def startup_servers():
plugins_dict = hpotter.plugins.__dict__
for plugin_name in plugins_dict['__all__']:
importlib.import_module('hpotter.plugins.' + plugin_name)
plugin = plugins_dict[plugin_name]
logger.info('Starting %s', plugin_name)
plugin.start_server()
def run(self):
while True:
try:
client, addr = self.ssh_socket.accept()
except ConnectionAbortedError:
break
except OSError:
break
connection = tables.Connections(
sourceIP=addr[0],
sourcePort=addr[1],
destPort=self.ssh_socket.getsockname()[1],
localRemote = getLocalRemote(addr[0]),
proto=tables.TCP)
write_db(connection)
transport = paramiko.Transport(client)
transport.load_server_moduli()
# Experiment with different key sizes at:
# http://travistidwell.com/jsencrypt/demo/
host_key = paramiko.RSAKey(filename="RSAKey.cfg")
transport.add_server_key(host_key)
server = SSHServer(connection)
transport.start_server(server=server)
self.chan = transport.accept()
if not self.chan:
logger.info('no chan')
continue
fake_shell(self.chan, connection, '# ')
self.chan.close()
def run(self):
source_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
source_socket.settimeout(5)
source_socket.bind(self.bind_address)
source_socket.listen()
while True:
try:
try:
source, address = source_socket.accept()
except socket.timeout:
if self.shutdown_requested:
logger.info('Shutdown requested')
return
else:
continue
dest = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# dest.settimeout(30)
dest.connect(self.connect_address)
OneWayThread(source, dest, self.table, self.limit).start()
OneWayThread(dest, source).start()
except OSError as exc:
source.close()
logger.info(exc)
continue
def create_tls_cert_and_key(tmp_file):
key = crypto.PKey()
key.generate_key(crypto.TYPE_RSA, 4096)
req = crypto.X509Req()
subject = req.get_subject()
subject.O = 'org'
subject.OU = 'orgUnit'
req.set_pubkey(key)
req.sign(key, "sha256")
cert = crypto.X509()
cert.set_serial_number(1)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(31536000) # one year
cert.set_issuer(req.get_subject())
cert.set_subject(req.get_subject())
cert.set_pubkey(req.get_pubkey())
cert.sign(key, "sha256")
logger.info("Created: TLS cert and key")
with open(tmp_file, "w") as tmp_cert_file:
tmp_cert_file.write(
crypto.dump_privatekey(crypto.FILETYPE_PEM, key).decode("utf-8"))
tmp_cert_file.write(
crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode("utf-8"))
global set_cert
set_cert = True
def remove_certs():
tmp_file = check_platform()
try:
if set_cert:
os.remove(tmp_file)
logger.info("removing TLS cert and key")
except:
raise FileNotFoundError
def shutdown_servers(signum, frame):
for plugin_name in plugins_dict['__all__']:
importlib.import_module('hpotter.plugins.' + plugin_name)
plugin = plugins_dict[plugin_name]
logger.info('Stopping %s', plugin_name)
plugin.stop_server()
logger.info('Done stopping %s', plugin_name)
# shell might have been started by telnet, ssh, ...
stop_shell()
close_db()
def shutdown_servers(signum, frame):
plugins_dict = hpotter.plugins.__dict__
for plugin_name in plugins_dict['__all__']:
importlib.import_module('hpotter.plugins.' + plugin_name)
plugin = plugins_dict[plugin_name]
logger.info('Stopping %s', plugin_name)
plugin.stop_server()
logger.info('Done stopping %s', plugin_name)
# shell might have been started by telnet, ssh, ...
stop_shell()
def start_network(label, iprange):
try:
global network
network = NetBuilder(name=label, ipr=iprange).network
logger.info("Network: %s created", network.name)
except docker.errors.APIError as err:
logger.info(err)
print(
"Duplicate network found.\nEnsure all HPotter networks and attached containers are stopped before running HPotter. \n(Refer to DEVELOPER.md for instructions on how to remove duplicate networks)"
)
sys.exit()
def start_server(): # leave these two in place
try:
client = docker.from_env()
container = 'httpd:latest'
if platform.machine() == 'armv6l':
container = 'arm32v6/httpd:alpine'
try:
os.mkdir('apache2')
except FileExistsError:
pass
except OSError as error:
logger.info(error)
return
Singletons.httpd_container = client.containers.run(container, \
detach=True, ports={'80/tcp': 8080}, read_only=True, \
volumes={'apache2': \
{'bind': '/usr/local/apache2/logs', 'mode': 'rw'}})
logger.info('Created: %s', Singletons.httpd_container)
except OSError as err:
logger.info(err)
if Singletons.httpd_container:
logger.info(Singletons.httpd_container.logs())
rm_container()
return
Singletons.httpd_thread = PipeThread(('0.0.0.0', 80), \
('127.0.0.1', 8080), HTTPCommands, 4096)
Singletons.httpd_thread.start()
def start_server():
try:
client = docker.from_env()
container = 'mariadb:latest'
if platform.machine() == 'armv6l':
container = 'apcheamitru/arm32v6-mariadb:latest'
try:
os.mkdir('tmp')
os.mkdir('mysqld')
except FileExistsError:
pass
except OSError as error:
logger.info(error)
return
Singletons.mariadb_container = client.containers.run(container, \
detach=True, ports={'3306/tcp': 33060}, \
environment=['MYSQL_ALLOW_EMPTY_PASSWORD=yes'])
logger.info('Created: %s', Singletons.mariadb_container)
except OSError as err:
logger.info(err)
if Singletons.mariadb_container:
logger.info(Singletons.mariadb_container.logs())
rm_container()
return
di = lambda a: re.sub(b'([\x00-\x20]|[\x7f-\xff])+', b' ', a)
Singletons.mariadb_thread = PipeThread(('0.0.0.0', 3306), \
('127.0.0.1', 33060), SQL, SQL_COMMAND_LENGTH, di=di)
Singletons.mariadb_thread.start()
def start_server():
try:
client = docker.from_env()
container = 'mariadb:latest'
if platform.machine() == 'armv6l':
container = 'apcheamitru/arm32v6-mariadb:latest'
try:
os.mkdir('tmp')
os.mkdir('mysqld')
except FileExistsError:
pass
except OSError as error:
logger.info(error)
return
Singletons.mariadb_container = client.containers.run(container, \
detach=True, ports={'3306/tcp': 33060}, \
environment=['MYSQL_ALLOW_EMPTY_PASSWORD=yes'])
logger.info('Created: %s', Singletons.mariadb_container)
except OSError as err:
logger.info(err)
if Singletons.mariadb_container:
logger.info(Singletons.mariadb_container.logs())
rm_container()
return
di = lambda a: re.sub(b'([\x00-\x20]|[\x7f-\xff])+', b' ', a)
Singletons.mariadb_thread = PipeThread(('0.0.0.0', 3306), \
('127.0.0.1', 33060), SQL, SQL_COMMAND_LENGTH, di=di)
Singletons.mariadb_thread.start()
def start_server():
try:
client = docker.from_env()
container = 'httpd:latest'
if platform.machine() == 'armv6l':
container = 'arm32v6/httpd:alpine'
try:
os.mkdir('apache2')
except FileExistsError:
pass
except OSError as error:
logger.info(error)
return
Singletons.httpd_container = client.containers.run(container, \
detach=True, ports={'80/tcp': 8080}, read_only=True, \
volumes={'apache2': \
{'bind': '/usr/local/apache2/logs', 'mode': 'rw'}})
logger.info('Created: %s', Singletons.httpd_container)
