prepare for citrixhoneypot

2025-04-20 06:02:24 +00:00 · 2020-01-15 10:37:48 +00:00 · 2020-01-15 10:37:48 +00:00 · 755cbb77db
commit 755cbb77db
parent 2ed0f939d1
2 changed files with 67 additions and 0 deletions
--- a/docker/citrixhoneypot/Dockerfile
+++ b/docker/citrixhoneypot/Dockerfile
@ -0,0 +1,46 @@
+FROM alpine 
+#
+# Include dist
+#ADD dist/ /root/dist/
+#
+# Install packages
+RUN apk -U add \
+            git \
+            libcap \
+	    openssl \
+            python3 \
+            python3-dev && \
+#
+# Install Citrix Honeypot from GitHub
+    git clone --depth=1 https://github.com/malwaretech/citrixhoneypot /opt/citrixhoneypot && \
+#    sed -i 's/dst_ip/dest_ip/' /opt/adbhoney/adbhoney/core.py && \
+#    sed -i 's/dst_port/dest_port/' /opt/adbhoney/adbhoney/core.py && \
+#
+# Setup user, groups and configs
+    mkdir -p /opt/citrixhoneypot/logs /opt/citrixhoneypot/ssl && \
+    openssl req \
+          -nodes \
+          -x509 \
+          -sha512 \
+          -newkey rsa:2048 \
+          -keyout "/opt/citrixhoneypot/ssl/key.pem" \
+          -out "/opt/citrixhoneypot/ssl/cert.pem" \
+          -days 365 \
+          -subj '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd' && \
+    addgroup -g 2000 citrixhoneypot && \
+    adduser -S -H -s /bin/ash -u 2000 -D -g 2000 citrixhoneypot && \
+    chown -R citrixhoneypot:citrixhoneypot /opt/citrixhoneypot && \
+    setcap cap_net_bind_service=+ep /usr/bin/python3.8 && \
+#
+# Clean up
+    apk del --purge git \
+                    openssl \
+                    python3-dev && \
+    rm -rf /root/* && \
+    rm -rf /var/cache/apk/*
+#
+# Set workdir and start citrixhoneypot
+STOPSIGNAL SIGINT
+USER citrixhoneypot:citrixhoneypot
+WORKDIR /opt/citrixhoneypot/
+CMD nohup /usr/bin/python3 CitrixHoneypot.py
--- a/docker/citrixhoneypot/docker-compose.yml
+++ b/docker/citrixhoneypot/docker-compose.yml
@ -0,0 +1,21 @@
+version: '2.3'
+
+networks:
+  citrixhoneypot_local:
+
+services:
+
+# CitrixHoneypot service
+  citrixhoneypot:
+    build: .
+    container_name: citrixhoneypot
+    restart: always
+    networks:
+     - citrixhoneypot_local
+    ports:
+     - "443:443"
+    image: "dtagdevsec/citrixhoneypot:1903"
+#    read_only: true
+#    volumes:
+#     - /data/adbhoney/log:/opt/adbhoney/log
+#     - /data/adbhoney/downloads:/opt/adbhoney/dl