def startFactory(self):
"""
"""
# For use by the uptime command
self.starttime = time.time()
# Load/create keys
rsaPubKeyString, rsaPrivKeyString = cowriekeys.getRSAKeys()
dsaPubKeyString, dsaPrivKeyString = cowriekeys.getDSAKeys()
self.publicKeys = {
b'ssh-rsa': keys.Key.fromString(data=rsaPubKeyString),
b'ssh-dss': keys.Key.fromString(data=dsaPubKeyString)
}
self.privateKeys = {
b'ssh-rsa': keys.Key.fromString(data=rsaPrivKeyString),
b'ssh-dss': keys.Key.fromString(data=dsaPrivKeyString)
}
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError as err:
pass
try:
self.ourVersionString = CONFIG.get('ssh', 'version')
except NoOptionError:
self.ourVersionString = 'SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2'
factory.SSHFactory.startFactory(self)
log.msg("Ready to accept SSH connections")
def startFactory(self):
# For use by the uptime command
self.starttime = time.time()
# Load/create keys
rsaPubKeyString, rsaPrivKeyString = cowriekeys.getRSAKeys()
dsaPubKeyString, dsaPrivKeyString = cowriekeys.getDSAKeys()
self.publicKeys = {
b"ssh-rsa": keys.Key.fromString(data=rsaPubKeyString),
b"ssh-dss": keys.Key.fromString(data=dsaPubKeyString),
}
self.privateKeys = {
b"ssh-rsa": keys.Key.fromString(data=rsaPrivKeyString),
b"ssh-dss": keys.Key.fromString(data=dsaPrivKeyString),
}
_modulis = "/etc/ssh/moduli", "/private/etc/moduli"
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except OSError:
pass
# this can come from backend in the future, check HonSSH's slim client
self.ourVersionString = CowrieConfig.get(
"ssh", "version", fallback="SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2")
factory.SSHFactory.startFactory(self)
log.msg("Ready to accept SSH connections")
def startFactory(self):
# For use by the uptime command
self.starttime = time.time()
# Load/create keys
rsaPubKeyString, rsaPrivKeyString = cowriekeys.getRSAKeys()
dsaPubKeyString, dsaPrivKeyString = cowriekeys.getDSAKeys()
self.publicKeys = {
b'ssh-rsa': keys.Key.fromString(data=rsaPubKeyString),
b'ssh-dss': keys.Key.fromString(data=dsaPubKeyString)
}
self.privateKeys = {
b'ssh-rsa': keys.Key.fromString(data=rsaPrivKeyString),
b'ssh-dss': keys.Key.fromString(data=dsaPrivKeyString)
}
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError:
pass
factory.SSHFactory.startFactory(self)
log.msg("Ready to accept SSH connections")
def buildProtocol(self, addr):
_moduli = '/etc/ssh/moduli'
cfg = config()
# FIXME: try to mimic something real 100%
t = HoneyPotTransport()
if cfg.has_option('honeypot', 'ssh_version_string'):
t.ourVersionString = cfg.get('honeypot','ssh_version_string')
else:
t.ourVersionString = "SSH-2.0-OpenSSH_5.1p1 Debian-5"
t.supportedPublicKeys = self.privateKeys.keys()
if ( os.path.exists( _moduli ) ):
self.primes = primes.parseModuliFile( _moduli )
if not self.primes:
ske = t.supportedKeyExchanges[:]
ske.remove('diffie-hellman-group-exchange-sha1')
t.supportedKeyExchanges = ske
# reorder supported ciphers to resemble current openssh more
t.supportedCiphers = ['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc' ]
t.supportedPublicKeys = ['ssh-rsa', 'ssh-dss']
t.supportedMACs = [ 'hmac-md5', 'hmac-sha1']
t.factory = self
return t
def buildProtocol(self, addr):
# FIXME: try to mimic something real 100%
t = HoneyPotTransport()
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
if self.version:
t.ourVersionString = self.version
else:
t.ourVersionString = 'empty'
t.supportedPublicKeys = self.privateKeys.keys()
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError:
pass
if not self.primes:
ske = t.supportedKeyExchanges[:]
ske.remove('diffie-hellman-group-exchange-sha1')
t.supportedKeyExchanges = ske
t.factory = self
return t
def startFactory(self):
# For use by the uptime command
self.starttime = time.time()
# Load/create keys
rsaPubKeyString, rsaPrivKeyString = cowriekeys.getRSAKeys()
dsaPubKeyString, dsaPrivKeyString = cowriekeys.getDSAKeys()
self.publicKeys = {
b'ssh-rsa': keys.Key.fromString(data=rsaPubKeyString),
b'ssh-dss': keys.Key.fromString(data=dsaPubKeyString)
}
self.privateKeys = {
b'ssh-rsa': keys.Key.fromString(data=rsaPrivKeyString),
b'ssh-dss': keys.Key.fromString(data=dsaPrivKeyString)
}
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError:
pass
try:
self.ourVersionString = CONFIG.get('ssh', 'version')
except NoOptionError:
self.ourVersionString = 'SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2'
factory.SSHFactory.startFactory(self)
log.msg("Ready to accept SSH connections")
def startFactory(self):
# For use by the uptime command
self.starttime = time.time()
# Load/create keys
self.publicKeys = {}
self.privateKeys = {}
try:
public_key_auth = [
i.encode("utf-8")
for i in CowrieConfig.get("ssh", "public_key_auth").split(",")
]
except NoOptionError:
# no keys defined, use the three most common pub keys of OpenSSH
public_key_auth = [
b"ssh-rsa", b"ecdsa-sha2-nistp256", b"ssh-ed25519"
]
for key in public_key_auth:
if key == b"ssh-rsa":
rsaPubKeyString, rsaPrivKeyString = cowriekeys.getRSAKeys()
self.publicKeys[key] = keys.Key.fromString(
data=rsaPubKeyString)
self.privateKeys[key] = keys.Key.fromString(
data=rsaPrivKeyString)
elif key == b"ssh-dss":
dsaaPubKeyString, dsaPrivKeyString = cowriekeys.getDSAKeys()
self.publicKeys[key] = keys.Key.fromString(
data=dsaaPubKeyString)
self.privateKeys[key] = keys.Key.fromString(
data=dsaPrivKeyString)
elif key == b"ecdsa-sha2-nistp256":
ecdsaPuKeyString, ecdsaPrivKeyString = cowriekeys.getECDSAKeys(
)
self.publicKeys[key] = keys.Key.fromString(
data=ecdsaPuKeyString)
self.privateKeys[key] = keys.Key.fromString(
data=ecdsaPrivKeyString)
elif key == b"ssh-ed25519":
ed25519PubKeyString, ed25519PrivKeyString = cowriekeys.geted25519Keys(
)
self.publicKeys[key] = keys.Key.fromString(
data=ed25519PubKeyString)
self.privateKeys[key] = keys.Key.fromString(
data=ed25519PrivKeyString)
_modulis = "/etc/ssh/moduli", "/private/etc/moduli"
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except OSError:
pass
# this can come from backend in the future, check HonSSH's slim client
self.ourVersionString = CowrieConfig.get(
"ssh", "version", fallback="SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2")
factory.SSHFactory.startFactory(self)
log.msg("Ready to accept SSH connections")
def __init__(self, portal):
self.services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
self.publicKeys = {
'ssh-rsa': keys.Key.fromFile('host_keys/host_rsa.pub')
}
self.privateKeys = {'ssh-rsa': keys.Key.fromFile('host_keys/host_rsa')}
self.protocol = SSHServerTransport
self.primes = parseModuliFile('/etc/moduli')
self.portal = portal
def buildProtocol(self, addr):
"""
Create an instance of the server side of the SSH protocol.
@type addr: L{twisted.internet.interfaces.IAddress} provider
@param addr: The address at which the server will listen.
@rtype: L{cowrie.ssh.transport.HoneyPotSSHTransport}
@return: The built transport.
"""
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
t = transport.HoneyPotSSHTransport()
try:
t.ourVersionString = self.cfg.get('ssh', 'version').encode('ascii')
except:
t.ourVersionString = b"SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2"
t.supportedPublicKeys = list(self.privateKeys.keys())
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError as err:
pass
if not self.primes:
ske = t.supportedKeyExchanges[:]
if b'diffie-hellman-group-exchange-sha1' in ske:
ske.remove(b'diffie-hellman-group-exchange-sha1')
log.msg("No moduli, no diffie-hellman-group-exchange-sha1")
if b'diffie-hellman-group-exchange-sha256' in ske:
ske.remove(b'diffie-hellman-group-exchange-sha256')
log.msg("No moduli, no diffie-hellman-group-exchange-sha256")
t.supportedKeyExchanges = ske
# Reorder supported ciphers to resemble current openssh more
t.supportedCiphers = [
b'aes128-ctr', b'aes192-ctr', b'aes256-ctr', b'aes128-cbc',
b'3des-cbc', b'blowfish-cbc', b'cast128-cbc', b'aes192-cbc',
b'aes256-cbc'
]
t.supportedPublicKeys = [b'ssh-rsa', b'ssh-dss']
t.supportedMACs = [b'hmac-md5', b'hmac-sha1']
t.supportedCompressions = [b'*****@*****.**', b'zlib', b'none']
t.factory = self
return t
def __init__(self, portal):
self.services = {
'ssh-userauth': userauth.SSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
self.publicKeys = {
'ssh-rsa': keys.Key.fromFile('host_keys/host_rsa.pub')
}
self.privateKeys = {
'ssh-rsa': keys.Key.fromFile('host_keys/host_rsa')
}
self.protocol = SSHServerTransport
self.primes = parseModuliFile('/etc/moduli')
self.portal = portal
def buildProtocol(self, addr):
"""
Create an instance of the server side of the SSH protocol.
