Merge pull request #2 from RicYaben/ssh-plugin

Fixes SSH protocol and clean the app

.gitignore

@@ -1,16 +1,6 @@
-# Binaries for programs and plugins
-*.exe
-*.exe~
-*.dll
-*.so
-*.dylib
-
 # Test binary, built with `go test -c`
 *.test
 
-# Production binary folder
-bin/
-
 # Output of the go coverage tool, specifically when used with LiteIDE
 *.out
 
@@ -22,17 +12,14 @@ bin/
 .vscode/
 .DS_Store
 .dccache
+.iac-data
 ## VSCode workspace file
 workspace*.code-*
 
-# Vendor folder
+# Transit folders
 /vendor/
-
-# Plugins
-*.so
-
-# TCPdump
-build/tcpdump/
+/statik/
+/bin/
 
 # whatever the rules are, include all the `.md` files
 !*.md

Makefile

@@ -4,7 +4,7 @@ SHELL := /bin/bash
 APPNAME=riotpot
 DOCKER=build/docker/
 PLUGINS_DIR=pkg/plugin
-EXCLUDE_PLUGINS= sshd modbusd echod coapd telnetd mqttd httpd
+EXCLUDE_PLUGINS= modbusd coapd mqttd
 
 # docker cmd below
 .PHONY:  docker-build-doc docker-doc-up up down up-all build build-plugins build-all ui
@@ -20,9 +20,9 @@ up-all:
 	riotpot-doc
 	riotpot-up
 build:
-	go build -gcflags='all=-N -l' -o ./bin/ ./cmd/riotpot/.
+	@go build -gcflags='all=-N -l' -o ./bin/ ./cmd/riotpot/.
 build-plugins: $(PLUGINS_DIR)/*
-	IFS=' ' read -r -a exclude <<< "${EXCLUDE_PLUGINS}"; \
+	@IFS=' ' read -r -a exclude <<< "${EXCLUDE_PLUGINS}"; \
 	for folder in $^ ; do \
 		result=$${folder%%+(/)}; \
 		result=$${result##*/}; \

build/docker/docker-compose.yaml

@@ -26,7 +26,7 @@ services:
     container_name: tcpdump
     network_mode: "host"
     volumes:
-      - ../tcpdump:/tcpdump
+      - ../../tcpdump:/tcpdump
     # Run tcdump in autorotating mode, with gzip compression
     # The files will be rotated every 24h or 500MB and named
     # after the timestamp when the file is created.
@@ -52,7 +52,7 @@ services:
       # Ports under 60 might see errors when unquoted
       # https://stackoverflow.com/questions/58810789/quotes-on-docker-compose-yml-ports-make-any-difference
       - "7:7"
-      # - "22:22"
+      - "22:22"
       - "23:23"
       - "80:80"
       - "502:502"

cmd/riotpot/flags.go

@@ -18,7 +18,7 @@ import (
 	"github.com/riotpot/api/service"
 	"github.com/riotpot/internal/globals"
 	"github.com/riotpot/internal/logger"
-	"github.com/riotpot/pkg"
+	"github.com/riotpot/internal/plugins"
 	"github.com/rs/zerolog"
 
 	_ "github.com/riotpot/statik"
@@ -39,7 +39,7 @@ var (
 var (
 	debug        = flag.Bool("debug", true, "Set log level to debug")
 	runApi       = flag.Bool("api", true, "Whether to start the API")
-	plugins      = flag.Bool("plugins", true, "Whether to load the low-interaction honeypot plugins")
+	loadPlugins  = flag.Bool("plugins", true, "Whether to load the low-interaction honeypot plugins")
 	allowedHosts = flag.String("whitelist", "http://127.0.0.1,http://localhost:3000", "List of allowed hosts to contact the API")
 )
 
@@ -85,8 +85,8 @@ func ParseFlags() {
 	}
 
 	// Load the plugins
-	if *plugins {
-		pkg.LoadPlugins()
+	if *loadPlugins {
+		plugins.LoadPlugins()
 	}
 
