diff --git a/docker/cowrie/Dockerfile b/docker/cowrie/Dockerfile index e1c44e76..97a34dd1 100644 --- a/docker/cowrie/Dockerfile +++ b/docker/cowrie/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.19 +FROM alpine:3.20 # # Include dist COPY dist/ /root/dist/ @@ -40,10 +40,9 @@ RUN apk --no-cache -U add \ # Install cowrie mkdir -p /home/cowrie && \ cd /home/cowrie && \ - # git clone --depth=1 https://github.com/cowrie/cowrie -b v2.5.0 && \ git clone https://github.com/cowrie/cowrie && \ cd cowrie && \ - git checkout 3394082040c02d91e79efa2c640ad68da9fe2231 && \ + git checkout 347b61fb081d68ae6e15e3d6d0da65c82985014a && \ mkdir -p log && \ cp /root/dist/requirements.txt . && \ pip3 install --break-system-packages --upgrade pip && \ diff --git a/docker/cowrie/dist/cowrie.cfg b/docker/cowrie/dist/cowrie.cfg index e0ced785..7201a263 100644 --- a/docker/cowrie/dist/cowrie.cfg +++ b/docker/cowrie/dist/cowrie.cfg @@ -18,8 +18,8 @@ auth_class_parameters = 2, 5, 10 data_path = /tmp/cowrie/data [shell] -filesystem = share/cowrie/fs.pickle -processes = share/cowrie/cmdoutput.json +filesystem = src/cowrie/data/fs.pickle +processes = src/cowrie/data/cmdoutput.json #arch = linux-x64-lsb arch = bsd-aarch64-lsb, bsd-aarch64-msb, bsd-bfin-msb, bsd-mips-lsb, bsd-mips-msb, bsd-mips64-lsb, bsd-mips64-msb, bsd-powepc-msb, bsd-powepc64-lsb, bsd-riscv64-lsb, bsd-sparc-msb, bsd-sparc64-msb, bsd-x32-lsb, bsd-x64-lsb, linux-aarch64-lsb, linux-aarch64-msb, linux-alpha-lsb, linux-am33-lsb, linux-arc-lsb, linux-arc-msb, linux-arm-lsb, linux-arm-msb, linux-avr32-lsb, linux-bfin-lsb, linux-c6x-lsb, linux-c6x-msb, linux-cris-lsb, linux-frv-msb, linux-h8300-msb, linux-hppa-msb, linux-hppa64-msb, linux-ia64-lsb, linux-m32r-msb, linux-m68k-msb, linux-microblaze-msb, linux-mips-lsb, linux-mips-msb, linux-mips64-lsb, linux-mips64-msb, linux-mn10300-lsb, linux-nios-lsb, linux-nios-msb, linux-powerpc-lsb, linux-powerpc-msb, linux-powerpc64-lsb, linux-powerpc64-msb, linux-riscv64-lsb, linux-s390x-msb, linux-sh-lsb, linux-sh-msb, linux-sparc-msb, linux-sparc64-msb, linux-tilegx-lsb, linux-tilegx-msb, linux-tilegx64-lsb, linux-tilegx64-msb, linux-x64-lsb, linux-x86-lsb, linux-xtensa-msb, osx-x32-lsb, osx-x64-lsb kernel_version = 5.15.0-23-generic-amd64 diff --git a/docker/cowrie/dist/cowrie_tpot.cfg b/docker/cowrie/dist/cowrie_tpot.cfg deleted file mode 100644 index 70510dd1..00000000 --- a/docker/cowrie/dist/cowrie_tpot.cfg +++ /dev/null @@ -1,72 +0,0 @@ -[honeypot] -hostname = ubuntu -log_path = log -download_path = dl -share_path= share/cowrie -state_path = /tmp/cowrie/data -etc_path = etc -contents_path = honeyfs -txtcmds_path = txtcmds -ttylog = true -ttylog_path = log/tty -interactive_timeout = 180 -authentication_timeout = 120 -backend = shell -timezone = UTC -auth_class = AuthRandom -auth_class_parameters = 2, 5, 10 -data_path = /tmp/cowrie/data - -[shell] -filesystem = share/cowrie/fs.pickle -processes = share/cowrie/cmdoutput.json -#arch = linux-x64-lsb -arch = bsd-aarch64-lsb, bsd-aarch64-msb, bsd-bfin-msb, bsd-mips-lsb, bsd-mips-msb, bsd-mips64-lsb, bsd-mips64-msb, bsd-powepc-msb, bsd-powepc64-lsb, bsd-riscv64-lsb, bsd-sparc-msb, bsd-sparc64-msb, bsd-x32-lsb, bsd-x64-lsb, linux-aarch64-lsb, linux-aarch64-msb, linux-alpha-lsb, linux-am33-lsb, linux-arc-lsb, linux-arc-msb, linux-arm-lsb, linux-arm-msb, linux-avr32-lsb, linux-bfin-lsb, linux-c6x-lsb, linux-c6x-msb, linux-cris-lsb, linux-frv-msb, linux-h8300-msb, linux-hppa-msb, linux-hppa64-msb, linux-ia64-lsb, linux-m32r-msb, linux-m68k-msb, linux-microblaze-msb, linux-mips-lsb, linux-mips-msb, linux-mips64-lsb, linux-mips64-msb, linux-mn10300-lsb, linux-nios-lsb, linux-nios-msb, linux-powerpc-lsb, linux-powerpc-msb, linux-powerpc64-lsb, linux-powerpc64-msb, linux-riscv64-lsb, linux-s390x-msb, linux-sh-lsb, linux-sh-msb, linux-sparc-msb, linux-sparc64-msb, linux-tilegx-lsb, linux-tilegx-msb, linux-tilegx64-lsb, linux-tilegx64-msb, linux-x64-lsb, linux-x86-lsb, linux-xtensa-msb, osx-x32-lsb, osx-x64-lsb -kernel_version = 3.2.0-4-amd64 -kernel_build_string = #1 SMP Debian 3.2.68-1+deb7u1 -hardware_platform = x86_64 -operating_system = GNU/Linux -ssh_version = OpenSSH_7.9p1, OpenSSL 1.1.1a 20 Nov 2018 - -[ssh] -enabled = true -rsa_public_key = etc/ssh_host_rsa_key.pub -rsa_private_key = etc/ssh_host_rsa_key -dsa_public_key = etc/ssh_host_dsa_key.pub -dsa_private_key = etc/ssh_host_dsa_key -ecdsa_public_key = etc/ssh_host_ecdsa_key.pub -ecdsa_private_key = etc/ssh_host_ecdsa_key -ed25519_public_key = etc/ssh_host_ed25519_key.pub -ed25519_private_key = etc/ssh_host_ed25519_key -public_key_auth = ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 -#version = SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2 -version = SSH-2.0-OpenSSH_7.9p1 -ciphers = aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc -macs = hmac-sha2-512,hmac-sha2-384,hmac-sha2-56,hmac-sha1,hmac-md5 -compression = zlib@openssh.com,zlib,none -listen_endpoints = tcp:22:interface=0.0.0.0 -sftp_enabled = true -forwarding = true -forward_redirect = false -forward_tunnel = false -auth_none_enabled = false -auth_keyboard_interactive_enabled = true - -[telnet] -enabled = true -listen_endpoints = tcp:23:interface=0.0.0.0 -reported_port = 23 - -[output_jsonlog] -enabled = true -logfile = log/cowrie.json -epoch_timestamp = false - -[output_textlog] -enabled = false -logfile = log/cowrie-textlog.log -format = text - -[output_crashreporter] -enabled = false -debug = false