diff --git a/.gitignore b/.gitignore
index 1a98f270..14b8fa50 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,6 @@
# Ignore data folder
data/
+_data/
**/.DS_Store
.idea
install_tpot.log
diff --git a/README.md b/README.md
index ca08ec9e..244ab837 100644
--- a/README.md
+++ b/README.md
@@ -107,32 +107,33 @@ T-Pot's main components have been moved into the `tpotinit` Docker image allowin
## Honeypots and Tools
T-Pot offers docker images for the following honeypots ...
-* [adbhoney](https://github.com/huuck/ADBHoney),
-* [beelzebub](https://github.com/mariocandela/beelzebub),
-* [ciscoasa](https://github.com/Cymmetria/ciscoasa_honeypot),
-* [citrixhoneypot](https://github.com/MalwareTech/CitrixHoneypot),
-* [conpot](http://conpot.org/),
-* [cowrie](https://github.com/cowrie/cowrie),
-* [ddospot](https://github.com/aelth/ddospot),
-* [dicompot](https://github.com/nsmfoo/dicompot),
-* [dionaea](https://github.com/DinoTools/dionaea),
-* [elasticpot](https://gitlab.com/bontchev/elasticpot),
-* [endlessh](https://github.com/skeeto/endlessh),
-* [galah](https://github.com/0x4D31/galah),
-* [go-pot](https://github.com/ryanolee/go-pot),
-* [glutton](https://github.com/mushorg/glutton),
-* [hellpot](https://github.com/yunginnanet/HellPot),
-* [heralding](https://github.com/johnnykv/heralding),
-* [honeypots](https://github.com/qeeqbox/honeypots),
-* [honeytrap](https://github.com/armedpot/honeytrap/),
-* [ipphoney](https://gitlab.com/bontchev/ipphoney),
-* [log4pot](https://github.com/thomaspatzke/Log4Pot),
-* [mailoney](https://github.com/awhitehatter/mailoney),
-* [medpot](https://github.com/schmalle/medpot),
-* [redishoneypot](https://github.com/cypwnpwnsocute/RedisHoneyPot),
-* [sentrypeer](https://github.com/SentryPeer/SentryPeer),
-* [snare](http://mushmush.org/),
-* [tanner](http://mushmush.org/),
+* [adbhoney](https://github.com/huuck/ADBHoney)
+* [beelzebub](https://github.com/mariocandela/beelzebub)
+* [ciscoasa](https://github.com/Cymmetria/ciscoasa_honeypot)
+* [citrixhoneypot](https://github.com/MalwareTech/CitrixHoneypot)
+* [conpot](http://conpot.org/)
+* [cowrie](https://github.com/cowrie/cowrie)
+* [ddospot](https://github.com/aelth/ddospot)
+* [dicompot](https://github.com/nsmfoo/dicompot)
+* [dionaea](https://github.com/DinoTools/dionaea)
+* [elasticpot](https://gitlab.com/bontchev/elasticpot)
+* [endlessh](https://github.com/skeeto/endlessh)
+* [galah](https://github.com/0x4D31/galah)
+* [go-pot](https://github.com/ryanolee/go-pot)
+* [glutton](https://github.com/mushorg/glutton)
+* [hellpot](https://github.com/yunginnanet/HellPot)
+* [heralding](https://github.com/johnnykv/heralding)
+* [honeypots](https://github.com/qeeqbox/honeypots)
+* [honeytrap](https://github.com/armedpot/honeytrap/)
+* [ipphoney](https://gitlab.com/bontchev/ipphoney)
+* [log4pot](https://github.com/thomaspatzke/Log4Pot)
+* [mailoney](https://github.com/awhitehatter/mailoney)
+* [medpot](https://github.com/schmalle/medpot)
+* [miniprint](https://github.com/sa7mon/miniprint)
+* [redishoneypot](https://github.com/cypwnpwnsocute/RedisHoneyPot)
+* [sentrypeer](https://github.com/SentryPeer/SentryPeer)
+* [snare](http://mushmush.org/)
+* [tanner](http://mushmush.org/)
* [wordpot](https://github.com/gbrindisi/wordpot)
... alongside the following tools ...
@@ -273,6 +274,7 @@ Besides the ports generally needed by the OS, i.e. obtaining a DHCP lease, DNS,
| 80, 443, 8080, 9200, 25565 | tcp | incoming | Honeypot: Log4Pot |
| 25 | tcp | incoming | Honeypot: Mailoney |
| 2575 | tcp | incoming | Honeypot: Medpot |
+| 9100 | tcp | incoming | Honeypot: Miniprint |
| 6379 | tcp | incoming | Honeypot: Redishoneypot |
| 5060 | tcp/udp | incoming | Honeypot: SentryPeer |
| 80 | tcp | incoming | Honeypot: Snare (Tanner) |
@@ -780,7 +782,7 @@ Use the search function, it is possible a similar discussion has been opened alr
# Licenses
The software that T-Pot is built on uses the following licenses.
GPLv2: [conpot](https://github.com/mushorg/conpot/blob/master/LICENSE.txt), [galah](https://github.com/0x4D31/galah?tab=Apache-2.0-1-ov-file#readme), [dionaea](https://github.com/DinoTools/dionaea/blob/master/LICENSE), [honeytrap](https://github.com/armedpot/honeytrap/blob/master/LICENSE), [suricata](https://suricata.io/features/open-source/)
-
GPLv3: [adbhoney](https://github.com/huuck/ADBHoney), [elasticpot](https://gitlab.com/bontchev/elasticpot/-/blob/master/LICENSE), [ewsposter](https://github.com/telekom-security/ews/), [log4pot](https://github.com/thomaspatzke/Log4Pot/blob/master/LICENSE), [fatt](https://github.com/0x4D31/fatt/blob/master/LICENSE), [heralding](https://github.com/johnnykv/heralding/blob/master/LICENSE.txt), [ipphoney](https://gitlab.com/bontchev/ipphoney/-/blob/master/LICENSE), [redishoneypot](https://github.com/cypwnpwnsocute/RedisHoneyPot/blob/main/LICENSE), [sentrypeer](https://github.com/SentryPeer/SentryPeer/blob/main/LICENSE.GPL-3.0-only), [snare](https://github.com/mushorg/snare/blob/master/LICENSE), [tanner](https://github.com/mushorg/snare/blob/master/LICENSE)
+
GPLv3: [adbhoney](https://github.com/huuck/ADBHoney), [elasticpot](https://gitlab.com/bontchev/elasticpot/-/blob/master/LICENSE), [ewsposter](https://github.com/telekom-security/ews/), [log4pot](https://github.com/thomaspatzke/Log4Pot/blob/master/LICENSE), [fatt](https://github.com/0x4D31/fatt/blob/master/LICENSE), [heralding](https://github.com/johnnykv/heralding/blob/master/LICENSE.txt), [ipphoney](https://gitlab.com/bontchev/ipphoney/-/blob/master/LICENSE), [miniprint](https://github.com/sa7mon/miniprint?tab=GPL-3.0-1-ov-file#readme), [redishoneypot](https://github.com/cypwnpwnsocute/RedisHoneyPot/blob/main/LICENSE), [sentrypeer](https://github.com/SentryPeer/SentryPeer/blob/main/LICENSE.GPL-3.0-only), [snare](https://github.com/mushorg/snare/blob/master/LICENSE), [tanner](https://github.com/mushorg/snare/blob/master/LICENSE)
Apache 2 License: [cyberchef](https://github.com/gchq/CyberChef/blob/master/LICENSE), [dicompot](https://github.com/nsmfoo/dicompot/blob/master/LICENSE), [elasticsearch](https://github.com/elasticsearch/elasticsearch/blob/master/LICENSE.txt), [go-pot](https://github.com/ryanolee/go-pot?tab=License-1-ov-file#readme), [logstash](https://github.com/elasticsearch/logstash/blob/master/LICENSE), [kibana](https://github.com/elasticsearch/kibana/blob/master/LICENSE.md), [docker](https://github.com/docker/docker/blob/master/LICENSE)
