', 'port'),
sshfactory,
interface=c.get('sftp', 'host')).setServiceParent(sftp_service)
return sftp_service
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(options["config"])
topService = service.MultiService()
application = service.Application('cowrie')
topService.setServiceParent(application)
factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.getboolean('honeypot', 'auth_none_enabled') == True:
factory.portal.registerChecker(core.checkers.HoneypotNoneChecker())
if cfg.has_option('ssh', 'listen_addr'):
listen_ssh_addr = cfg.get('ssh', 'listen_addr')
elif cfg.has_option('honeypot', 'listen_addr'):
listen_ssh_addr = cfg.get('honeypot', 'listen_addr')
else:
listen_ssh_addr = '0.0.0.0'
# Preference: 1, option, 2, config, 3, default of 2222
if options['port'] != 0:
listen_ssh_port = int(options["port"])
elif cfg.has_option('ssh', 'listen_port'):
listen_ssh_port = cfg.getint('ssh', 'listen_port')
elif cfg.has_option('honeypot', 'listen_port'):
listen_ssh_port = cfg.getint('honeypot', 'listen_port')
else:
listen_ssh_port = 2222
for i in listen_ssh_addr.split():
svc = internet.TCPServer(listen_ssh_port, factory, interface=i)
# FIXME: Use addService on topService ?
svc.setServiceParent(topService)
if cfg.has_option('telnet', 'enabled') and \
cfg.getboolean('telnet', 'enabled') == True:
if cfg.has_option('telnet', 'listen_addr'):
listen_telnet_addr = cfg.get('telnet', 'listen_addr')
else:
listen_telnet_addr = '0.0.0.0'
# Preference: 1, config, 2, default of 2223
if cfg.has_option('telnet', 'listen_port'):
listen_telnet_port = cfg.getint('telnet', 'listen_port')
else:
listen_telnet_port = 2223
f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
f.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
for i in listen_telnet_addr.split():
tsvc = internet.TCPServer(listen_telnet_port, f, interface=i)
# FIXME: Use addService on topService ?
tsvc.setServiceParent(topService)
if cfg.has_option('honeypot', 'interact_enabled') and \
cfg.getboolean('honeypot', 'interact_enabled') == True:
iport = int(cfg.get('honeypot', 'interact_port'))
# FIXME this doesn't support checking both Telnet and SSH sessions
from cowrie.core import interact
svc = internet.TCPServer(iport,
interact.makeInteractFactory(factory),
interface='127.0.0.1')
# FIXME: Use addService on topService ?
svc.setServiceParent(topService)
return topService
def makeService(snames,
options,
db_connect=True,
require_system_user_auth=True,
module_name="anchore_engine.services",
validate_params={}):
try:
logger.enable_bootstrap_logging(service_name=','.join(snames))
try:
# config and init
configfile = configdir = None
if options['config']:
configdir = options['config']
configfile = os.path.join(options['config'], 'config.yaml')
anchore_engine.configuration.localconfig.load_config(
configdir=configdir,
configfile=configfile,
validate_params=validate_params)
localconfig = anchore_engine.configuration.localconfig.get_config()
localconfig['myservices'] = []
logger.spew("localconfig=" +
json.dumps(localconfig, indent=4, sort_keys=True))
except Exception as err:
logger.error("cannot load configuration: exception - " + str(err))
raise err
# get versions of things
try:
versions = anchore_engine.configuration.localconfig.get_versions()
except Exception as err:
logger.error("cannot detect versions of service: exception - " +
str(err))
raise err
if db_connect:
logger.info("initializing database")
# connect to DB
try:
db.initialize(localconfig=localconfig, versions=versions)
except Exception as err:
logger.error("cannot connect to configured DB: exception - " +
str(err))
raise err
#credential bootstrap
localconfig['system_user_auth'] = (None, None)
if require_system_user_auth:
gotauth = False
max_retries = 60
for count in range(1, max_retries):
if gotauth:
continue
try:
with session_scope() as dbsession:
localconfig[
'system_user_auth'] = get_system_user_auth(
session=dbsession)
if localconfig['system_user_auth'] != (None, None):
gotauth = True
else:
logger.error(
"cannot get system user auth credentials yet, retrying ("
+ str(count) + " / " + str(max_retries) + ")")
time.sleep(5)
except Exception as err:
logger.error(
"cannot get system-user auth credentials - service may not have system level access"
)
localconfig['system_user_auth'] = (None, None)
if not gotauth:
raise Exception(
"service requires system user auth to start")
# application object
application = service.Application("multi-service-" + '-'.join(snames))
#multi-service
retservice = service.MultiService()
retservice.setServiceParent(application)
success = False
try:
scount = 0
for sname in snames:
if sname in localconfig['services'] and localconfig[
'services'][sname]['enabled']:
smodule = importlib.import_module(module_name + "." +
sname)
s = smodule.createService(sname, localconfig)
s.setServiceParent(retservice)
rc = smodule.initializeService(sname, localconfig)
if not rc:
raise Exception("failed to initialize service")
rc = smodule.registerService(sname, localconfig)
if not rc:
raise Exception("failed to register service")
logger.debug("starting service: " + sname)
success = True
scount += 1
localconfig['myservices'].append(sname)
else:
logger.error(
"service not enabled in config, not starting service: "
+ sname)
if scount == 0:
logger.error(
"no services/subservices were enabled/started on this host"
)
success = False
except Exception as err:
logger.error("cannot create/init/register service: " + sname +
" - exception: " + str(err))
success = False
if not success:
logger.error("cannot start service (see above for information)")
traceback.print_exc('Service init failure')
raise Exception("cannot start service (see above for information)")
return (retservice)
finally:
logger.disable_bootstrap_logging()
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if options["help"] is True:
print("""Usage: twistd [options] cowrie [-h]
Options:
-h, --help print this help message.
Makes a Cowrie SSH/Telnet honeypot.
""")
sys.exit(1)
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
log.msg("Python Version {}".format(str(sys.version).replace('\n', '')))
log.msg("Twisted Version {}.{}.{}".format(__version__.major,
__version__.minor,
__version__.micro))
# ssh is enabled by default
try:
enableSSH = CONFIG.getboolean('ssh', 'enabled')
except (configparser.NoSectionError, configparser.NoOptionError):
enableSSH = True
# telnet is disabled by default
try:
enableTelnet = CONFIG.getboolean('telnet', 'enabled')
except (configparser.NoSectionError, configparser.NoOptionError):
enableTelnet = False
if enableTelnet is False and enableSSH is False:
print('ERROR: You must at least enable SSH or Telnet')
sys.exit(1)
# Load db loggers
self.dbloggers = []
for x in CONFIG.sections():
if not x.startswith('database_'):
continue
engine = x.split('_')[1]
try:
dblogger = __import__('cowrie.dblog.{}'.format(engine),
globals(), locals(),
['dblog']).DBLogger()
log.addObserver(dblogger.emit)
self.dbloggers.append(dblogger)
log.msg("Loaded dblog engine: {}".format(engine))
except Exception:
log.err()
log.msg("Failed to load dblog engine: {}".format(engine))
# Load output modules
self.output_plugins = []
for x in CONFIG.sections():
if not x.startswith('output_'):
continue
if CONFIG.getboolean(x, 'enabled') is False:
continue
engine = x.split('_')[1]
try:
output = __import__('cowrie.output.{}'.format(engine),
globals(), locals(), ['output']).Output()
log.addObserver(output.emit)
self.output_plugins.append(output)
log.msg("Loaded output engine: {}".format(engine))
except ImportError as e:
log.err(
"Failed to load output engine: {} due to ImportError: {}".
format(engine, e))
log.msg(
"Please install the dependencies for {} listed in requirements-output.txt"
.format(engine))
except Exception:
log.err()
log.msg("Failed to load output engine: {}".format(engine))
topService = service.MultiService()
application = service.Application('cowrie')
topService.setServiceParent(application)
if enableSSH:
factory = cowrie.ssh.factory.CowrieSSHFactory()
factory.tac = self
factory.portal = portal.Portal(core.realm.HoneyPotRealm())
factory.portal.registerChecker(
core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker())
if CONFIG.has_option('honeypot', 'auth_none_enabled') and \
CONFIG.getboolean('honeypot', 'auth_none_enabled') is True:
factory.portal.registerChecker(
core.checkers.HoneypotNoneChecker())
if CONFIG.has_section('ssh'):
listen_endpoints = get_endpoints_from_section(
CONFIG, 'ssh', 2222)
else:
listen_endpoints = get_endpoints_from_section(
CONFIG, 'honeypot', 2222)
create_endpoint_services(reactor, topService, listen_endpoints,
factory)
if enableTelnet:
f = cowrie.telnet.transport.HoneyPotTelnetFactory()
f.tac = self
f.portal = portal.Portal(core.realm.HoneyPotRealm())
f.portal.registerChecker(core.checkers.HoneypotPasswordChecker())
listen_endpoints = get_endpoints_from_section(
CONFIG, 'telnet', 2223)
create_endpoint_services(reactor, topService, listen_endpoints, f)
return topService
def testDoublyNamedChild(self):
s = service.Service()
p = service.MultiService()
s.setName("hello")
s.setServiceParent(p)
self.failUnlessRaises(RuntimeError, s.setName, "lala")
#The below depend on Orbited's logging.setup(...), from above.
