mirror of
				https://github.com/telekom-security/tpotce.git
				synced 2025-10-26 10:14:45 +00:00 
			
		
		
		
	hellpot cleanup and prep for endlessh
This commit is contained in:
		
							parent
							
								
									e6402b793c
								
							
						
					
					
						commit
						a2071eb4d2
					
				
					 4 changed files with 91 additions and 2 deletions
				
			
		
							
								
								
									
										42
									
								
								docker/endlessh/Dockerfile
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										42
									
								
								docker/endlessh/Dockerfile
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,42 @@ | ||||||
|  | FROM alpine:3.13 as builder | ||||||
|  | # | ||||||
|  | # Include dist | ||||||
|  | ADD dist/ /root/dist/ | ||||||
|  | # | ||||||
|  | # Install packages | ||||||
|  | RUN apk -U add --no-cache \ | ||||||
|  |             build-base \ | ||||||
|  | 	    git \ | ||||||
|  |             libcap && \ | ||||||
|  | # | ||||||
|  | # Install endlessh from git | ||||||
|  |     git clone https://github.com/skeeto/endlessh /opt/endlessh && \ | ||||||
|  |     cd /opt/endlessh && \ | ||||||
|  |     git checkout dfe44eb2c5b6fc3c48a39ed826fe0e4459cdf6ef && \ | ||||||
|  |     make && \ | ||||||
|  |     mv /opt/endlessh/endlessh /root/dist | ||||||
|  | # | ||||||
|  | FROM alpine:3.14 | ||||||
|  | # | ||||||
|  | COPY --from=builder /root/dist/* /opt/endlessh/ | ||||||
|  | # | ||||||
|  | # Install packages | ||||||
|  | RUN apk -U add --no-cache \ | ||||||
|  |             libcap && \ | ||||||
|  | # | ||||||
|  | # Setup user, groups and configs | ||||||
|  |     mkdir -p /var/log/endlessh && \ | ||||||
|  |     addgroup -g 2000 endlessh && \ | ||||||
|  |     adduser -S -H -s /bin/ash -u 2000 -D -g 2000 endlessh && \ | ||||||
|  |     chown -R endlessh:endlessh /opt/endlessh && \ | ||||||
|  |     #setcap cap_net_bind_service=+ep /usr/bin/python3.8 && \ | ||||||
|  | # | ||||||
|  | # Clean up | ||||||
|  |     rm -rf /root/* && \ | ||||||
|  |     rm -rf /var/cache/apk/* | ||||||
|  | # | ||||||
|  | # Set workdir and start endlessh | ||||||
|  | STOPSIGNAL SIGINT | ||||||
|  | USER endlessh:endlessh | ||||||
|  | WORKDIR /opt/endlessh/ | ||||||
|  | CMD ./endlessh -f endlessh.conf >/var/log/endlessh/endlessh.log | ||||||
							
								
								
									
										27
									
								
								docker/endlessh/dist/endlessh.conf
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										27
									
								
								docker/endlessh/dist/endlessh.conf
									
									
									
									
										vendored
									
									
										Normal file
									
								
							|  | @ -0,0 +1,27 @@ | ||||||
|  | # The port on which to listen for new SSH connections. | ||||||
|  | Port 2222 | ||||||
|  | 
 | ||||||
|  | # The endless banner is sent one line at a time. This is the delay | ||||||
|  | # in milliseconds between individual lines. | ||||||
|  | Delay 10000 | ||||||
|  | 
 | ||||||
|  | # The length of each line is randomized. This controls the maximum | ||||||
|  | # length of each line. Shorter lines may keep clients on for longer if | ||||||
|  | # they give up after a certain number of bytes. | ||||||
|  | MaxLineLength 32 | ||||||
|  | 
 | ||||||
|  | # Maximum number of connections to accept at a time. Connections beyond | ||||||
|  | # this are not immediately rejected, but will wait in the queue. | ||||||
|  | MaxClients 4096 | ||||||
|  | 
 | ||||||
|  | # Set the detail level for the log. | ||||||
|  | #   0 = Quiet | ||||||
|  | #   1 = Standard, useful log messages | ||||||
|  | #   2 = Very noisy debugging information | ||||||
|  | LogLevel 1 | ||||||
|  | 
 | ||||||
|  | # Set the family of the listening socket | ||||||
|  | #   0 = Use IPv4 Mapped IPv6 (Both v4 and v6, default) | ||||||
|  | #   4 = Use IPv4 only | ||||||
|  | #   6 = Use IPv6 only | ||||||
|  | BindFamily 4 | ||||||
							
								
								
									
										20
									
								
								docker/endlessh/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								docker/endlessh/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,20 @@ | ||||||
|  | version: '2.3' | ||||||
|  | 
 | ||||||
|  | networks: | ||||||
|  |   endlessh_local: | ||||||
|  | 
 | ||||||
|  | services: | ||||||
|  | 
 | ||||||
|  | # Endlessh service | ||||||
|  |   endlessh: | ||||||
|  |     build: . | ||||||
|  |     container_name: endlessh | ||||||
|  |     restart: always | ||||||
|  |     networks: | ||||||
|  |      - endlessh_local | ||||||
|  |     ports: | ||||||
|  |      - "22:2222" | ||||||
|  |     image: "dtagdevsec/endlessh:2006" | ||||||
|  |     read_only: true | ||||||
|  |     volumes: | ||||||
|  |      - /data/endlessh/log:/var/log/endlessh | ||||||
|  | @ -8,10 +8,10 @@ RUN apk -U --no-cache add \ | ||||||
|                    build-base \ |                    build-base \ | ||||||
|                    git \ |                    git \ | ||||||
|                    go \ |                    go \ | ||||||
|                    g++ |                    g++ && \ | ||||||
| # | # | ||||||
| # Setup go, hellpot | # Setup go, hellpot | ||||||
| RUN cd /root && \ |     cd /root && \ | ||||||
|     export GOPATH=/opt/go/ && \ |     export GOPATH=/opt/go/ && \ | ||||||
|     mkdir -p /opt/go && \  |     mkdir -p /opt/go && \  | ||||||
|     git clone https://github.com/yunginnanet/HellPot && \ |     git clone https://github.com/yunginnanet/HellPot && \ | ||||||
|  |  | ||||||
		Loading…
	
		Reference in a new issue
	
	 t3chn0m4g3
						t3chn0m4g3