MIT license: [autoheal](https://github.com/willfarrell/docker-autoheal?tab=MIT-1-ov-file#readme), [beelzebub](https://github.com/mariocandela/beelzebub?tab=MIT-1-ov-file#readme), [ciscoasa](https://github.com/Cymmetria/ciscoasa_honeypot/blob/master/LICENSE), [ddospot](https://github.com/aelth/ddospot/blob/master/LICENSE), [elasticvue](https://github.com/cars10/elasticvue/blob/master/LICENSE), [glutton](https://github.com/mushorg/glutton/blob/master/LICENSE), [hellpot](https://github.com/yunginnanet/HellPot/blob/master/LICENSE), [maltrail](https://github.com/stamparm/maltrail/blob/master/LICENSE)
Unlicense: [endlessh](https://github.com/skeeto/endlessh/blob/master/UNLICENSE)
@@ -824,6 +826,7 @@ Without open source and the development community we are proud to be a part of,
* [mailoney](https://github.com/awhitehatter/mailoney)
* [maltrail](https://github.com/stamparm/maltrail/graphs/contributors)
* [medpot](https://github.com/schmalle/medpot/graphs/contributors)
+* [miniprint](https://github.com/sa7mon/miniprint/graphs/contributors)
* [p0f](http://lcamtuf.coredump.cx/p0f3/)
* [redishoneypot](https://github.com/cypwnpwnsocute/RedisHoneyPot/graphs/contributors)
* [sentrypeer](https://github.com/SentryPeer/SentryPeer/graphs/contributors)
diff --git a/compose/mac_win.yml b/compose/mac_win.yml
index 57be938b..c22dadcf 100644
--- a/compose/mac_win.yml
+++ b/compose/mac_win.yml
@@ -459,6 +459,7 @@ services:
ports:
- "8080:80"
image: ${TPOT_REPO}/wordpot:${TPOT_VERSION}
+ pull_policy: ${TPOT_PULL_POLICY}
read_only: true
volumes:
- ${TPOT_DATA_PATH}/wordpot/log:/opt/wordpot/logs/
diff --git a/compose/mobile.yml b/compose/mobile.yml
index 2ba1809b..7b929f2c 100644
--- a/compose/mobile.yml
+++ b/compose/mobile.yml
@@ -18,6 +18,7 @@ networks:
log4pot_local:
mailoney_local:
medpot_local:
+ miniprint_local:
redishoneypot_local:
sentrypeer_local:
tanner_local:
@@ -410,6 +411,24 @@ services:
volumes:
- ${TPOT_DATA_PATH}/medpot/log/:/var/log/medpot
+# Miniprint service
+ miniprint:
+ container_name: miniprint
+ restart: always
+ depends_on:
+ logstash:
+ condition: service_healthy
+ networks:
+ - miniprint_local
+ ports:
+ - "9100:9100"
+ image: ${TPOT_REPO}/miniprint:${TPOT_VERSION}
+ pull_policy: ${TPOT_PULL_POLICY}
+ read_only: true
+ volumes:
+ - ${TPOT_DATA_PATH}/miniprint/log/:/opt/miniprint/log/
+ - ${TPOT_DATA_PATH}/miniprint/uploads/:/opt/miniprint/uploads/
+
# Redishoneypot service
redishoneypot:
container_name: redishoneypot
@@ -542,6 +561,7 @@ services:
ports:
- "8080:80"
image: ${TPOT_REPO}/wordpot:${TPOT_VERSION}
+ pull_policy: ${TPOT_PULL_POLICY}
read_only: true
volumes:
- ${TPOT_DATA_PATH}/wordpot/log:/opt/wordpot/logs/
