diff --git a/docker/honeypots/Dockerfile b/docker/honeypots/Dockerfile new file mode 100644 index 00000000..1a87306a --- /dev/null +++ b/docker/honeypots/Dockerfile @@ -0,0 +1,65 @@ +FROM alpine:3.14 +# +# Include dist +ADD dist/ /root/dist/ +# +# Install packages +RUN apk -U add \ + build-base \ + freetds \ + freetds-dev \ + gcc \ + git \ + hiredis \ + jpeg-dev \ + libcap \ + libffi-dev \ + libpq \ + musl-dev \ + openssl \ + openssl-dev \ + postgresql-dev \ + py3-pip \ + python3 \ + python3-dev \ + zlib-dev && \ +# +# Install honeypots from GitHub and setup + mkdir -p /opt \ + /var/log/honeypots && \ + cd /opt/ && \ + #git clone https://github.com/qeeqbox/honeypots && \ + git clone https://github.com/t3chn0m4g3/honeypots && \ + cd honeypots && \ + #git checkout 7c654a3ef2c564ae6f1247bf302d652037080163 && \ + pip3 install --upgrade pip && \ + pip3 install hiredis && \ + pip3 install . && \ + setcap cap_net_bind_service=+ep /usr/bin/python3.9 && \ +# +# Setup user, groups and configs + addgroup -g 2000 honeypots && \ + adduser -S -H -s /bin/ash -u 2000 -D -g 2000 honeypots && \ + chown honeypots:honeypots -R /opt/honeypots && \ + chown honeypots:honeypots -R /var/log/honeypots && \ + mv /root/dist/config.json /opt/honeypots/ && \ +# +# Clean up + apk del --purge build-base \ + freetds-dev \ + git \ + jpeg-dev \ + libffi-dev \ + openssl-dev \ + postgresql-dev \ + python3-dev \ + zlib-dev && \ + rm -rf /root/* && \ + rm -rf /var/cache/apk/* +# +# Start honeypots +STOPSIGNAL SIGINT +USER honeypots:honeypots +WORKDIR /opt/honeypots/ +CMD python3 -m honeypots --setup all --config config.json +#CMD python3 -m honeypots --setup telnet --config config.json diff --git a/docker/honeypots/dist/config.json b/docker/honeypots/dist/config.json new file mode 100644 index 00000000..f7793c15 --- /dev/null +++ b/docker/honeypots/dist/config.json @@ -0,0 +1,120 @@ +{ + "logs":"file,terminal", + "logs_location":"/var/log/honeypots/", + "honeypots": { + "dns": { + "port": 53, + "ip": "0.0.0.0", + "username": "administrator", + "password": "123456" + }, + "ftp": { + "port": 21, + "ip": "0.0.0.0", + "username": "ftp", + "password": "anonymous" + }, + "httpproxy": { + "port": 8080, + "ip": "0.0.0.0", + "username": "admin", + "password": "admin" + }, + "http": { + "port": 80, + "ip": "0.0.0.0", + "username": "admin", + "password": "admin" + }, + "https": { + "port": 443, + "ip": "0.0.0.0", + "username": "admin", + "password": "admin" + }, + "imap": { + "port": 143, + "ip": "0.0.0.0", + "username": "root", + "password": "123456" + }, + "mysql": { + "port": 3306, + "ip": "0.0.0.0", + "username": "root", + "password": "123456" + }, + "pop3": { + "port": 110, + "ip": "0.0.0.0", + "username": "root", + "password": "123456" + }, + "postgres": { + "port": 5432, + "ip": "0.0.0.0", + "username": "postgres", + "password": "123456" + }, + "redis": { + "port": 6379, + "ip": "0.0.0.0", + "username": "root", + "password": "" + }, + "smb": { + "port": 445, + "ip": "0.0.0.0", + "username": "administrator", + "password": "123456" + }, + "smtp": { + "port": 25, + "ip": "0.0.0.0", + "username": "root", + "password": "123456" + }, + "socks5": { + "port": 1080, + "ip": "0.0.0.0", + "username": "admin", + "password": "admin" + }, + "ssh": { + "port": 22, + "ip": "0.0.0.0", + "username": "root", + "password": "123456" + }, + "telnet": { + "port": 23, + "ip": "0.0.0.0", + "username": "root", + "password": "123456" + }, + "vnc": { + "port": 5900, + "ip": "0.0.0.0", + "username": "administrator", + "password": "123456" + }, + "elastic": { + "port": 9200, + "ip": "0.0.0.0", + "username": "elastic", + "password": "123456" + }, + "mssql": { + "port": 1433, + "ip": "0.0.0.0", + "username": "sa", + "password": "" + }, + "ldap": { + "port": 389, + "ip": "0.0.0.0", + "username": "administrator", + "password": "123456" + } + } +} diff --git a/docker/honeypots/docker-compose.yml b/docker/honeypots/docker-compose.yml new file mode 100644 index 00000000..7bf3df65 --- /dev/null +++ b/docker/honeypots/docker-compose.yml @@ -0,0 +1,42 @@ +version: '2.3' + +networks: + honeypots_local: + +services: + +# Honeypots service + honeypots: + build: . + container_name: honeypots + stdin_open: true + tty: true + restart: always + tmpfs: + - /tmp:uid=2000,gid=2000 + networks: + - honeypots_local + ports: + - "21:21" + - "22:22" + - "23:23" + - "25:25" + - "53:53/udp" + - "80:80" + - "110:110" + - "143:143" + - "389:389" + - "443:443" + - "445:445" + - "1080:1080" + - "1433:1433" + - "3306:3306" + - "5432:5432" + - "5900:5900" + - "6379:6379" + - "8080:8080" + - "9200:9200" + image: "dtagdevsec/honeypots:2006" + read_only: true + volumes: + - /data/honeypots/log:/var/log/honeypots