Fixed Errors + Updated Files + Added Bacnet

bin/clean.sh

@@ -65,11 +65,32 @@ logrotate -s $mySTATUS $myCONF
 }
 
 # Let's create a function to clean up and prepare conpot data
-fuCONPOT () {
-  if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot/*; fi
-  mkdir -p /data/conpot/log
-  chmod 760 /data/conpot -R
-  chown tpot:tpot /data/conpot -R
+fuCONPOT_DEFAULT () {
+  if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot_default/*; fi
+  mkdir -p /data/conpot_default/log
+  chmod 760 /data/conpot_default -R
+  chown tpot:tpot /data/conpot_default -R
+}
+
+fuCONPOT_KAMSTRUP () {
+  if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot_kamstrup/*; fi
+  mkdir -p /data/conpot_kamstrup/log
+  chmod 760 /data/conpot_kamstrup -R
+  chown tpot:tpot /data/conpot_kamstrup -R
+}
+
+fuCONPOT_GUARDIANAST () {
+  if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot_guardianast/*; fi
+  mkdir -p /data/conpot_guardianast/log
+  chmod 760 /data/conpot_guardianast -R
+  chown tpot:tpot /data/conpot_guardianast -R
+}
+
+fuCONPOT_IEC104 () {
+  if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/conpot_IEC104/*; fi
+  mkdir -p /data/conpot_IEC104/log
+  chmod 760 /data/conpot_IEC104 -R
+  chown tpot:tpot /data/conpot_IEC104 -R
 }
 
 # Let's create a function to clean up and prepare cowrie data
@@ -201,7 +222,10 @@ if [ "$myPERSISTENCE" = "on" ];
     fuLOGROTATE
   else
     echo "Cleaning up and preparing data folders."
-    fuCONPOT
+    fuCONPOT_DEFAULT
+	fuCONPOT_KAMSTRUP
+	fuCONPOT_GUARDIANAST
+	fuCONPOT_IEC104
     fuCOWRIE
     fuDIONAEA
     fuELASTICPOT

docker/conpot_IEC104/docker-compose.yml

@@ -1,4 +1,4 @@
-version: '2.1a'
+version: '2.1'
 
 networks:
   conpot_IEC104_local:

docker/conpot_default/dist/default/bacnet/bacnet.xml

@@ -0,0 +1,39 @@
+<bacnet enabled="True" host="0.0.0.0" port="47808">
+    <device_info>
+        <device_name>SystemName</device_name>
+        <device_identifier>36113</device_identifier>
+        <vendor_name>Alerton Technologies, Inc.</vendor_name>
+        <vendor_identifier>15</vendor_identifier>
+        <max_apdu_length_accepted>1024</max_apdu_length_accepted>
+        <segmentation_supported>segmentedBoth</segmentation_supported>
+        <model_name>VAV-DD Controller</model_name>
+        <protocol_version>1</protocol_version>
+    </device_info>
+    <object_list>
+        <object name="objectBinary">
+            <properties>
+                <object_identifier>12</object_identifier>
+                <object_name>BI 01</object_name>
+                <object_type>Binary Input</object_type>
+            </properties>
+        </object>
+        <object name="objectAnalog">
+            <properties>
+                <object_identifier>14</object_identifier>
+                <object_name>AI 01</object_name>
+                <object_type>Analog Input</object_type>
+                <present_value>68.0</present_value>
+            </properties>
+        </object>
+        <object name="objectDoor">
+            <properties>
+                <object_identifier>16</object_identifier>
+                <object_name>Door 01</object_name>
+                <object_type>Access Door</object_type>
+                <present_value>0</present_value>
+                <out_of_service>True</out_of_service>
+                <maintenance_required>2</maintenance_required>
+            </properties>
+        </object>
+    </object_list>
+</bacnet>

docker/conpot_default/dist/default/template.xml

@@ -4,7 +4,7 @@
         <entity name="unit">S7-200</entity>
         <entity name="vendor">Siemens</entity>
         <entity name="description">Rough simulation of a basic Siemens S7-200 CPU with 2 slaves</entity>
-        <entity name="protocols">HTTP, MODBUS, s7comm, SNMP</entity>
+        <entity name="protocols">MODBUS, s7comm, SNMP, Bacnet</entity>
         <entity name="creator">the conpot team</entity>
     </template>
     <databus>

docker/conpot_default/docker-compose.yml

@@ -1,4 +1,4 @@
-version: '2.1a'
+version: '2.1'
 
 networks:
   conpot_default_local:
@@ -14,6 +14,7 @@ services:
     ports:
      - "102:102"
      - "502:502"
+     - "47808:47808"
      - "161:161/udp"
     image: "dtagdevsec/conpot:1710"
     volumes:

docker/conpot_guardianast/docker-compose.yml

@@ -1,4 +1,4 @@
-version: '2.1a'
+version: '2.1'
 
 networks:
   conpot_guardianast_local:

docker/conpot_kamstrup/docker-compose.yml

@@ -1,4 +1,4 @@
-version: '2.1a'
+version: '2.1'
 
 networks:
   conpot_kamstrup_local:

etc/compose/all.yml

@@ -1,6 +1,6 @@
 # T-Pot (Everything)
 # For docker-compose ...
-version: '2.2a'
+version: '2.2'
 
 networks:
   conpot_kamstrup_local:
@@ -43,7 +43,8 @@ services:
     ports:
      - "102:102"
      - "502:502"
-     - "161:161/udp
+     - "47808:47808"
+     - "161:161/udp"
     image: "dtagdevsec/conpot:1710"
     volumes:
      - /data/conpot_default_local/log:/var/log/conpot_default_local

etc/compose/industrial.yml

@@ -1,6 +1,6 @@
 # T-Pot (Industrial)
 # For docker-compose ...
-version: '2.2a'
+version: '2.2'
 
 networks:
   conpot_kamstrup_local:
@@ -36,7 +36,8 @@ services:
     ports:
      - "102:102"
      - "502:502"
-     - "161:161/udp
+     - "47808:47808"
+     - "161:161/udp"
     image: "dtagdevsec/conpot:1710"
     volumes:
      - /data/conpot_default_local/log:/var/log/conpot_default_local

host/etc/systemd/tpot.service

@@ -37,7 +37,7 @@ ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 64295:64303
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 20:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 3306,3389,5060,5061,5601,5900,27017 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT
-ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 102,502,2404,10001 -j ACCEPT
+ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 102,502,2404,10001,47808 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p udp -m multiport --dports 69,161 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
 
@@ -54,7 +54,7 @@ ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 64295:64303
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 20:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 3306,3389,5060,5061,5601,5900,27017 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT
-ExecStartPre=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 102,502,2404,10001 -j ACCEPT
+ExecStartPre=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 102,502,2404,10001,47808 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -D INPUT -p udp -m multiport --dports 69,161 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE