bump qHoneypots to latest master, adjust config for commands input

2025-05-13 19:58:08 +00:00 · 2022-06-07 11:19:34 +00:00 · 2022-06-07 11:19:34 +00:00 · a28dfec046
commit a28dfec046
parent 8993f59001
4 changed files with 77 additions and 29 deletions
--- a/docker/honeypots/Dockerfile
+++ b/docker/honeypots/Dockerfile
@ -54,7 +54,8 @@ RUN apk -U --no-cache add \
    cd /opt/ && \
    git clone https://github.com/qeeqbox/honeypots && \
    cd honeypots && \
-    git checkout bee3147cf81837ba7639f1e27fe34d717ecccf29 && \
+#    git checkout bee3147cf81837ba7639f1e27fe34d717ecccf29 && \
    git checkout 473541e1ac45d9a4df98098a5f8fee32a2fddc03 && \
    cp /root/dist/setup.py . && \
    pip3 install --upgrade pip && \
    pip3 install . && \
--- a/docker/honeypots/dist/config.json
+++ b/docker/honeypots/dist/config.json
@ -4,9 +4,7 @@
   "syslog_address":"",
   "syslog_facility":0,
   "postgres":"",
-   "db_options":[
+   "db_options":[],
   ],
   "filter":"",
   "interface":"",
   "honeypots":{
@ -26,7 +24,8 @@
         "password":"anonymous",
         "log_file_name":"ftp.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
         "options":["capture_commands"]
      },
      "httpproxy":{
         "port":8080,
@ -35,7 +34,8 @@
         "password":"admin",
         "log_file_name":"httpproxy.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
         "options":["capture_commands"]
      },
      "http":{
         "port":80,
@ -45,7 +45,7 @@
         "log_file_name":"http.log",
         "max_bytes":0,
         "backup_count":10,
-	 "options":"fix_get_client_ip"
+	 "options":["capture_commands","fix_get_client_ip"]
      },
      "https":{
         "port":443,
@ -54,7 +54,8 @@
         "password":"admin",
         "log_file_name":"https.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands","fix_get_client_ip"]
      },
      "imap":{
         "port":143,
@ -63,7 +64,8 @@
         "password":"123456",
         "log_file_name":"imap.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "mysql":{
         "port":3306,
@ -72,7 +74,8 @@
         "password":"123456",
         "log_file_name":"mysql.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "pop3":{
         "port":110,
@ -81,7 +84,8 @@
         "password":"123456",
         "log_file_name":"pop3.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "postgres":{
         "port":5432,
@ -90,7 +94,8 @@
         "password":"123456",
         "log_file_name":"postgres.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "redis":{
         "port":6379,
@ -99,7 +104,8 @@
         "password":"",
         "log_file_name":"redis.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "smb":{
         "port":445,
@ -108,7 +114,8 @@
         "password":"123456",
         "log_file_name":"smb.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "smtp":{
         "port":25,
@ -116,8 +123,9 @@
         "username":"root",
         "password":"123456",
         "log_file_name":"smtp.log",
-         "max_bytes":0,
+         "max_bytes":10000,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "socks5":{
         "port":1080,
@ -126,7 +134,8 @@
         "password":"admin",
         "log_file_name":"socks5.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "ssh":{
         "port":22,
@ -135,7 +144,8 @@
         "password":"123456",
         "log_file_name":"ssh.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "telnet":{
         "port":23,
@ -144,7 +154,8 @@
         "password":"123456",
         "log_file_name":"telnet.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "vnc":{
         "port":5900,
@ -153,7 +164,8 @@
         "password":"123456",
         "log_file_name":"vnc.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "elastic":{
         "port":9200,
@ -162,7 +174,8 @@
         "password":"123456",
         "log_file_name":"elastic.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "mssql":{
         "port":1433,
@ -171,7 +184,8 @@
         "password":"",
         "log_file_name":"mssql.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "ldap":{
         "port":389,
@ -180,7 +194,8 @@
         "password":"123456",
         "log_file_name":"ldap.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "ntp":{
         "port":123,
@ -189,7 +204,8 @@
         "password":"123456",
         "log_file_name":"ntp.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "memcache":{
         "port":11211,
@ -198,7 +214,8 @@
         "password":"123456",
         "log_file_name":"memcache.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "oracle":{
         "port":1521,
@ -207,7 +224,8 @@
         "password":"123456",
         "log_file_name":"oracle.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "snmp":{
         "port":161,
@ -216,7 +234,28 @@
         "password":"123456",
         "log_file_name":"snmp.log",
         "max_bytes":0,
-         "backup_count":10
+         "backup_count":10,
 	 "options":["capture_commands"]
      },
      "sip":{
         "port":5060,
         "ip":"0.0.0.0",
         "username":"",
         "password":"",
         "log_file_name":"sip.log",
         "max_bytes":0,
         "backup_count":10,
         "options":["capture_commands"]
      },
      "irc":{
         "port":6667,
         "ip":"0.0.0.0",
         "username":"",
         "password":"",
         "log_file_name":"irc.log",
         "max_bytes":10000,
         "backup_count":10,
         "options":["capture_commands"]
      }
   },
   "custom_filter":{
--- a/docker/honeypots/docker-compose.yml
+++ b/docker/honeypots/docker-compose.yml
@ -26,18 +26,24 @@ services:
     - "53:53/udp"
     - "80:80"
     - "110:110"
     - "123:123"
     - "143:143"
     - "161:161"
     - "389:389"
     - "443:443"
     - "445:445"
     - "1080:1080"
     - "1433:1433"
     - "1521:1521"
     - "3306:3306"
     - "5060:5060"
     - "5432:5432"
     - "5900:5900"
     - "6379:6379"
     - "6667:6667"
     - "8080:8080"
     - "9200:9200"
     - "11211:11211"
    image: "dtagdevsec/honeypots:2204"
    read_only: true
    volumes:
--- a/etc/compose/mini.yml
+++ b/etc/compose/mini.yml
@ -31,9 +31,9 @@ services:
     - "53:53/udp"
     - "80:80"
     - "110:110"
-     - "123:123/udp"
+     - "123:123"
     - "143:143"
-     - "161:161/udp"
+     - "161:161"
     - "389:389"
     - "443:443"
     - "445:445"
@ -41,9 +41,11 @@ services:
     - "1433:1433"
     - "1521:1521"
     - "3306:3306"
     - "5060:5060"
     - "5432:5432"
     - "5900:5900"
     - "6379:6379"
     - "6667:6667"
     - "8080:8080"
     - "9200:9200"
     - "11211:11211"