-
Notifications
You must be signed in to change notification settings - Fork 11
/
cowrie.tac
63 lines (51 loc) · 2.19 KB
/
cowrie.tac
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# Copyright (c) 2009 Upi Tamminen <[email protected]>
# See the COPYRIGHT file for more information
import sys, os
if sys.platform == 'win32':
import os, inspect
# this is when just running on win32
sys.path.insert(0, os.path.abspath(os.getcwd()))
# and this is when running as a service
#os.chdir(os.path.dirname(inspect.getfile(inspect.currentframe())))
from twisted.application import internet, service
from twisted.cred import portal
from twisted.conch.ssh import factory, keys
if os.name == 'posix' and os.getuid() == 0:
print 'ERROR: You must not run cowrie as root!'
sys.exit(1)
if not os.path.exists('cowrie.cfg'):
print 'ERROR: cowrie.cfg is missing!'
sys.exit(1)
from cowrie.core import auth
from cowrie.core import ssh
from cowrie.core.config import config
factory = ssh.HoneyPotSSHFactory()
factory.portal = portal.Portal(ssh.HoneyPotRealm())
factory.portal.registerChecker(auth.HoneypotPublicKeyChecker())
factory.portal.registerChecker(auth.HoneypotPasswordChecker())
rsa_pubKeyString, rsa_privKeyString = ssh.getRSAKeys()
dsa_pubKeyString, dsa_privKeyString = ssh.getDSAKeys()
factory.publicKeys = {'ssh-rsa': keys.Key.fromString(data=rsa_pubKeyString),
'ssh-dss': keys.Key.fromString(data=dsa_pubKeyString)}
factory.privateKeys = {'ssh-rsa': keys.Key.fromString(data=rsa_privKeyString),
'ssh-dss': keys.Key.fromString(data=dsa_privKeyString)}
cfg = config()
if cfg.has_option('honeypot', 'ssh_addr'):
ssh_addr = cfg.get('honeypot', 'ssh_addr')
else:
ssh_addr = '0.0.0.0'
application = service.Application('honeypot')
for i in ssh_addr.split():
service = internet.TCPServer(
int(cfg.get('honeypot', 'ssh_port')), factory,
interface=i)
service.setServiceParent(application)
if cfg.has_option('honeypot', 'interact_enabled') and \
cfg.get('honeypot', 'interact_enabled').lower() in \
('yes', 'true', 'on'):
iport = int(cfg.get('honeypot', 'interact_port'))
from cowrie.core import interact
from twisted.internet import protocol
service = internet.TCPServer(iport, interact.makeInteractFactory(factory))
service.setServiceParent(application)
# vim: set ft=python sw=4 et: