Commit 2eb6d902 authored by Michal Horejsek's avatar Michal Horejsek

Final addresses and JSON format

parent 00e599b2
...@@ -16,8 +16,8 @@ all: ...@@ -16,8 +16,8 @@ all:
prepare-dev: prepare-dev:
apt-get install -y python python-pip python3 python3-pip sshpass apt-get install -y python python-pip python3 python3-pip sshpass
python2 -m pip install twisted>=16.0 python2 -m pip install "twisted>=16.0"
python3 -m pip install twisted>=16.6 python3 -m pip install "twisted>=16.6"
# Test dependencies # Test dependencies
python2 -m pip install pylint pytest mock python2 -m pip install pylint pytest mock
...@@ -28,16 +28,16 @@ prepare-dev: ...@@ -28,16 +28,16 @@ prepare-dev:
gem install --no-ri --no-rdoc fpm gem install --no-ri --no-rdoc fpm
test: test:
which python2 && python2 -m pytest test_honeypot_proxy.py || true if [ `which python2` ]; then python2 -m pytest test_honeypot_proxy.py; fi
which python3 && python3 -m pytest test_honeypot_proxy.py || true if [ `which python3` ]; then python3 -m pytest test_honeypot_proxy.py; fi
lint: lint:
python3 -m pylint --rcfile=pylintrc honeypot_proxy.py python3 -m pylint --rcfile=pylintrc honeypot_proxy.py
run-py2: run-py2:
sudo python2 honeypot_proxy.py --user-id 42 sudo python2 honeypot_proxy.py --device-token 42
run-py3: run-py3:
sudo python3 honeypot_proxy.py --user-id 42 sudo python3 honeypot_proxy.py --device-token 42
build: build:
# Debian packages # Debian packages
......
...@@ -6,16 +6,20 @@ tag SSH activity with your account ID so you can watch your log online. ...@@ -6,16 +6,20 @@ tag SSH activity with your account ID so you can watch your log online.
Script has hardcoded address of honeypot running at CZ.NIC. It shouldn't Script has hardcoded address of honeypot running at CZ.NIC. It shouldn't
be changed but if does or you need to use proxy or send it to own honeypot, be changed but if does or you need to use proxy or send it to own honeypot,
use optional arguments honeypot-host and honeypot-port. use optional arguments `--honeypot-host` and `--honeypot-port`.
Script contains one pre-generated key. If you want to use own, create one Script contains one pre-generated key. If you want to use own, create one
with following command: with the following command:
$ ssh-keygen -t rsa -b 4096 $ ssh-keygen -t rsa -b 4096
Store it in some path and then pass it as: Store it in some path and then pass it as:
--public-key "$(< /path/id_rsa.pub)" --private-key "$(< /path/id_rsa)" --public-key "$(< /path/id_rsa.pub)" --private-key "$(< /path/id_rsa)"
Example usage:
$ honeypot_proxy.py --device-token XXX
""" """
import argparse import argparse
...@@ -36,9 +40,9 @@ from twisted.python import log ...@@ -36,9 +40,9 @@ from twisted.python import log
from twisted.python import components from twisted.python import components
DEFAULT_PORT = 5022 DEFAULT_PORT = 2222
DEFAULT_HONEYPOT_HOST = 'localhost' DEFAULT_HONEYPOT_HOST = 'haas-app.nic.cz'
DEFAULT_HONEYPOT_PORT = 2222 DEFAULT_HONEYPOT_PORT = 10000
# pylint: disable=line-too-long # pylint: disable=line-too-long
DEFAULT_PUBLIC_KEY = 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC2jdAE4EAAKikW6W/dDmWS/0lQ1jWM6c6Ef+KpGr+jW83/XIR2reWXeeDTIEluL20JV/P2+2bvVShNr4w8SWitcYKTpwkSgGYHo2vAQvXArx/CsRnTAP6NwrxuZoLNO52fMXQWSrqs0tEvkzYXR3PcR6Cq07RN7QkYNWctCYJxdw==' DEFAULT_PUBLIC_KEY = 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC2jdAE4EAAKikW6W/dDmWS/0lQ1jWM6c6Ef+KpGr+jW83/XIR2reWXeeDTIEluL20JV/P2+2bvVShNr4w8SWitcYKTpwkSgGYHo2vAQvXArx/CsRnTAP6NwrxuZoLNO52fMXQWSrqs0tEvkzYXR3PcR6Cq07RN7QkYNWctCYJxdw=='
...@@ -65,8 +69,8 @@ def main(): ...@@ -65,8 +69,8 @@ def main():
""" """
parser = argparse.ArgumentParser(description=__doc__, formatter_class=argparse.RawTextHelpFormatter) parser = argparse.ArgumentParser(description=__doc__, formatter_class=argparse.RawTextHelpFormatter)
parser.add_argument( parser.add_argument(
'-u', '--user-id', '-d', '--device-token',
dest='user_id', dest='device_token',
required=True, required=True,
help='Your ID at honeypot.labs.nic.cz. If you don\'t have one, sign up first.', help='Your ID at honeypot.labs.nic.cz. If you don\'t have one, sign up first.',
) )
...@@ -214,8 +218,8 @@ class ProxySSHSession(SSHSessionForUnixConchUser): ...@@ -214,8 +218,8 @@ class ProxySSHSession(SSHSessionForUnixConchUser):
""" """
peer = self.avatar.conn.transport.transport.getPeer() peer = self.avatar.conn.transport.transport.getPeer()
password_data = { password_data = {
'password': force_text(self.avatar.password), 'pass': force_text(self.avatar.password),
'user_id': self.cmd_args.user_id, 'device_token': self.cmd_args.device_token,
'remote': peer.host, 'remote': peer.host,
'remote_port': peer.port, 'remote_port': peer.port,
} }
......
...@@ -17,7 +17,9 @@ setup( ...@@ -17,7 +17,9 @@ setup(
packages=[], packages=[],
scripts=['honeypot_proxy.py'], scripts=['honeypot_proxy.py'],
install_requires=['twisted>={}'.format(TWISTED_VERSION)], install_requires=[
'twisted>={}'.format(TWISTED_VERSION),
],
url='https://haas.nic.cz', url='https://haas.nic.cz',
author='CZ.NIC Labs', author='CZ.NIC Labs',
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment