kippo/kippo.tac

# Copyright (c) 2009 Upi Tamminen <desaster@gmail.com>
# See the COPYRIGHT file for more information

import sys, os
if sys.platform == 'win32':
    import os, inspect
    # this is when just running on win32
    sys.path.insert(0, os.path.abspath(os.getcwd()))
    # and this is when running as a service
    #os.chdir(os.path.dirname(inspect.getfile(inspect.currentframe())))

from twisted.internet import reactor, defer
from twisted.application import internet, service
from twisted.cred import portal
from twisted.conch.ssh import factory, keys

if os.name == 'posix' and os.getuid() == 0:
    print 'ERROR: You must not run kippo as root!'
    sys.exit(1)

if not os.path.exists('kippo.cfg'):
    print 'ERROR: kippo.cfg is missing!'
    sys.exit(1)

from kippo.core import honeypot
from kippo.core.config import config

factory = honeypot.HoneyPotSSHFactory()
factory.portal = portal.Portal(honeypot.HoneyPotRealm())

pubKeyString, privKeyString = honeypot.getRSAKeys()
# This is only the initial password, the rest will be in data/pass.db
users = (
    ('root', '123456'),
    )
factory.portal.registerChecker(honeypot.HoneypotPasswordChecker(users))
factory.publicKeys = {'ssh-rsa': keys.Key.fromString(data=pubKeyString)}
factory.privateKeys = {'ssh-rsa': keys.Key.fromString(data=privKeyString)}

application = service.Application('honeypot')
service = internet.TCPServer(
    int(config().get('honeypot', 'ssh_port')), factory)
service.setServiceParent(application)

# vim: set ft=python sw=4 et:
A bunch of changes: * filesystem has a new field A_REALFILE, which can be set to point to a real file within dl/ or honeyfs/ for use with cat or tar * createfs.py update * Added copyright texts & BSD license * Command arguments are now parsed with shlex and passed to commands as a list * new HoneyPotFilesystem methods: mkdir, realfile, update_realfile, is_dir * New command: reboot * Improved ls * A local copy of env.commands is now kept for each session to allow dynamic changes * New commands module: dice - contains random commands assigned to newly created files * Improved tar - pretends to create real files now * Something else I forgot git-svn-id: https://kippo.googlecode.com/svn/trunk@34 951d7100-d841-11de-b865-b3884708a8e2 2009-11-20 16:48:45 +01:00			`# Copyright (c) 2009 Upi Tamminen <desaster@gmail.com>`
			`# See the COPYRIGHT file for more information`

Display an error if trying to run as root, or if kippo.cfg is missing git-svn-id: https://kippo.googlecode.com/svn/trunk@102 951d7100-d841-11de-b865-b3884708a8e2 2010-04-12 19:08:03 +02:00			`import sys, os`
win32 tweaks git-svn-id: https://kippo.googlecode.com/svn/trunk@45 951d7100-d841-11de-b865-b3884708a8e2 2009-11-22 01:05:06 +01:00			`if sys.platform == 'win32':`
			`import os, inspect`
			`# this is when just running on win32`
			`sys.path.insert(0, os.path.abspath(os.getcwd()))`
			`# and this is when running as a service`
win32 tweaks git-svn-id: https://kippo.googlecode.com/svn/trunk@46 951d7100-d841-11de-b865-b3884708a8e2 2009-11-22 01:49:53 +01:00			`#os.chdir(os.path.dirname(inspect.getfile(inspect.currentframe())))`

don't import default, it was just a test git-svn-id: https://kippo.googlecode.com/svn/trunk@47 951d7100-d841-11de-b865-b3884708a8e2 2009-11-22 02:01:36 +01:00			`from twisted.internet import reactor, defer`
win32 tweaks git-svn-id: https://kippo.googlecode.com/svn/trunk@46 951d7100-d841-11de-b865-b3884708a8e2 2009-11-22 01:49:53 +01:00			`from twisted.application import internet, service`
			`from twisted.cred import portal`
			`from twisted.conch.ssh import factory, keys`
Display an error if trying to run as root, or if kippo.cfg is missing git-svn-id: https://kippo.googlecode.com/svn/trunk@102 951d7100-d841-11de-b865-b3884708a8e2 2010-04-12 19:08:03 +02:00
			`if os.name == 'posix' and os.getuid() == 0:`
			`print 'ERROR: You must not run kippo as root!'`
			`sys.exit(1)`

			`if not os.path.exists('kippo.cfg'):`
			`print 'ERROR: kippo.cfg is missing!'`
			`sys.exit(1)`

move core/ and commands/ to kippo/ git-svn-id: https://kippo.googlecode.com/svn/trunk@50 951d7100-d841-11de-b865-b3884708a8e2 2009-11-22 08:07:58 +01:00			`from kippo.core import honeypot`
			`from kippo.core.config import config`
Switch to using a .tac file instead of kippo.py git-svn-id: https://kippo.googlecode.com/svn/trunk@32 951d7100-d841-11de-b865-b3884708a8e2 2009-11-19 16:24:57 +01:00
			`factory = honeypot.HoneyPotSSHFactory()`
			`factory.portal = portal.Portal(honeypot.HoneyPotRealm())`

			`pubKeyString, privKeyString = honeypot.getRSAKeys()`
To prevent suspicion, have only one initial easy password (123456) git-svn-id: https://kippo.googlecode.com/svn/trunk@105 951d7100-d841-11de-b865-b3884708a8e2 2010-04-14 11:38:29 +02:00			`# This is only the initial password, the rest will be in data/pass.db`
Add HoneypotPasswordChecker which will log attempted passwords and allow multiple passwords for one user git-svn-id: https://kippo.googlecode.com/svn/trunk@39 951d7100-d841-11de-b865-b3884708a8e2 2009-11-21 12:07:26 +01:00			`users = (`
according to http://www.securityfocus.com/infocus/1876, "123456" should be the most common password attempt git-svn-id: https://kippo.googlecode.com/svn/trunk@41 951d7100-d841-11de-b865-b3884708a8e2 2009-11-21 13:58:52 +01:00			`('root', '123456'),`
Add HoneypotPasswordChecker which will log attempted passwords and allow multiple passwords for one user git-svn-id: https://kippo.googlecode.com/svn/trunk@39 951d7100-d841-11de-b865-b3884708a8e2 2009-11-21 12:07:26 +01:00			`)`
			`factory.portal.registerChecker(honeypot.HoneypotPasswordChecker(users))`
Switch to using a .tac file instead of kippo.py git-svn-id: https://kippo.googlecode.com/svn/trunk@32 951d7100-d841-11de-b865-b3884708a8e2 2009-11-19 16:24:57 +01:00			`factory.publicKeys = {'ssh-rsa': keys.Key.fromString(data=pubKeyString)}`
			`factory.privateKeys = {'ssh-rsa': keys.Key.fromString(data=privKeyString)}`

			`application = service.Application('honeypot')`
move configuration to kippo.cfg (ConfigParser) git-svn-id: https://kippo.googlecode.com/svn/trunk@48 951d7100-d841-11de-b865-b3884708a8e2 2009-11-22 07:56:30 +01:00			`service = internet.TCPServer(`
			`int(config().get('honeypot', 'ssh_port')), factory)`
Switch to using a .tac file instead of kippo.py git-svn-id: https://kippo.googlecode.com/svn/trunk@32 951d7100-d841-11de-b865-b3884708a8e2 2009-11-19 16:24:57 +01:00			`service.setServiceParent(application)`

			`# vim: set ft=python sw=4 et:`