@type addr: L{twisted.internet.interfaces.IAddress} provider
@param addr: The address at which the server will listen.
@rtype: L{cowrie.ssh.transport.HoneyPotSSHTransport}
@return: The built transport.
"""
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
t = transport.HoneyPotSSHTransport()
try:
t.ourVersionString = self.cfg.get('honeypot', 'ssh_version_string')
except:
t.ourVersionString = "SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2"
t.supportedPublicKeys = list(self.privateKeys.keys())
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError as err:
pass
if not self.primes:
ske = t.supportedKeyExchanges[:]
if 'diffie-hellman-group-exchange-sha1' in ske:
ske.remove('diffie-hellman-group-exchange-sha1')
log.msg("No moduli, no diffie-hellman-group-exchange-sha1")
if 'diffie-hellman-group-exchange-sha256' in ske:
ske.remove('diffie-hellman-group-exchange-sha256')
log.msg("No moduli, no diffie-hellman-group-exchange-sha256")
t.supportedKeyExchanges = ske
# Reorder supported ciphers to resemble current openssh more
t.supportedCiphers = ['aes128-ctr', 'aes192-ctr', 'aes256-ctr',
'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc',
'aes192-cbc', 'aes256-cbc']
t.supportedPublicKeys = ['ssh-rsa', 'ssh-dss']
t.supportedMACs = ['hmac-md5', 'hmac-sha1']
t.supportedCompressions = ['*****@*****.**', 'zlib', 'none']
t.factory = self
return t
def buildProtocol(self, addr):
"""
Create an instance of the server side of the SSH protocol.
@type addr: L{twisted.internet.interfaces.IAddress} provider
@param addr: The address at which the server will listen.
@rtype: L{twisted.conch.ssh.SSHServerTransport}
@return: The built transport.
"""
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
# FIXME: try to mimic something real 100%
t = HoneyPotTransport()
if self.cfg.has_option('honeypot', 'ssh_version_string'):
t.ourVersionString = self.cfg.get('honeypot', 'ssh_version_string')
else:
t.ourVersionString = "SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2"
t.supportedPublicKeys = self.privateKeys.keys()
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError as err:
pass
if not self.primes:
log.msg(
"Moduli not found, disabling diffie-hellman-group-exchange-sha1"
)
ske = t.supportedKeyExchanges[:]
ske.remove('diffie-hellman-group-exchange-sha1')
t.supportedKeyExchanges = ske
# reorder supported ciphers to resemble current openssh more
t.supportedCiphers = [
'aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-cbc', '3des-cbc',
'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc'
]
t.supportedPublicKeys = ['ssh-rsa', 'ssh-dss']
t.supportedMACs = ['hmac-md5', 'hmac-sha1']
t.factory = self
return t
def buildProtocol(self, addr):
"""
Create an instance of the server side of the SSH protocol.
@type addr: L{twisted.internet.interfaces.IAddress} provider
@param addr: The address at which the server will listen.
@rtype: L{twisted.conch.ssh.SSHServerTransport}
@return: The built transport.