from orbited import cometsession
from orbited import proxy
#local imports
from skgargpms.twisted_wsgi import get_root_resource
from realtime.stompfactory import get_stomp_factory
from realtime.message_handlers import MESSAGE_HANDLERS
from realtime.restq import RestQMessageProxy
#Create Twisted Application.
application = service.Application('skgargpms')
# make a new MultiService to hold the thread/web services, add its parent as twisted application.
multi = service.MultiService()
multi.setServiceParent(application)
# Django and static file server, Common HTTP server.:
root_resource = get_root_resource(multi)
#Default Webserver which server the Django project files.
static_media = os.path.join(os.path.dirname(__file__),
'skgargpms/static_media').replace('\\', '/')
root_resource.putChild("static", static.File(static_media))
favicon = os.path.join(os.path.dirname(__file__),
'skgargpms/static_media/favicon.ico').replace(
'\\', '/')
root_resource.putChild('favicon.ico', static.File(favicon))
#Sproutcore Mobile application URL.
def setUp(self):
self.s = service.MultiService()
self.s.startService()
return super(GridTestMixin, self).setUp()
def run_siptrackd_twisted(listen_port, ssl_port, ssl_private_key,
ssl_certificate, storage, reload_interval, searcher):
log.msg('Creating object store')
object_store = siptrackdlib.ObjectStore(storage, searcher=searcher)
session_handler = sessions.SessionHandler()
log.msg('Creating rpc interface')
siptrackd_rpc = SiptrackdRPC(object_store, session_handler)
xmlrpc.addIntrospection(siptrackd_rpc)
view_rpc = view.ViewRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('view', view_rpc)
view_tree_rpc = view.ViewTreeRPC(object_store, session_handler)
view_rpc.putSubHandler('tree', view_tree_rpc)
counter_rpc = counter.CounterRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('counter', counter_rpc)
counter_loop_rpc = counter.CounterLoopRPC(object_store, session_handler)
counter_rpc.putSubHandler('loop', counter_loop_rpc)
user_rpc = user.UserRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('user', user_rpc)
user_local_rpc = user.UserLocalRPC(object_store, session_handler)
user_rpc.putSubHandler('local', user_local_rpc)
user_ldap_rpc = user.UserLDAPRPC(object_store, session_handler)
user_rpc.putSubHandler('ldap', user_ldap_rpc)
user_active_directory_rpc = user.UserActiveDirectoryRPC(
object_store, session_handler)
user_rpc.putSubHandler('activedirectory', user_active_directory_rpc)
user_rpc.putSubHandler('ad', user_active_directory_rpc)
user_manager_rpc = user.UserManagerRPC(object_store, session_handler)
user_rpc.putSubHandler('manager', user_manager_rpc)
user_manager_local_rpc = user.UserManagerLocalRPC(object_store,
session_handler)
user_manager_rpc.putSubHandler('local', user_manager_local_rpc)
user_manager_ldap_rpc = user.UserManagerLDAPRPC(object_store,
session_handler)
user_manager_rpc.putSubHandler('ldap', user_manager_ldap_rpc)
user_manager_active_directory_rpc = user.UserManagerActiveDirectoryRPC(
object_store, session_handler)
user_manager_rpc.putSubHandler('activedirectory',
user_manager_active_directory_rpc)
user_manager_rpc.putSubHandler('ad', user_manager_active_directory_rpc)
user_group_rpc = user.UserGroupRPC(object_store, session_handler)
user_rpc.putSubHandler('group', user_group_rpc)
user_group_ldap_rpc = user.UserGroupLDAPRPC(object_store, session_handler)
user_group_rpc.putSubHandler('ldap', user_group_ldap_rpc)
user_group_active_directory_rpc = user.UserGroupActiveDirectoryRPC(
object_store, session_handler)
user_group_rpc.putSubHandler('activedirectory',
user_group_active_directory_rpc)
user_group_rpc.putSubHandler('ad', user_group_active_directory_rpc)
device_rpc = device.DeviceRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('device', device_rpc)
device_tree_rpc = device.DeviceTreeRPC(object_store, session_handler)
device_rpc.putSubHandler('tree', device_tree_rpc)
device_category_rpc = device.DeviceCategoryRPC(object_store,
session_handler)
device_rpc.putSubHandler('category', device_category_rpc)
device_config_rpc = deviceconfig.DeviceConfigRPC(object_store,
session_handler)
device_rpc.putSubHandler('config', device_config_rpc)
device_config_template_rpc = deviceconfig.DeviceConfigTemplateRPC(
object_store, session_handler)
device_config_rpc.putSubHandler('template', device_config_template_rpc)
password_rpc = password.PasswordRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('password', password_rpc)
password_key_rpc = password.PasswordKeyRPC(object_store, session_handler)
password_rpc.putSubHandler('key', password_key_rpc)
password_tree_rpc = password.PasswordTreeRPC(object_store, session_handler)
password_rpc.putSubHandler('tree', password_tree_rpc)
password_category_rpc = password.PasswordCategoryRPC(