 	// Starts the API

internal/plugins/keys.go

@@ -0,0 +1,91 @@
+package plugins
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+
+	"github.com/riotpot/internal/logger"
+)
+
+type (
+	KeyType string
+	KeySize int
+)
+
+const (
+	Public  KeyType = "public"
+	Private KeyType = "private"
+
+	InsecureKey KeySize = 1024
+	LiteKey     KeySize = 2048
+	DefaultKey  KeySize = 4096
+)
+
+type CKey interface {
+	Generate() []byte
+	GetPEM() []byte
+	SetPEM(pem []byte)
+}
+
+type AbstractKey struct {
+	CKey
+	pem []byte
+}
+
+func (k *AbstractKey) GetPEM() []byte {
+	return k.pem
+}
+
+func (k *AbstractKey) SetPEM(pem []byte) {
+	k.pem = pem
+}
+
+type PrivateKey struct {
+	key  AbstractKey
+	priv *rsa.PrivateKey
+}
+
+func (k *PrivateKey) GetPEM() []byte {
+	return k.key.GetPEM()
+}
+
+func (k *PrivateKey) SetPEM(pem []byte) {
+	k.key.SetPEM(pem)
+}
+
+func (k *PrivateKey) SetKey(key *rsa.PrivateKey) {
+	k.priv = key
+}
+
+// Function to Generate and store a private RSA key and PEM
+func (k *PrivateKey) Generate(size KeySize) (cert []byte) {
+	reader := rand.Reader
+	priv, err := rsa.GenerateKey(reader, int(size))
+	if err != nil {
+		logger.Log.Fatal().Err(err)
+	}
+
+	err = priv.Validate()
+	if err != nil {
+		logger.Log.Fatal().Err(err)
+	}
+
+	block := &pem.Block{
+		Type:  "RSA PRIVATE KEY",
+		Bytes: x509.MarshalPKCS1PrivateKey(priv),
+	}
+	cert = pem.EncodeToMemory(block)
+
+	k.SetKey(priv)
+	k.SetPEM(cert)
+	return
+}
+
+func NewPrivateKey(size KeySize) *PrivateKey {
+	k := &PrivateKey{}
+
+	k.Generate(size)
+	return k
+}

pkg/plugins.go → internal/plugins/plugins.go

@@ -1,14 +1,13 @@
-package pkg
+package plugins
 
 import (
 	"fmt"
 	"path/filepath"
 	"plugin"
 
 	"github.com/riotpot/internal/logger"
-	proxies "github.com/riotpot/internal/proxy"
+	"github.com/riotpot/internal/proxy"
 	"github.com/riotpot/internal/services"
-	"github.com/riotpot/tools/errors"
 )
 
 var (
@@ -24,19 +23,19 @@ func getServicePlugin(path string) services.Service {
 
 	// Open the plugin within the path
 	pg, err := plugin.Open(path)
-	errors.Raise(err)
+	logger.Log.Fatal().Err(err)
 
 	// check the name of the function that exports the service
 	// The plugin *Must* contain a variable called `Plugin`.
 	s, err := pg.Lookup("Plugin")
-	errors.Raise(err)
+	logger.Log.Fatal().Err(err)
 
 	// log the name of the plugin being loaded
 	fmt.Printf("Loading plugin: %s...\n", *s.(*string))
 
 	// check if the reference symbol exists in the plugin
 	rf, err := pg.Lookup(*s.(*string))
-	errors.Raise(err)
+	logger.Log.Error().Err(err)
 
 	// Load the service in a variable as the interface Service.
 	newservice := rf.(func() services.Service)()
@@ -88,13 +87,13 @@ func LoadPlugins() (errors []error) {
 
 	// Create proxies for each of the started plugins
 	for _, service := range plugins {
-		proxy, err := proxies.Proxies.CreateProxy(service.GetNetwork(), service.GetPort()-pluginOffset)
+		px, err := proxy.Proxies.CreateProxy(service.GetNetwork(), service.GetPort()-pluginOffset)
 		if err != nil {
 			logger.Log.Error().Err(err)
 		}
 
 		// Add the service to the proxy
-		proxy.SetService(service)
+		px.SetService(service)
 	}
 
 	return

pkg/plugin/coapd/coapd.go

@@ -66,8 +66,6 @@ func (c *Coap) Run() (err error) {
 	// This will cause all the requests to go through this function.
 	r.DefaultHandleFunc(c.observeHandler)
 
