def connectionMade(self): if (self.transport.getHost().port == config.smtpPort): self.name = config.smtpName elif (self.transport.getHost().port == config.smtpsPort): self.name = config.smtpsName else: log.err("Please check SMTP/SMTPS port configuration!") self.name = "SMTP/SMTPS" self.setTimeout(self.timeoutPreAuth) log.info(self.name + " established connection to " + str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) # add connection to dictionary self.factory.clients[self] = (str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) # protocol state self.state["connected"] = True self.peerOfAttacker = self.transport.getPeer().host response = "220 Service ready ESMTP\r\n" self.transport.write(response.encode("UTF-8"))
def timeoutConnection(self): response = "* BYE Connection closed due to timeout\r\n" log.info(self.name + " (" + self.peerOfAttacker + "): Timeout waiting for client input") self.transport.write(response.encode("UTF-8")) # close connection gently (nonblocking, send buffers before closing, client is able to receive error message) self.transport.loseConnection()
def connectionLost(self, reason): log.info(self.name + " lost connection to " + str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) self.setTimeout(None) # remove connection from dictionary del self.factory.clients[self]
def connectionMade(self): if (self.transport.getHost().port == config.imapPort): self.name = config.imapName elif (self.transport.getHost().port == config.imapsPort): self.name = config.imapsName else: log.err("Please check IMAP/IMAPS port configuration!") self.name = "IMAP/IMAPS" self.setTimeout(self.timeoutPreAuth) log.info(self.name + " established connection to " + str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) # add connection to dictionary self.factory.clients[self] = (str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) # protocol state self.state["connected"] = True self.stateRFC = IMAPState.NotAuth self.peerOfAttacker = self.transport.getPeer().host # server hello response = "* OK IMAP4rev1 Service Ready\r\n" self.transport.write(response.encode("UTF-8"))
def timeoutConnection(self): response = "-ERR Timeout waiting for client input\r\n" log.info(self.name+" ("+self.peerOfAttacker+"): Timeout waiting for client input") self.transport.write(response.encode("UTF-8")) # close connection gently (nonblocking, send buffers before closing, client is able to receive error message) self.transport.loseConnection() time.sleep(5) # force close connection after waiting duration self.transport.abortConnection()
def stopService(self, name): """ Stops the given service and removes it from threadDict :param name: Name of the service (str) """ log.info("Stop Service: " + name) if name in self.runningServicesDict: self.serviceDict[name].stopService() self.runningServicesDict.pop(name) if name not in config.noPortSpecificService: self.listen.startOnPort(self.serviceDict[name]._port) return True else: return False
def startService(self, name): """ Starts the given service and adds it to threadDict :param name: Name of the service (str) """ log.info("Try StartService: " + name) if name not in self.runningServicesDict: if name not in config.noPortSpecificService: self.listen.stopOnPort(self.serviceDict[name]._port) self.serviceDict[name].startService() self.runningServicesDict[name] = self.serviceDict[name] return True else: return False
def writeToDatabase(self, user, pw, services): if type(user) is bytes: user = user.decode() if type(pw) is bytes: pw = pw.decode() try: with open(self.filepath, "a") as file: log.info("Begin Honeytoken creation: {} : {}".format( user, pw)) #TODO make this a proper log type file.write("\n" + services + self.sep + user + self.sep + pw + self.sep) except Exception as e: log.err("Honeytoken DB write exception: {}".format(e))
def __init__(self): """ Opens a RAW socket which is able to monitor all TCP/IP Traffic within the machine. Root priv. are needed! """ super(TCPFlagSniffer, self).__init__() self._name = config.tcpFlagSnifferName self.synConnections = dict([]) self.reInstanceThreads() self.synConnectionsLock = threading.Lock() self.rootStatus = True try: self.rSock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP) except socket.error: log.info("RAW Socket could not be created. You are root?") log.err("TCPFlagSniffer wird nicht ordnungsgemäß ausgeführt werden!") self.rootStatus = False
def connectionMade(self): if (self.transport.getHost().port == config.pop3Port): self.name = config.pop3Name elif (self.transport.getHost().port == config.pop3sPort): self.name = config.pop3sName else: log.err("Please check POP3/POP3S port configuration!") self.name = "POP3/POP3S" self.setTimeout(self.timeoutPreAuth) log.info(self.name+" established connection to "+str(self.transport.getPeer().host)+":"+str(self.transport.getPeer().port)) # add connection to dictionary self.factory.clients[self] = (str(self.transport.getPeer().host) + ":" + str(self.transport.getPeer().port)) # protocol state self.state["connected"] = True self.peerOfAttacker = self.transport.getPeer().host # TODO: modify server name response = "+OK example.com POP3 server\r\n" self.transport.write(response.encode("UTF-8"))
def shutdownHoneyGrove(): log.info("Shutting down") ssh_database.save() quit()
from honeygrove.logging import log from honeygrove.resources.ssh_resources import database as ssh_database from honeygrove.core.HoneyAdapter import HoneyAdapter def shutdownHoneyGrove(): log.info("Shutting down") ssh_database.save() quit() if __name__ == '__main__': """ Startup module. Name needs to be like this for the automatic import of the other modules. """ log.info("Starting HoneyGrove") if not os.getuid() == 0: print( "[-] Honeygrove must be run as root. \n[!] Starting anyway! \n[!] Some functions are not working correctly!") HoneyAdapter.init() commandThread = threading.Thread(target=HoneyAdapter.command_message_loop, args=()) heartbeatThread = threading.Thread(target=HoneyAdapter.hearbeat, args=()) commandThread.name = "CommandThread" heartbeatThread.name = "HeartbeatThread" commandThread.start() heartbeatThread.start()