object_store, session_handler)
password_rpc.putSubHandler('category', password_category_rpc)
sub_key_rpc = password.SubKeyRPC(object_store, session_handler)
password_rpc.putSubHandler('subkey', sub_key_rpc)
network_rpc = network.NetworkRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('network', network_rpc)
network_tree_rpc = network.NetworkTreeRPC(object_store, session_handler)
network_rpc.putSubHandler('tree', network_tree_rpc)
network_ipv4_rpc = network.NetworkIPV4RPC(object_store, session_handler)
network_rpc.putSubHandler('ipv4', network_ipv4_rpc)
network_range_rpc = network.NetworkRangeRPC(object_store, session_handler)
network_rpc.putSubHandler('range', network_range_rpc)
network_range_ipv4_rpc = network.NetworkRangeIPV4RPC(
object_store, session_handler)
network_range_rpc.putSubHandler('ipv4', network_range_ipv4_rpc)
network_ipv6_rpc = network.NetworkIPV6RPC(object_store, session_handler)
network_rpc.putSubHandler('ipv6', network_ipv6_rpc)
network_range_ipv6_rpc = network.NetworkRangeIPV6RPC(
object_store, session_handler)
network_range_rpc.putSubHandler('ipv6', network_range_ipv6_rpc)
container_rpc = container.ContainerRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('container', container_rpc)
container_tree_rpc = container.ContainerTreeRPC(object_store,
session_handler)
container_rpc.putSubHandler('tree', container_tree_rpc)
attribute_rpc = attribute.AttributeRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('attribute', attribute_rpc)
versioned_attribute_rpc = attribute.VersionedAttributeRPC(
object_store, session_handler)
attribute_rpc.putSubHandler('versioned', versioned_attribute_rpc)
encrypted_attribute_rpc = attribute.EncryptedAttributeRPC(
object_store, session_handler)
attribute_rpc.putSubHandler('encrypted', encrypted_attribute_rpc)
template_rpc = template.TemplateRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('template', template_rpc)
device_template_rpc = template.DeviceTemplateRPC(object_store,
session_handler)
template_rpc.putSubHandler('device', device_template_rpc)
network_template_rpc = template.NetworkTemplateRPC(object_store,
session_handler)
template_rpc.putSubHandler('network', network_template_rpc)
template_rule_rpc = template.TemplateRuleRPC(object_store, session_handler)
template_rpc.putSubHandler('rule', template_rule_rpc)
template_rule_password_rpc = template.TemplateRulePasswordRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('password', template_rule_password_rpc)
template_rule_assign_network_rpc = template.TemplateRuleAssignNetworkRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('assign_network',
template_rule_assign_network_rpc)
template_rule_subdevice_rpc = template.TemplateRuleSubdeviceRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('subdevice', template_rule_subdevice_rpc)
template_rule_text_rpc = template.TemplateRuleTextRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('text', template_rule_text_rpc)
template_rule_fixed_rpc = template.TemplateRuleFixedRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('fixed', template_rule_fixed_rpc)
template_rule_regmatch_rpc = template.TemplateRuleRegmatchRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('regmatch', template_rule_regmatch_rpc)
template_rule_bool_rpc = template.TemplateRuleBoolRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('bool', template_rule_bool_rpc)
template_rule_int_rpc = template.TemplateRuleIntRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('int', template_rule_int_rpc)
template_rule_delete_attribute_rpc = template.TemplateRuleDeleteAttributeRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('delete_attribute',
template_rule_delete_attribute_rpc)
template_rule_flush_nodes_rpc = template.TemplateRuleFlushNodesRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('flush_nodes',
template_rule_flush_nodes_rpc)
template_rule_flush_associations_rpc = template.TemplateRuleFlushAssociationsRPC(
object_store, session_handler)
template_rule_rpc.putSubHandler('flush_associations',
template_rule_flush_associations_rpc)
config_rpc = config.ConfigRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('config', config_rpc)
config_network_autoassign_rpc = config.ConfigNetworkAutoassignRPC(
object_store, session_handler)
config_rpc.putSubHandler('network_autoassign',
config_network_autoassign_rpc)
config_value_rpc = config.ConfigValueRPC(object_store, session_handler)
config_rpc.putSubHandler('value', config_value_rpc)
simple_rpc = simple.SimpleRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('simple', simple_rpc)
permission_rpc = permission.PermissionRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('permission', permission_rpc)
command_rpc = event.CommandRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('command', command_rpc)
command_queue_rpc = event.CommandQueueRPC(object_store, session_handler)
command_rpc.putSubHandler('queue', command_queue_rpc)
event_rpc = event.EventRPC(object_store, session_handler)
siptrackd_rpc.putSubHandler('event', event_rpc)
event_trigger_rpc = event.EventTriggerRPC(object_store, session_handler)
event_rpc.putSubHandler('trigger', event_trigger_rpc)
event_trigger_rule_rpc = event.EventTriggerRuleRPC(object_store,
session_handler)
event_trigger_rpc.putSubHandler('rule', event_trigger_rule_rpc)
event_trigger_rule_python_rpc = event.EventTriggerRulePythonRPC(
object_store, session_handler)
event_trigger_rule_rpc.putSubHandler('python',
event_trigger_rule_python_rpc)
root_service = service.MultiService()
if listen_port:
siptrackd_xmlrpc_service = internet.TCPServer(
listen_port, server.Site(siptrackd_rpc))
siptrackd_xmlrpc_service.setServiceParent(root_service)
if ssl_port:
ssl_context = SiptrackOpenSSLContextFactory(ssl_private_key,
ssl_certificate)
siptrackd_ssl_xmlrpc_service = internet.SSLServer(
ssl_port, server.Site(siptrackd_rpc), ssl_context)
siptrackd_ssl_xmlrpc_service.setServiceParent(root_service)
application = service.Application('siptrackd')
root_service.setServiceParent(application)
reactor.callWhenRunning(siptrackd_twisted_init, object_store, application)
if reload_interval:
reactor.callLater(reload_interval, object_store_reloader,
session_handler, object_store, reload_interval)
reactor.run()
log.msg('Shutting down siptrackd server.')
return 0
def makeService(snames, options, bootstrap_db=False, bootstrap_users=False):
try:
# config and init
configfile = configdir = None
if options['config']:
configdir = options['config']
configfile = os.path.join(options['config'], 'config.yaml')
anchore_engine.configuration.localconfig.load_config(
configdir=configdir, configfile=configfile)
localconfig = anchore_engine.configuration.localconfig.get_config()
localconfig['myservices'] = []
logger.spew("localconfig=" +
json.dumps(localconfig, indent=4, sort_keys=True))
except Exception as err:
log.err("cannot load configuration: exception - " + str(err))
raise err
# get versions of things
try:
versions = anchore_engine.configuration.localconfig.get_versions()
except Exception as err:
log.err("cannot detect versions of service: exception - " + str(err))
raise err
logger.info("initializing database")
# connect to DB
try:
db.initialize(versions=versions,
bootstrap_db=bootstrap_db,
bootstrap_users=bootstrap_users)
except Exception as err:
log.err("cannot connect to configured DB: exception - " + str(err))
raise err
#credential bootstrap
with session_scope() as dbsession:
system_user = db_users.get('anchore-system', session=dbsession)
localconfig['system_user_auth'] = (system_user['userId'],
system_user['password'])
# application object
application = service.Application("multi-service-" + '-'.join(snames))
#from twisted.python.log import ILogObserver, FileLogObserver
#from twisted.python.logfile import DailyLogFile
#logfile = DailyLogFile("ghgh.log", "/tmp/")
#multi-service
retservice = service.MultiService()
retservice.setServiceParent(application)
success = False
try:
scount = 0
for sname in snames:
if sname in localconfig['services'] and localconfig['services'][
sname]['enabled']:
smodule = importlib.import_module("anchore_engine.services." +
sname)
s = smodule.createService(sname, localconfig)
s.setServiceParent(retservice)
rc = smodule.initializeService(sname, localconfig)
if not rc:
raise Exception("failed to initialize service")
rc = smodule.registerService(sname, localconfig)
if not rc:
raise Exception("failed to register service")
logger.debug("starting service: " + sname)
success = True
scount += 1
localconfig['myservices'].append(sname)
else:
log.err(
"service not enabled in config, not starting service: " +
sname)
if scount == 0:
log.err(
"no services/subservices were enabled/started on this host")
success = False
except Exception as err:
log.err("cannot create/init/register service: " + sname +
" - exception: " + str(err))
success = False
if not success:
log.err("cannot start service (see above for information)")
traceback.print_exc('Service init failure')
raise Exception("cannot start service (see above for information)")
return (retservice)
def testInterface(self):
s = service.MultiService()
c = compat.IOldApplication(s)
for key in compat.IOldApplication.__dict__.keys():
if callable(getattr(compat.IOldApplication, key)):
self.assert_(callable(getattr(c, key)))
def makeService(self, options):
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if options["help"] == True:
self.printHelp()
sys.exit(1)
if os.name == 'posix' and os.getuid() == 0:
print('ERROR: You must not run cowrie as root!')