-	lr.Log.Info().Msgf("Service %s started listenning for connections in port %d", c.GetName(), c.GetPort())
-
 	// Run the server listening on the given port and using the defined
 	// lvl4 layer protocol.
 	err = coap.ListenAndServe(c.GetNetwork().String(), fmt.Sprintf(":%d", c.GetPort()), r)

pkg/plugin/coapd/profiles.go

@@ -14,7 +14,7 @@ import (
 	"time"
 
 	"github.com/google/uuid"
-	"github.com/riotpot/tools/errors"
+	"github.com/riotpot/internal/logger"
 	"gopkg.in/yaml.v3"
 )
 
@@ -33,9 +33,9 @@ type Profile struct {
 
 func (p *Profile) Load(path string) {
 	data, err := os.ReadFile(path)
-	errors.Raise(err)
+	logger.Log.Error().Err(err)
 	err = yaml.Unmarshal(data, &p)
-	errors.Raise(err)
+	logger.Log.Error().Err(err)
 }
 
 // Method that provides a getter for topics and anso creates the topic

pkg/plugin/echod/echod.go

@@ -6,10 +6,8 @@ import (
 	"net"
 
 	"github.com/riotpot/internal/globals"
+	"github.com/riotpot/internal/logger"
 	"github.com/riotpot/internal/services"
-	"github.com/riotpot/tools/errors"
-
-	lr "github.com/riotpot/internal/logger"
 )
 
 var Plugin string
@@ -43,7 +41,7 @@ func (e *Echo) Run() (err error) {
 
 	// start a service in the `echo` port
 	listener, err := net.Listen(e.GetNetwork().String(), port)
-	errors.Raise(err)
+	logger.Log.Error().Err(err)
 
 	// build a channel stack to receive connections to the service
 	conn := make(chan net.Conn)
@@ -59,7 +57,6 @@ func (e *Echo) Run() (err error) {
 // inspired on https://gist.github.com/paulsmith/775764#file-echo-go
 func (e *Echo) serve(ch chan net.Conn, listener net.Listener) {
 	// open an infinite loop to receive connections
-	lr.Log.Info().Msgf("Service %s started listenning for connections in port %d", e.GetName(), e.GetPort())
 	for {
 		// Accept the client connection
 		client, err := listener.Accept()

pkg/plugin/httpd/httpd.go

@@ -14,7 +14,7 @@ var Plugin string
 const (
 	name    = "HTTP"
 	network = globals.TCP
-	port    = 8080
+	port    = 80
 )
 
 func init() {
@@ -49,7 +49,6 @@ func (h *Http) Run() (err error) {
 }
 
 func (h *Http) serve(srv *http.Server) {
-	fmt.Printf("[%s] Started listenning for connections in port %d\n", h.GetName(), h.GetPort())
 	if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
 		lr.Log.Fatal().Err(err)
 	}

pkg/plugin/modbusd/modbusd.go

@@ -6,8 +6,8 @@ import (
 	"net"
 
 	"github.com/riotpot/internal/globals"
+	"github.com/riotpot/internal/logger"
 	"github.com/riotpot/internal/services"
-	"github.com/riotpot/tools/errors"
 	"github.com/xiegeo/modbusone"
 )
 
@@ -54,7 +54,7 @@ func (m *Modbus) Run() (err error) {
 
 	// start a service in the `echo` port
 	listener, err := net.Listen("tcp", port)
-	errors.Raise(err)
+	logger.Log.Error().Err(err)
 
 	// build a channel stack to receive connections to the service
 	conn := make(chan net.Conn)
@@ -67,7 +67,6 @@ func (m *Modbus) Run() (err error) {
 // inspired on https://gist.github.com/paulsmith/775764#file-echo-go
 func (m *Modbus) serve(ch chan net.Conn, listener net.Listener) {
 	// open an infinite loop to receive connections
-	fmt.Printf("[%s] Started listenning for connections in port %d\n", m.GetName(), m.GetPort())
 	for {
 		// Accept the client connection
 		client, err := listener.Accept()