diff --git a/docker/cowrie/dist/cowrie.cfg b/docker/cowrie/dist/cowrie.cfg index 70510dd1..123b2fda 100644 --- a/docker/cowrie/dist/cowrie.cfg +++ b/docker/cowrie/dist/cowrie.cfg @@ -22,11 +22,11 @@ filesystem = share/cowrie/fs.pickle processes = share/cowrie/cmdoutput.json #arch = linux-x64-lsb arch = bsd-aarch64-lsb, bsd-aarch64-msb, bsd-bfin-msb, bsd-mips-lsb, bsd-mips-msb, bsd-mips64-lsb, bsd-mips64-msb, bsd-powepc-msb, bsd-powepc64-lsb, bsd-riscv64-lsb, bsd-sparc-msb, bsd-sparc64-msb, bsd-x32-lsb, bsd-x64-lsb, linux-aarch64-lsb, linux-aarch64-msb, linux-alpha-lsb, linux-am33-lsb, linux-arc-lsb, linux-arc-msb, linux-arm-lsb, linux-arm-msb, linux-avr32-lsb, linux-bfin-lsb, linux-c6x-lsb, linux-c6x-msb, linux-cris-lsb, linux-frv-msb, linux-h8300-msb, linux-hppa-msb, linux-hppa64-msb, linux-ia64-lsb, linux-m32r-msb, linux-m68k-msb, linux-microblaze-msb, linux-mips-lsb, linux-mips-msb, linux-mips64-lsb, linux-mips64-msb, linux-mn10300-lsb, linux-nios-lsb, linux-nios-msb, linux-powerpc-lsb, linux-powerpc-msb, linux-powerpc64-lsb, linux-powerpc64-msb, linux-riscv64-lsb, linux-s390x-msb, linux-sh-lsb, linux-sh-msb, linux-sparc-msb, linux-sparc64-msb, linux-tilegx-lsb, linux-tilegx-msb, linux-tilegx64-lsb, linux-tilegx64-msb, linux-x64-lsb, linux-x86-lsb, linux-xtensa-msb, osx-x32-lsb, osx-x64-lsb -kernel_version = 3.2.0-4-amd64 -kernel_build_string = #1 SMP Debian 3.2.68-1+deb7u1 +kernel_version = 5.15.0-23-generic-amd64 +kernel_build_string = #25~22.04-Ubuntu SMP hardware_platform = x86_64 operating_system = GNU/Linux -ssh_version = OpenSSH_7.9p1, OpenSSL 1.1.1a 20 Nov 2018 +ssh_version = OpenSSH_8.9p1, OpenSSL 3.0.2 15 Mar 2022 [ssh] enabled = true @@ -39,8 +39,7 @@ ecdsa_private_key = etc/ssh_host_ecdsa_key ed25519_public_key = etc/ssh_host_ed25519_key.pub ed25519_private_key = etc/ssh_host_ed25519_key public_key_auth = ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 -#version = SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2 -version = SSH-2.0-OpenSSH_7.9p1 +version = SSH-2.0-OpenSSH_8.9p1 Ubuntu-2ubuntu0.10 ciphers = aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc macs = hmac-sha2-512,hmac-sha2-384,hmac-sha2-56,hmac-sha1,hmac-md5 compression = zlib@openssh.com,zlib,none diff --git a/docker/cowrie/dist/cowrie_tpot.cfg b/docker/cowrie/dist/cowrie_tpot.cfg new file mode 100644 index 00000000..70510dd1 --- /dev/null +++ b/docker/cowrie/dist/cowrie_tpot.cfg @@ -0,0 +1,72 @@ +[honeypot] +hostname = ubuntu +log_path = log +download_path = dl +share_path= share/cowrie +state_path = /tmp/cowrie/data +etc_path = etc +contents_path = honeyfs +txtcmds_path = txtcmds +ttylog = true +ttylog_path = log/tty +interactive_timeout = 180 +authentication_timeout = 120 +backend = shell +timezone = UTC +auth_class = AuthRandom +auth_class_parameters = 2, 5, 10 +data_path = /tmp/cowrie/data + +[shell] +filesystem = share/cowrie/fs.pickle +processes = share/cowrie/cmdoutput.json +#arch = linux-x64-lsb +arch = bsd-aarch64-lsb, bsd-aarch64-msb, bsd-bfin-msb, bsd-mips-lsb, bsd-mips-msb, bsd-mips64-lsb, bsd-mips64-msb, bsd-powepc-msb, bsd-powepc64-lsb, bsd-riscv64-lsb, bsd-sparc-msb, bsd-sparc64-msb, bsd-x32-lsb, bsd-x64-lsb, linux-aarch64-lsb, linux-aarch64-msb, linux-alpha-lsb, linux-am33-lsb, linux-arc-lsb, linux-arc-msb, linux-arm-lsb, linux-arm-msb, linux-avr32-lsb, linux-bfin-lsb, linux-c6x-lsb, linux-c6x-msb, linux-cris-lsb, linux-frv-msb, linux-h8300-msb, linux-hppa-msb, linux-hppa64-msb, linux-ia64-lsb, linux-m32r-msb, linux-m68k-msb, linux-microblaze-msb, linux-mips-lsb, linux-mips-msb, linux-mips64-lsb, linux-mips64-msb, linux-mn10300-lsb, linux-nios-lsb, linux-nios-msb, linux-powerpc-lsb, linux-powerpc-msb, linux-powerpc64-lsb, linux-powerpc64-msb, linux-riscv64-lsb, linux-s390x-msb, linux-sh-lsb, linux-sh-msb, linux-sparc-msb, linux-sparc64-msb, linux-tilegx-lsb, linux-tilegx-msb, linux-tilegx64-lsb, linux-tilegx64-msb, linux-x64-lsb, linux-x86-lsb, linux-xtensa-msb, osx-x32-lsb, osx-x64-lsb +kernel_version = 3.2.0-4-amd64 +kernel_build_string = #1 SMP Debian 3.2.68-1+deb7u1 +hardware_platform = x86_64 +operating_system = GNU/Linux +ssh_version = OpenSSH_7.9p1, OpenSSL 1.1.1a 20 Nov 2018 + +[ssh] +enabled = true +rsa_public_key = etc/ssh_host_rsa_key.pub +rsa_private_key = etc/ssh_host_rsa_key +dsa_public_key = etc/ssh_host_dsa_key.pub +dsa_private_key = etc/ssh_host_dsa_key +ecdsa_public_key = etc/ssh_host_ecdsa_key.pub +ecdsa_private_key = etc/ssh_host_ecdsa_key +ed25519_public_key = etc/ssh_host_ed25519_key.pub +ed25519_private_key = etc/ssh_host_ed25519_key +public_key_auth = ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 +#version = SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2 +version = SSH-2.0-OpenSSH_7.9p1 +ciphers = aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc +macs = hmac-sha2-512,hmac-sha2-384,hmac-sha2-56,hmac-sha1,hmac-md5 +compression = zlib@openssh.com,zlib,none +listen_endpoints = tcp:22:interface=0.0.0.0 +sftp_enabled = true +forwarding = true +forward_redirect = false +forward_tunnel = false +auth_none_enabled = false +auth_keyboard_interactive_enabled = true + +[telnet] +enabled = true +listen_endpoints = tcp:23:interface=0.0.0.0 +reported_port = 23 + +[output_jsonlog] +enabled = true +logfile = log/cowrie.json +epoch_timestamp = false + +[output_textlog] +enabled = false +logfile = log/cowrie-textlog.log +format = text + +[output_crashreporter] +enabled = false +debug = false