# Can't close the bridge because we need it to connect to the
# container.
except OSError as err:
logger.info(err)
if Singletons.httpd_container:
logger.info(Singletons.httpd_container.logs())
rm_container()
return
Singletons.httpd_thread = PipeThread(('0.0.0.0', 80), \
('127.0.0.1', 8080), Requests, COMMAND_LENGTH, request_type='Web')
Singletons.httpd_thread.start()
def start_server(): # leave these two in place
try:
client = docker.from_env()
container = 'mariadb:latest'
if platform.machine() == 'armv6l':
container = 'apcheamitru/arm32v6-mariadb:latest'
try:
os.mkdir('tmp')
os.mkdir('mysqld')
except FileExistsError:
pass
except OSError as error:
logger.info(error)
return
Singletons.mariadb_container = client.containers.run(container, \
detach=True, ports={'3306/tcp': 33060}, read_only=True, \
environment=['MYSQL_ALLOW_EMPTY_PASSWORD=yes'], \
volumes={'tmp': {'bind': '/tmp', 'mode': 'rw'}, \
'mysqld': {'bind': '/var/run/mysqld', 'mode': 'rw'}
})
logger.info('Created: %s', Singletons.mariadb_container)
except OSError as err:
logger.info(err)
if Singletons.mariadb_container:
logger.info(Singletons.mariadb_container.logs())
rm_container()
return
Singletons.mariadb_thread = PipeThread(('0.0.0.0', 3306), \
('127.0.0.1', 33060), SQL, 4096)
Singletons.mariadb_thread.start()
def rm_container():
if Singletons.mariadb_container:
logger.info('Stopping mariadb_container')
Singletons.mariadb_container.stop()
logger.info('Removing mariadb_container')
Singletons.mariadb_container.remove()
Singletons.mariadb_container = None
else:
logger.info('No mariadb_container to stop')
def run(self):
while True:
try:
client, addr = self.ssh_socket.accept()
except ConnectionAbortedError:
break
session = Session()
connection = tables.Connections(
sourceIP=addr[0],
sourcePort=addr[1],
destIP=self.ssh_socket.getsockname()[0],
destPort=self.ssh_socket.getsockname()[1],
proto=tables.TCP)
session.add(connection)
session.commit()
transport = paramiko.Transport(client)
transport.load_server_moduli()
# Experiment with different key sizes at:
# http://travistidwell.com/jsencrypt/demo/
host_key = paramiko.RSAKey(filename="RSAKey.cfg")
transport.add_server_key(host_key)
server = SSHServer(session, connection)
transport.start_server(server=server)
self.chan = transport.accept()
if not self.chan:
logger.info('no chan')
continue
fake_shell(self.chan, session, connection, '# ')
self.chan.close()
Session.remove()
def rm_container():
if Singletons.mariadb_container:
logger.info('Stopping mariadb_container')
Singletons.mariadb_container.stop()
logger.info('Removing mariadb_container')
Singletons.mariadb_container.remove()
Singletons.mariadb_container = None
else:
logger.info('No mariadb_container to stop')
def rm_container():
if Singletons.httpd_container:
logger.info('Stopping httpd_container')
Singletons.httpd_container.stop()
logger.info('Removing httpd_container')
Singletons.httpd_container.remove()
Singletons.httpd_container = None
else:
logger.info('No httpd_container to stop')
def run(self):
source_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
source_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
source_socket.settimeout(5)
source_socket.bind(self.bind_address)
source_socket.listen()
while True:
try:
source = None
try:
source, address = source_socket.accept()
if self.tls:
context = ssl.create_default_context(
ssl.Purpose.CLIENT_AUTH)
context.load_cert_chain(certfile="/tmp/cert.pem",
keyfile="/tmp/cert.pem")
source = context.wrap_socket(source, server_side=True)
except socket.timeout:
if self.shutdown_requested:
logger.info('Shutdown requested')
if source:
source.close()
logger.info('----- %s: Socket closed', self.table)
return
else:
continue
dest = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
dest.settimeout(30)
dest.connect(self.connect_address)
if self.request_type == '':
OneWayThread(source=source,
dest=dest,
table=self.table,
limit=self.limit,
di=self.di).start()
else:
OneWayThread(source=source,
dest=dest,
table=self.table,
request_type=self.request_type,
limit=self.limit,
di=self.di).start()
OneWayThread(dest, source).start()
except OSError as exc:
dest.close()
source.close()
logger.info(exc)
continue
def stop_server():
if telnet_server:
telnet_server.shutdown()
logger.info("Telnet server was shutdown")
def start_server(address='0.0.0.0', port=23):
global telnet_server
telnet_handler = TelnetHandler
telnet_server = TelnetServer((address, port), telnet_handler)
threading.Thread(target=telnet_server.serve_forever).start()
logger.info("Telnet server is up and running")
def start_plugins():
# create network
start_network("net_1", "10.3.3.0")
# ensure Docker is running
try:
s = subprocess.check_output('docker ps', shell=True)
except subprocess.CalledProcessError:
print("Ensure Docker is running, and please try again.")