sys.exit(1)
cfg = readConfigFile(
("cowrie.cfg.dist", "etc/cowrie.cfg", "cowrie.cfg"))
# ssh is enabled by default
if cfg.has_option('ssh', 'enabled') == False or \
(cfg.has_option('ssh', 'enabled') and \
cfg.getboolean('ssh', 'enabled') == True):
enableSSH = True
else:
enableSSH = False
# telnet is disabled by default
if cfg.has_option('telnet', 'enabled') and \
cfg.getboolean('telnet', 'enabled') == True:
enableTelnet = True
else:
enableTelnet = False
if enableTelnet == False and enableSSH == False:
print('ERROR: You must at least enable SSH or Telnet')
sys.exit(1)
# Load db loggers
self.dbloggers = []
for x in cfg.sections():
if not x.startswith('database_'):
continue
engine = x.split('_')[1]
try:
dblogger = __import__('cowrie.dblog.{}'.format(engine),
globals(), locals(),
['dblog']).DBLogger(cfg)
log.addObserver(dblogger.emit)
self.dbloggers.append(dblogger)
log.msg("Loaded dblog engine: {}".format(engine))
except:
log.err()
log.msg("Failed to load dblog engine: {}".format(engine))
# Load output modules
self.output_plugins = []
for x in cfg.sections():
if not x.startswith('output_'):
continue
engine = x.split('_')[1]
try:
output = __import__('cowrie.output.{}'.format(engine),
globals(), locals(),
['output']).Output(cfg)
log.addObserver(output.emit)
self.output_plugins.append(output)
log.msg("Loaded output engine: {}".format(engine))
except ImportError as e:
log.err(
"Failed to load output engine: {} due to ImportError: {}".
format(engine, e))
log.msg(
"Please install the dependencies for {} listed in requirements-output.txt"
.format(engine))
except Exception:
log.err()
log.msg("Failed to load output engine: {}".format(engine))
topService = service.MultiService()
application = service.Application('cowrie')
topService.setServiceParent(application)
if enableSSH:
factory = cowrie.ssh.factory.CowrieSSHFactory(cfg)
factory.tac = self
factory.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
factory.portal.registerChecker(
core.checkers.HoneypotPublicKeyChecker())
factory.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
if cfg.has_option('honeypot', 'auth_none_enabled') and \
cfg.getboolean('honeypot', 'auth_none_enabled') == True:
factory.portal.registerChecker(
core.checkers.HoneypotNoneChecker())
if cfg.has_section('ssh'):
listen_endpoints = get_endpoints_from_section(cfg, 'ssh', 22)
else:
listen_endpoints = get_endpoints_from_section(
cfg, 'honeypot', 22)
create_endpoint_services(reactor, topService, listen_endpoints,
factory)
if enableTelnet:
f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
f.tac = self
f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
f.portal.registerChecker(
core.checkers.HoneypotPasswordChecker(cfg))
listen_endpoints = get_endpoints_from_section(cfg, 'telnet', 23)
create_endpoint_services(reactor, topService, listen_endpoints, f)
return topService
def setUp(self):
self.sparent = service.MultiService()
self.sparent.startService()
def makeService(config):
s = appservice.MultiService()
conf = inetdconf.InetdConf()
with open(config['file']) as f:
conf.parseFile(f)
for service in conf.services:
protocol = service.protocol
if service.protocol.startswith('rpc/'):
log.msg('Skipping rpc service due to lack of rpc support')
continue
if (protocol, service.socketType) not in [('tcp', 'stream'),
('udp', 'dgram')]:
log.msg('Skipping unsupported type/protocol: %s/%s' %
(service.socketType, service.protocol))
continue
# Convert the username into a uid (if necessary)
try:
service.user = int(service.user)
except ValueError:
try:
service.user = pwd.getpwnam(service.user)[2]
except KeyError:
log.msg('Unknown user: '******'s primary group
service.group = pwd.getpwuid(service.user)[3]
else:
try:
service.group = int(service.group)
except ValueError:
try:
service.group = grp.getgrnam(service.group)[2]
except KeyError:
log.msg('Unknown group: ' + service.group)
continue
if service.program == 'internal':
if config['nointernal']:
continue
# Internal services can use a standard ServerFactory
if service.name not in inetd.internalProtocols:
log.msg('Unknown internal service: ' + service.name)
continue
factory = ServerFactory()
factory.protocol = inetd.internalProtocols[service.name]
else:
factory = inetd.InetdFactory(service)
if protocol == 'tcp':
internet.TCPServer(service.port, factory).setServiceParent(s)
elif protocol == 'udp':
raise RuntimeError("not supporting UDP")
return s
def __init__(self):
usage.Options.__init__(self)
self.service = service.MultiService()
self['logfile'] = None
self['loglevel'] = logging.DEBUG
self['config'] = None
def setUp(self):
self.s = service.MultiService()
self.s.startService()
def testMultiService(self):
self.assert_(service.IService.providedBy(service.MultiService()))
self.assert_(service.IServiceCollection.providedBy(service.MultiService()))
def makeService(self, options: Dict) -> service.Service:
"""
Construct a TCPServer from a factory defined in Cowrie.
"""
if options["help"] is True:
print("""Usage: twistd [options] cowrie [-h]
Options:
-h, --help print this help message.
Makes a Cowrie SSH/Telnet honeypot.
""")
sys.exit(1)
if os.name == "posix" and os.getuid() == 0:
print("ERROR: You must not run cowrie as root!")
sys.exit(1)
tz: str = CowrieConfig.get("honeypot", "timezone", fallback="UTC")
# `system` means use the system time zone
if tz != "system":
os.environ["TZ"] = tz
log.msg("Python Version {}".format(str(sys.version).replace("\n", "")))
log.msg("Twisted Version {}.{}.{}".format(
__twisted_version__.major,
__twisted_version__.minor,
__twisted_version__.micro,
))
log.msg("Cowrie Version {}.{}.{}".format(
__cowrie_version__.major,
__cowrie_version__.minor,
__cowrie_version__.micro,
))
# check configurations
if not self.enableTelnet and not self.enableSSH and not self.pool_only:
print(
"ERROR: You must at least enable SSH or Telnet, or run the backend pool"
)
sys.exit(1)
# Load output modules
self.output_plugins = []
for x in CowrieConfig.sections():
if not x.startswith("output_"):
continue
if CowrieConfig.getboolean(x, "enabled") is False:
continue
engine: str = x.split("_")[1]
try:
output = __import__(f"cowrie.output.{engine}", globals(),
locals(), ["output"]).Output()
log.addObserver(output.emit)
self.output_plugins.append(output)
log.msg(f"Loaded output engine: {engine}")
except ImportError as e:
log.err(
f"Failed to load output engine: {engine} due to ImportError: {e}"
)
log.msg(
f"Please install the dependencies for {engine} listed in requirements-output.txt"
)
except Exception:
log.err()
log.msg(f"Failed to load output engine: {engine}")
self.topService = service.MultiService()
application = service.Application("cowrie")
self.topService.setServiceParent(application)
# initialise VM pool handling - only if proxy AND pool set to enabled, and pool is to be deployed here
# or also enabled if pool_only is true
backend_type: str = CowrieConfig.get("honeypot",
"backend",
fallback="shell")
proxy_backend: str = CowrieConfig.get("proxy",
"backend",
fallback="simple")
if (backend_type == "proxy"
and proxy_backend == "pool") or self.pool_only:
# in this case we need to set some kind of pool connection
local_pool: bool = (CowrieConfig.get("proxy",
"pool",
fallback="local") == "local")
pool_host: str = CowrieConfig.get("proxy",
"pool_host",
fallback="127.0.0.1")
pool_port: int = CowrieConfig.getint("proxy",
"pool_port",
fallback=6415)
if local_pool or self.pool_only:
# start a pool locally
f = PoolServerFactory()
f.tac = self
listen_endpoints = get_endpoints_from_section(
CowrieConfig, "backend_pool", 6415)
create_endpoint_services(reactor, self.topService,
listen_endpoints, f)
pool_host = "127.0.0.1" # force use of local interface
# either way (local or remote) we set up a client to the pool
# unless this instance has no SSH and Telnet (pool only)
if (self.enableTelnet or self.enableSSH) and not self.pool_only:
self.pool_handler = PoolHandler(pool_host, pool_port,
self) # type: ignore
else:
# we initialise the services directly
self.pool_ready()
return self.topService
def testParent(self):
s = service.Service()
p = service.MultiService()
s.setServiceParent(p)
self.assertEqual(list(p), [s])
self.assertEqual(s.parent, p)
self.write("<h1>Not Found</h1>Sorry, no such page.")