diff --git a/compose/sensor.yml b/compose/sensor.yml
index 611d561d..82aa2599 100644
--- a/compose/sensor.yml
+++ b/compose/sensor.yml
@@ -16,6 +16,7 @@ networks:
ipphoney_local:
mailoney_local:
medpot_local:
+ miniprint_local:
redishoneypot_local:
sentrypeer_local:
tanner_local:
@@ -450,6 +451,24 @@ services:
volumes:
- ${TPOT_DATA_PATH}/medpot/log/:/var/log/medpot
+# Miniprint service
+ miniprint:
+ container_name: miniprint
+ restart: always
+ depends_on:
+ tpotinit:
+ condition: service_healthy
+ networks:
+ - miniprint_local
+ ports:
+ - "9100:9100"
+ image: ${TPOT_REPO}/miniprint:${TPOT_VERSION}
+ pull_policy: ${TPOT_PULL_POLICY}
+ read_only: true
+ volumes:
+ - ${TPOT_DATA_PATH}/miniprint/log/:/opt/miniprint/log/
+ - ${TPOT_DATA_PATH}/miniprint/uploads/:/opt/miniprint/uploads/
+
# Redishoneypot service
redishoneypot:
container_name: redishoneypot
@@ -582,6 +601,7 @@ services:
ports:
- "8080:80"
image: ${TPOT_REPO}/wordpot:${TPOT_VERSION}
+ pull_policy: ${TPOT_PULL_POLICY}
read_only: true
volumes:
- ${TPOT_DATA_PATH}/wordpot/log:/opt/wordpot/logs/
diff --git a/compose/standard.yml b/compose/standard.yml
index 8d0422c9..bfc606d0 100644
--- a/compose/standard.yml
+++ b/compose/standard.yml
@@ -16,6 +16,7 @@ networks:
ipphoney_local:
mailoney_local:
medpot_local:
+ miniprint_local:
redishoneypot_local:
sentrypeer_local:
tanner_local:
@@ -452,6 +453,24 @@ services:
volumes:
- ${TPOT_DATA_PATH}/medpot/log/:/var/log/medpot
+# Miniprint service
+ miniprint:
+ container_name: miniprint
+ restart: always
+ depends_on:
+ tpotinit:
+ condition: service_healthy
+ networks:
+ - miniprint_local
+ ports:
+ - "9100:9100"
+ image: ${TPOT_REPO}/miniprint:${TPOT_VERSION}
+ pull_policy: ${TPOT_PULL_POLICY}
+ read_only: true
+ volumes:
+ - ${TPOT_DATA_PATH}/miniprint/log/:/opt/miniprint/log/
+ - ${TPOT_DATA_PATH}/miniprint/uploads/:/opt/miniprint/uploads/
+
# Redishoneypot service
redishoneypot:
container_name: redishoneypot
@@ -584,6 +603,7 @@ services:
ports:
- "8080:80"
image: ${TPOT_REPO}/wordpot:${TPOT_VERSION}
+ pull_policy: ${TPOT_PULL_POLICY}
read_only: true
volumes:
- ${TPOT_DATA_PATH}/wordpot/log:/opt/wordpot/logs/
diff --git a/compose/tpot_services.yml b/compose/tpot_services.yml
index 86d14503..e5a20a41 100644
--- a/compose/tpot_services.yml
+++ b/compose/tpot_services.yml
@@ -26,6 +26,7 @@ networks:
log4pot_local:
mailoney_local:
medpot_local:
+ miniprint_local:
redishoneypot_local:
sentrypeer_local:
tanner_local:
@@ -664,6 +665,24 @@ services:
volumes:
- ${TPOT_DATA_PATH}/medpot/log/:/var/log/medpot
+# Miniprint service
+ miniprint:
+ container_name: miniprint
+ restart: always
+ depends_on:
+ tpotinit:
+ condition: service_healthy
+ networks:
+ - miniprint_local
+ ports:
+ - "9100:9100"
+ image: ${TPOT_REPO}/miniprint:${TPOT_VERSION}
+ pull_policy: ${TPOT_PULL_POLICY}
+ read_only: true
+ volumes:
