Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-01 20:42:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

start integrating honeysap

Browse source
This commit is contained in:
t3chn0m4g3 2020-06-19 11:54:50 +00:00
parent 5a479b0d8e
commit a7c653e7fe
8 changed files with 35 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
bin/clean.sh
View file

@ -180,6 +180,14 @@ fuHONEYPY () {
chown tpot:tpot /data/honeypy -R chown tpot:tpot /data/honeypy -R
} }
# Let's create a function to clean up and prepare honeysap data
fuHONEYSAP () {
if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/honeysap/*; fi
mkdir -p /data/honeysap/log
chmod 770 /data/honeysap -R
chown tpot:tpot /data/honeysap -R
}
# Let's create a function to clean up and prepare honeytrap data # Let's create a function to clean up and prepare honeytrap data
fuHONEYTRAP () { fuHONEYTRAP () {
if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/honeytrap/*; fi if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/honeytrap/*; fi
@ -286,6 +294,7 @@ if [ "$myPERSISTENCE" = "on" ];
fuFATT fuFATT
fuGLUTTON fuGLUTTON
fuHERALDING fuHERALDING
fuHONEYSAP
fuHONEYPY fuHONEYPY
fuHONEYTRAP fuHONEYTRAP
fuMAILONEY fuMAILONEY

1
bin/hptest.sh
View file

@ -87,6 +87,7 @@ curl -XPOST -H "Content-Type: application/json" -d '{"name":"test","email":"test
echo "I20100" | timeout --foreground 3 nc "$myHOST" 10001 & echo "I20100" | timeout --foreground 3 nc "$myHOST" 10001 &
findscu -P -k PatientName="*" $myHOST 11112 & findscu -P -k PatientName="*" $myHOST 11112 &
getscu -P -k PatientName="*" $myHOST 11112 & getscu -P -k PatientName="*" $myHOST 11112 &
telnet $myHOST 3299 &
fuSCAN "180" "7,8,102,135,161,1025,1080,5000,9200" "$myHOST" "-sC -sS -sU -sV" fuSCAN "180" "7,8,102,135,161,1025,1080,5000,9200" "$myHOST" "-sC -sS -sU -sV"
fuSCAN "180" "2048,4096,5432" "$myHOST" "-sC -sS -sU -sV --version-light" fuSCAN "180" "2048,4096,5432" "$myHOST" "-sC -sS -sU -sV --version-light"
fuSCAN "120" "20,21" "$myHOST" "--script=ftp* -sC -sS -sV" fuSCAN "120" "20,21" "$myHOST" "--script=ftp* -sC -sS -sV"

15
docker/honeysap/Dockerfile
View file

@ -8,15 +8,15 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
apk -U --no-cache add \ apk -U --no-cache add \
build-base \ build-base \
git \ git \
libcap \ libstdc++ \
py2-markupsafe \ py2-markupsafe \
python2 \ python2 \
python2-dev \ python2-dev \
py2-pip \ py2-pip && \
tcpdump && \
# #
# Clone honeysap from git # Clone honeysap from git
git clone --depth=1 https://github.com/SecureAuthCorp/HoneySAP /opt/honeysap && \ # git clone --depth=1 https://github.com/SecureAuthCorp/HoneySAP /opt/honeysap && \
git clone --depth=1 https://github.com/t3chn0m4g3/HoneySAP /opt/honeysap && \
cd /opt/honeysap && \ cd /opt/honeysap && \
mkdir conf && \ mkdir conf && \
cp /root/dist/* conf/ && \ cp /root/dist/* conf/ && \
@ -27,14 +27,17 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
addgroup -g 2000 honeysap && \ addgroup -g 2000 honeysap && \
adduser -S -s /bin/ash -u 2000 -D -g 2000 honeysap && \ adduser -S -s /bin/ash -u 2000 -D -g 2000 honeysap && \
chown -R honeysap:honeysap /opt/honeysap && \ chown -R honeysap:honeysap /opt/honeysap && \
# setcap cap_net_bind_service=+ep /opt/honeypy/env/bin/python && \
# #
# Clean up # Clean up
apk del --purge git && \ apk del --purge \
build-base \
git \
python2-dev && \
rm -rf /root/* \ rm -rf /root/* \
/var/cache/apk/* /var/cache/apk/*
# #
# Set workdir and start honeysap # Set workdir and start honeysap
STOPSIGNAL SIGKILL
USER honeysap:honeysap USER honeysap:honeysap
WORKDIR /opt/honeysap WORKDIR /opt/honeysap
CMD ["/opt/honeysap/bin/honeysap", "--config-file", "/opt/honeysap/conf/honeysap.yml"] CMD ["/opt/honeysap/bin/honeysap", "--config-file", "/opt/honeysap/conf/honeysap.yml"]

1
docker/honeysap/docker-compose.yml
View file

@ -14,7 +14,6 @@ services:
- honeysap_local - honeysap_local
ports: ports:
- "3299:3299" - "3299:3299"
- "8001:8001"
image: "dtagdevsec/honeysap:2006" image: "dtagdevsec/honeysap:2006"
volumes: volumes:
- /data/honeysap/log:/opt/honeysap/log - /data/honeysap/log:/opt/honeysap/log

13
etc/compose/nextgen.yml
View file

@ -15,6 +15,7 @@ networks:
elasticpot_local: elasticpot_local:
heralding_local: heralding_local:
honeypy_local: honeypy_local:
honeysap_local:
mailoney_local: mailoney_local:
medpot_local: medpot_local:
rdpy_local: rdpy_local:
@ -302,6 +303,18 @@ services:
volumes: volumes:
- /data/honeypy/log:/opt/honeypy/log - /data/honeypy/log:/opt/honeypy/log
# HoneySAP service
honeysap:
container_name: honeysap
restart: always
networks:
- honeysap_local
ports:
- "3299:3299"
image: "dtagdevsec/honeysap:2006"
volumes:
- /data/honeysap/log:/opt/honeysap/log
# Mailoney service # Mailoney service
mailoney: mailoney:
container_name: mailoney container_name: mailoney

1
etc/logrotate/logrotate.conf
View file

@ -20,6 +20,7 @@
/data/heralding/log/*.csv /data/heralding/log/*.csv
/data/heralding/log/*.json /data/heralding/log/*.json
/data/honeypy/log/*.log /data/honeypy/log/*.log
/data/honeysap/log/*.log
/data/honeytrap/log/*.log /data/honeytrap/log/*.log
/data/honeytrap/log/*.json /data/honeytrap/log/*.json
/data/mailoney/log/*.log /data/mailoney/log/*.log

1
iso/installer/install.sh
View file

@ -789,6 +789,7 @@ mkdir -vp /data/adbhoney/{downloads,log} \
/data/glutton/log \ /data/glutton/log \
/data/heralding/log \ /data/heralding/log \
/data/honeypy/log \ /data/honeypy/log \
/data/honeysap/log \
/data/mailoney/log \ /data/mailoney/log \
/data/medpot/log \ /data/medpot/log \
/data/nginx/{log,heimdall} \ /data/nginx/{log,heimdall} \

1
update.sh
View file

@ -237,6 +237,7 @@ mkdir -vp /data/adbhoney/{downloads,log} \
/data/glutton/log \ /data/glutton/log \
/data/heralding/log \ /data/heralding/log \
/data/honeypy/log \ /data/honeypy/log \
/data/honeysap/log \
/data/mailoney/log \ /data/mailoney/log \
/data/medpot/log \ /data/medpot/log \
/data/nginx/{log,heimdall} \ /data/nginx/{log,heimdall} \