self.finish()
class MyHttp(http.HTTPChannel):
requestFactory = MyRequestHandler
class MyHttpFactory(http.HTTPFactory):
protocol = MyHttp
# configuration parameters
port = 10000
listen_ip = 'localhost'
# this will hold the services that combine to form the poetry server
top_service = service.MultiService()
# the tcp service connects the factory to a listening socket. it will
# create the listening socket when it is started
factory = MyHttpFactory()
tcp_service = internet.TCPServer(port, factory, interface=listen_ip)
tcp_service.setServiceParent(top_service)
# this variable has to be named 'application'
application = service.Application("simple_http")
# this hooks the collection we made to the application
top_service.setServiceParent(application)
def makeService(config):
s = appservice.MultiService()
conf = inetdconf.InetdConf()
conf.parseFile(open(config['file']))
rpcConf = inetdconf.RPCServicesConf()
try:
rpcConf.parseFile(open(config['rpc']))
except:
# We'll survive even if we can't read /etc/rpc
log.deferr()
for service in conf.services:
rpc = service.protocol.startswith('rpc/')
protocol = service.protocol
if rpc and not rpcOk:
log.msg('Skipping rpc service due to lack of rpc support')
continue
if rpc:
# RPC has extra options, so extract that
protocol = protocol[4:] # trim 'rpc/'
if not protocolDict.has_key(protocol):
log.msg('Bad protocol: ' + protocol)
continue
try:
name, rpcVersions = service.name.split('/')
except ValueError:
log.msg('Bad RPC service/version: ' + service.name)
continue
if not rpcConf.services.has_key(name):
log.msg('Unknown RPC service: ' + repr(service.name))
continue
try:
if '-' in rpcVersions:
start, end = map(int, rpcVersions.split('-'))
rpcVersions = range(start, end+1)
else:
rpcVersions = [int(rpcVersions)]
except ValueError:
log.msg('Bad RPC versions: ' + str(rpcVersions))
continue
if (protocol, service.socketType) not in [('tcp', 'stream'),
('udp', 'dgram')]:
log.msg('Skipping unsupported type/protocol: %s/%s'
% (service.socketType, service.protocol))
continue
# Convert the username into a uid (if necessary)
try:
service.user = int(service.user)
except ValueError:
try:
service.user = pwd.getpwnam(service.user)[2]
except KeyError:
log.msg('Unknown user: '******'s primary group
service.group = pwd.getpwuid(service.user)[3]
else:
try:
service.group = int(service.group)
except ValueError:
try:
service.group = grp.getgrnam(service.group)[2]
except KeyError:
log.msg('Unknown group: ' + service.group)
continue
if service.program == 'internal':
if config['nointernal']:
continue
# Internal services can use a standard ServerFactory
if not inetd.internalProtocols.has_key(service.name):
log.msg('Unknown internal service: ' + service.name)
continue
factory = ServerFactory()
factory.protocol = inetd.internalProtocols[service.name]
elif rpc:
i = RPCServer(rpcVersions, rpcConf, proto, service)
i.setServiceParent(s)
continue
else:
# Non-internal non-rpc services use InetdFactory
factory = inetd.InetdFactory(service)
if protocol == 'tcp':
internet.TCPServer(service.port, factory).setServiceParent(s)
elif protocol == 'udp':
raise RuntimeError("not supporting UDP")
return s