+ - ${TPOT_DATA_PATH}/miniprint/log/:/opt/miniprint/log/
+ - ${TPOT_DATA_PATH}/miniprint/uploads/:/opt/miniprint/uploads/
+
# Redishoneypot service
redishoneypot:
container_name: redishoneypot
diff --git a/doc/architecture.png b/doc/architecture.png
index 7c5c67e3..3c12f943 100644
Binary files a/doc/architecture.png and b/doc/architecture.png differ
diff --git a/docker-compose.yml b/docker-compose.yml
index 8d0422c9..bfc606d0 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -16,6 +16,7 @@ networks:
ipphoney_local:
mailoney_local:
medpot_local:
+ miniprint_local:
redishoneypot_local:
sentrypeer_local:
tanner_local:
@@ -452,6 +453,24 @@ services:
volumes:
- ${TPOT_DATA_PATH}/medpot/log/:/var/log/medpot
+# Miniprint service
+ miniprint:
+ container_name: miniprint
+ restart: always
+ depends_on:
+ tpotinit:
+ condition: service_healthy
+ networks:
+ - miniprint_local
+ ports:
+ - "9100:9100"
+ image: ${TPOT_REPO}/miniprint:${TPOT_VERSION}
+ pull_policy: ${TPOT_PULL_POLICY}
+ read_only: true
+ volumes:
+ - ${TPOT_DATA_PATH}/miniprint/log/:/opt/miniprint/log/
+ - ${TPOT_DATA_PATH}/miniprint/uploads/:/opt/miniprint/uploads/
+
# Redishoneypot service
redishoneypot:
container_name: redishoneypot
@@ -584,6 +603,7 @@ services:
ports:
- "8080:80"
image: ${TPOT_REPO}/wordpot:${TPOT_VERSION}
+ pull_policy: ${TPOT_PULL_POLICY}
read_only: true
volumes:
- ${TPOT_DATA_PATH}/wordpot/log:/opt/wordpot/logs/
diff --git a/docker/_builder/docker-compose.yml b/docker/_builder/docker-compose.yml
index 9e8a7466..26039de0 100644
--- a/docker/_builder/docker-compose.yml
+++ b/docker/_builder/docker-compose.yml
@@ -216,6 +216,15 @@ services:
context: ../medpot/
<<: *common-build
+# Miniprint
+ miniprint:
+ image: ${TPOT_DOCKER_REPO}/miniprint:${TPOT_VERSION}
+ build:
+ tags:
+ - ${TPOT_GHCR_REPO}/miniprint:${TPOT_VERSION}
+ context: ../miniprint/
+ <<: *common-build
+
# Redishoneypot
redishoneypot:
image: ${TPOT_DOCKER_REPO}/redishoneypot:${TPOT_VERSION}
diff --git a/docker/elk/logstash/dist/http_output.conf b/docker/elk/logstash/dist/http_output.conf
index b83c10ee..9ed2f627 100644
--- a/docker/elk/logstash/dist/http_output.conf
+++ b/docker/elk/logstash/dist/http_output.conf
@@ -161,6 +161,13 @@ input {
type => "Log4pot"
}
+# Miniprint
+ file {
+ path => ["/data/miniprint/log/miniprint.json"]
+ codec => json
+ type => "Miniprint"
+ }
+
# Mailoney
file {
path => ["/data/mailoney/log/commands.log"]
@@ -612,6 +619,13 @@ filter {
}
}
+# Miniprint
+ if [type] == "Miniprint" {
+ date {
+ match => [ "timestamp", "ISO8601" ]
+ }
+ }
+
# Redishoneypot
if [type] == "Redishoneypot" {
date {
diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
index b3ecb9b0..3cb41eac 100644
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@@ -175,6 +175,13 @@ input {
type => "Medpot"
}
+# Miniprint
+ file {
+ path => ["/data/miniprint/log/miniprint.json"]
+ codec => json
+ type => "Miniprint"
+ }
+