"""
log.msg(" MICHEL: currently open session %s" % self.sessions )
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
# FIXME: try to mimic something real 100%
t = HoneyPotTransport()
if self.cfg.has_option('honeypot', 'ssh_version_string'):
t.ourVersionString = self.cfg.get('honeypot', 'ssh_version_string')
else:
t.ourVersionString = "SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2"
t.supportedPublicKeys = self.privateKeys.keys()
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError as err:
pass
if not self.primes:
log.msg("Moduli not found, disabling diffie-hellman-group-exchange-sha1")
ske = t.supportedKeyExchanges[:]
ske.remove('diffie-hellman-group-exchange-sha1')
t.supportedKeyExchanges = ske
# reorder supported ciphers to resemble current openssh more
t.supportedCiphers = ['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc']
t.supportedPublicKeys = ['ssh-rsa', 'ssh-dss']
t.supportedMACs = ['hmac-md5', 'hmac-sha1']
t.factory = self
return t
def buildProtocol(self, addr):
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
t = SSHTransport()
t.ourVersionString = "SSH-2.0-OpenSSH_Mock MockSSH.py"
t.supportedPublicKeys = self.privateKeys.keys()
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError:
pass
if not self.primes:
ske = t.supportedKeyExchanges[:]
ske.remove('diffie-hellman-group-exchange-sha1')
t.supportedKeyExchanges = ske
t.factory = self
return t
def buildProtocol(self, addr):
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
t = SSHTransport()
t.ourVersionString = "SSH-2.0-OpenSSH_Mock MockSSH.py"
t.supportedPublicKeys = self.privateKeys.keys()
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError:
pass
if not self.primes:
ske = t.supportedKeyExchanges[:]
ske.remove('diffie-hellman-group-exchange-sha1')
t.supportedKeyExchanges = ske
t.factory = self
return t
def buildProtocol(self, addr):
"""
Create an instance of the server side of the SSH protocol.
@type addr: L{twisted.internet.interfaces.IAddress} provider
@param addr: The address at which the server will listen.
@rtype: L{twisted.conch.ssh.SSHServerTransport}
@return: The built transport.
"""
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
cfg = config()
t = HoneyPotTransport()
if cfg.has_option('honeypot', 'ssh_version_string'):
t.ourVersionString = cfg.get('honeypot', 'ssh_version_string')
else:
t.ourVersionString = "SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2"
t.supportedPublicKeys = list(self.privateKeys.keys())
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError as err:
pass
if not self.primes:
log.msg(
"Moduli not found, disabling diffie-hellman-group-exchange-sha1"
)
ske = t.supportedKeyExchanges[:]
ske.remove('diffie-hellman-group-exchange-sha1')
t.supportedKeyExchanges = ske
t.factory = self
return t
def buildProtocol(self, addr):
"""
Create an instance of the server side of the SSH protocol.
@type addr: L{twisted.internet.interfaces.IAddress} provider
@param addr: The address at which the server will listen.
@rtype: L{twisted.conch.ssh.SSHServerTransport}
@return: The built transport.
"""
_modulis = '/etc/ssh/moduli', '/private/etc/moduli'
cfg = config()
# FIXME: try to mimic something real 100%
t = HoneyPotTransport()
if cfg.has_option('honeypot', 'ssh_version_string'):
t.ourVersionString = cfg.get('honeypot','ssh_version_string')
else:
t.ourVersionString = "SSH-2.0-OpenSSH_5.1p1 Debian-5"
t.supportedPublicKeys = self.privateKeys.keys()
for _moduli in _modulis:
try:
self.primes = primes.parseModuliFile(_moduli)
break
except IOError as err:
pass
if not self.primes:
ske = t.supportedKeyExchanges[:]
ske.remove('diffie-hellman-group-exchange-sha1')
t.supportedKeyExchanges = ske
t.factory = self
return t
def buildProtocol(self, addr):
"""
Create an instance of the server side of the SSH protocol.
@type addr: L{twisted.internet.interfaces.IAddress} provider
@param addr: The address at which the server will listen.
@rtype: L{twisted.conch.ssh.SSHServerTransport}
@return: The built transport.
"""
_moduli = '/etc/ssh/moduli'
cfg = config()
# FIXME: try to mimic something real 100%
t = HoneyPotTransport()
if cfg.has_option('honeypot', 'ssh_version_string'):
t.ourVersionString = cfg.get('honeypot','ssh_version_string')
else:
t.ourVersionString = "SSH-2.0-OpenSSH_5.1p1 Debian-5"
t.supportedPublicKeys = self.privateKeys.keys()
if ( os.path.exists( _moduli ) ):
self.primes = primes.parseModuliFile( _moduli )
if not self.primes:
ske = t.supportedKeyExchanges[:]
ske.remove('diffie-hellman-group-exchange-sha1')
t.supportedKeyExchanges = ske
# reorder supported ciphers to resemble current openssh more
t.supportedCiphers = ['aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-cbc', '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'aes192-cbc', 'aes256-cbc' ]
t.supportedPublicKeys = ['ssh-rsa', 'ssh-dss']
t.supportedMACs = [ 'hmac-md5', 'hmac-sha1']
t.factory = self
return t
def getPrimes(self):
try:
return primes.parseModuliFile(self.moduliRoot + '/moduli')
except IOError:
return None
def getPrimes(self):
try:
return primes.parseModuliFile(self.moduliRoot + "/moduli")
except OSError:
return None
def getPrimes(self):
try:
return primes.parseModuliFile(self.moduliRoot+'/moduli')
except IOError:
return None