sys.exit()
config = read_in_config()
start_services(parse_services(config[0]))
all_plugins = parse_plugins(config[1])
current_thread = None
current_container = None
for plugin in all_plugins:
if plugin is not None:
try:
check_certs(plugin.cert)
client = docker.from_env()
container = plugin.container
if platform.machine() == 'armv6l':
container = plugin.alt_container
try:
for cmd in plugin.setup['mkdir']:
logger.info("%s created the %s directory", plugin.name,
cmd)
os.mkdir(cmd)
except FileExistsError:
pass
except OSError as error:
logger.info(error)
return
if (plugin.volumes):
current_container = client.containers.run(container, \
detach=plugin.detach, ports=plugin.makeports(), \
environment=[plugin.environment])
else:
current_container = client.containers.run(container, \
detach=plugin.detach, ports=plugin.makeports(), \
read_only=True)
logger.info('Created: %s', plugin.name)
network.connect(current_container)
logger.info('Connected %s to %s network', plugin.name,
network.name)
except OSError as err:
logger.info(err)
if current_container:
logger.info(current_container.logs())
# rm_container()
return
di = lambda a: re.sub(b'([\x00-\x20]|[\x7f-xff])+', b' ', a)
current_thread = PipeThread((plugin.listen_address, \
plugin.listen_port), (plugin.ports['connect_address'], \
plugin.ports['connect_port']), plugin.table, \
plugin.capture_length, request_type=plugin.request_type, tls=plugin.tls)
current_thread.start()
p_dict = {
"plugin": plugin,
"container": current_container,
"thread": current_thread
}
Singletons.active_plugins[plugin.name] = p_dict
else:
logger.info(
"yaml configuration seems to be missing some important information"
)
def stop_plugins():
ssh.stop_server()
telnet.stop_server()
remove_certs()
for name, item in Singletons.active_plugins.items():
try:
for cmd in item["plugin"].teardown['rmdir']:
logger.info("---%s is removing the %s directory", name, cmd)
os.rmdir(cmd)
except FileExistsError:
pass
except FileNotFoundError:
pass
except OSError as error:
logger.info(name + ": " + str(error))
return
if item["container"] is not None:
item["thread"].request_shutdown()
logger.info("--- removing %s container", item["plugin"].name)
network.disconnect(item["container"].name, True)
network.reload()
# avoid race conditions
lock = threading.Lock()
lock.acquire()
# remove network once all containers are disconnected
if not network.containers:
stop_network()
logger.info("--- network removed")
lock.release()
logger.info("--- %s container disconnected from %s",
item["plugin"].name, network.name)
item["container"].stop()
logger.info("--- %s container removed", item["plugin"].name)
def start_server(address, port):
global ssh_server
ssh_server = SshThread(address, port)
threading.Thread(target=ssh_server.run).start()
logger.info("The SSH Server is up and running")
def stop_server():
if ssh_server:
ssh_server.stop()
logger.info("The ssh-server was shutdown")
def startup_servers():
for plugin_name in plugins_dict['__all__']:
importlib.import_module('hpotter.plugins.' + plugin_name)
plugin = plugins_dict[plugin_name]
logger.info('Starting %s', plugin_name)
plugin.start_server()