# Redishoneypot
file {
path => ["/data/redishoneypot/log/redishoneypot.log"]
@@ -612,6 +619,13 @@ filter {
}
}
+# Miniprint
+ if [type] == "Miniprint" {
+ date {
+ match => [ "timestamp", "ISO8601" ]
+ }
+ }
+
# Redishoneypot
if [type] == "Redishoneypot" {
date {
diff --git a/docker/elk/map/Dockerfile b/docker/elk/map/Dockerfile
index c946a41f..85915f25 100644
--- a/docker/elk/map/Dockerfile
+++ b/docker/elk/map/Dockerfile
@@ -13,7 +13,7 @@ RUN apk --no-cache -U add \
# Install from GitHub and setup
mkdir -p /opt && \
cd /opt/ && \
- git clone https://github.com/t3chn0m4g3/t-pot-attack-map -b 2.2.3 && \
+ git clone https://github.com/t3chn0m4g3/t-pot-attack-map -b 2.2.4 && \
cd t-pot-attack-map && \
pip3 install --break-system-packages --upgrade pip && \
pip3 install --break-system-packages -r requirements.txt && \
diff --git a/docker/miniprint/docker-compose.yml b/docker/miniprint/docker-compose.yml
index 27576d01..0a762c35 100644
--- a/docker/miniprint/docker-compose.yml
+++ b/docker/miniprint/docker-compose.yml
@@ -14,7 +14,7 @@ services:
- miniprint_local
ports:
- "9100:9100"
- image: dtagdevsec/miniprint:testing
+ image: dtagdevsec/miniprint:24.04
read_only: true
volumes:
- $HOME/tpotce/data/miniprint/log/:/opt/miniprint/log/
diff --git a/docker/tpotinit/dist/bin/clean.sh b/docker/tpotinit/dist/bin/clean.sh
index b53630e0..26121c73 100755
--- a/docker/tpotinit/dist/bin/clean.sh
+++ b/docker/tpotinit/dist/bin/clean.sh
@@ -32,6 +32,8 @@ fuLOGROTATE () {
local myDIONAEABITGZ="/data/dionaea/bistreams.tgz"
local myDIONAEABIN="/data/dionaea/binaries/"
local myDIONAEABINTGZ="/data/dionaea/binaries.tgz"
+ local myMINIPRINTU="/data/miniprint/uploads/"
+ local myMINIPRINTTGZ="/data/miniprint/uploads.tgz"
local myHONEYTRAPATTACKS="/data/honeytrap/attacks/"
local myHONEYTRAPATTACKSTGZ="/data/honeytrap/attacks.tgz"
local myHONEYTRAPDL="/data/honeytrap/downloads/"
@@ -54,21 +56,22 @@ if [ "$(fuEMPTY $myCOWRIETTYLOGS)" != "0" ]; then tar -I $myPIGZ -cvf $myCOWRIET
if [ "$(fuEMPTY $myCOWRIEDL)" != "0" ]; then tar -I $myPIGZ -cvf $myCOWRIEDLTGZ $myCOWRIEDL; fi
if [ "$(fuEMPTY $myDIONAEABI)" != "0" ]; then tar -I $myPIGZ -cvf $myDIONAEABITGZ $myDIONAEABI; fi
if [ "$(fuEMPTY $myDIONAEABIN)" != "0" ]; then tar -I $myPIGZ -cvf $myDIONAEABINTGZ $myDIONAEABIN; fi
+if [ "$(fuEMPTY $myMINIPRINTU)" != "0" ]; then tar -I $myPIGZ -cvf $myMINIPRINTTGZ $myMINIPRINTU; fi
if [ "$(fuEMPTY $myHONEYTRAPATTACKS)" != "0" ]; then tar -I $myPIGZ -cvf $myHONEYTRAPATTACKSTGZ $myHONEYTRAPATTACKS; fi
if [ "$(fuEMPTY $myHONEYTRAPDL)" != "0" ]; then tar -I $myPIGZ -cvf $myHONEYTRAPDLTGZ $myHONEYTRAPDL; fi
if [ "$(fuEMPTY $myTANNERF)" != "0" ]; then tar -I $myPIGZ -cvf $myTANNERFTGZ $myTANNERF; fi
# Ensure correct permissions and ownership for previously created archives
-chmod 770 $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ
-chown tpot:tpot $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ
+chmod 770 $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myMINIPRINTTGZ $myTANNERFTGZ
+chown tpot:tpot $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myMINIPRINTTGZ $myTANNERFTGZ
# Need to remove subfolders since too many files cause rm to exit with errors
-rm -rf $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
+rm -rf $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myMINIPRINTU $myTANNERF
# Recreate subfolders with correct permissions and ownership
-mkdir -p $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
-chmod 770 $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
-chown tpot:tpot $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
+mkdir -p $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myMINIPRINTU $myTANNERF
+chmod 770 $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myMINIPRINTU $myTANNERF
+chown tpot:tpot $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myMINIPRINTU $myTANNERF
# Run logrotate again to account for previously created archives - DO NOT FORCE HERE!
logrotate -s $mySTATUS $myCONF
@@ -294,6 +297,14 @@ fuMEDPOT () {
chown tpot:tpot /data/medpot/ -R
}
+# Let's create a function to clean up and prepare miniprint data
+fuMINIPRINT () {
+ if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/miniprint/*; fi
+ mkdir -vp /data/miniprint/{log,uploads}
+ chmod 770 /data/miniprint/ -R
+ chown tpot:tpot /data/miniprint/ -R
+}
+
# Let's create a function to clean up nginx logs
fuNGINX () {
if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/nginx/log/*; fi
@@ -410,6 +421,7 @@ fuIPPHONEY
fuLOG4POT
fuMAILONEY
fuMEDPOT
+fuMINIPRINT
fuNGINX
fuREDISHONEYPOT
fuSENTRYPEER
diff --git a/docker/tpotinit/dist/etc/logrotate/logrotate.conf b/docker/tpotinit/dist/etc/logrotate/logrotate.conf
index 495da7dc..dda796e8 100644
--- a/docker/tpotinit/dist/etc/logrotate/logrotate.conf
+++ b/docker/tpotinit/dist/etc/logrotate/logrotate.conf
@@ -34,6 +34,7 @@
/data/log4pot/log/*.log
/data/mailoney/log/*.log
/data/medpot/log/*.log
+/data/miniprint/log/*.json
/data/nginx/log/*.log
/data/p0f/log/p0f.json
/data/redishoneypot/log/*.log
@@ -61,6 +62,8 @@
/data/dionaea/binaries.tgz
/data/honeytrap/attacks.tgz
/data/honeytrap/downloads.tgz
+/data/miniprint/uploads.tgz
+/data/tanner/files.tgz
{
su tpot tpot
copytruncate
diff --git a/docker/tpotinit/dist/etc/objects/elkbase.tgz b/docker/tpotinit/dist/etc/objects/elkbase.tgz
index af76ff6f..29c2ea1b 100644
Binary files a/docker/tpotinit/dist/etc/objects/elkbase.tgz and b/docker/tpotinit/dist/etc/objects/elkbase.tgz differ
diff --git a/docker/tpotinit/dist/etc/objects/kibana_export.ndjson.zip b/docker/tpotinit/dist/etc/objects/kibana_export.ndjson.zip
index 3d8c22ee..5ccf37bf 100644
Binary files a/docker/tpotinit/dist/etc/objects/kibana_export.ndjson.zip and b/docker/tpotinit/dist/etc/objects/kibana_export.ndjson.zip differ