bump hellpot to 0.3 and train config for CVE-2021-39341

2025-04-20 06:02:24 +00:00 · 2021-11-01 13:36:44 +00:00 · 2021-11-01 13:36:44 +00:00 · db74c610ad
commit db74c610ad
parent ea624351b5
3 changed files with 27 additions and 37 deletions
--- a/docker/hellpot/Dockerfile
+++ b/docker/hellpot/Dockerfile
@ -13,21 +13,25 @@ RUN apk -U --no-cache add \
 # Setup go, hellpot
    cd /root && \
    export GOPATH=/opt/go/ && \
+    mkdir -p /opt/hellpot && \
    mkdir -p /opt/go && \ 
    git clone https://github.com/yunginnanet/HellPot && \
    cd HellPot && \
-    git checkout 97fe39bf2f9e03a9a23327c5401a5627e0c37f9a && \
-    mv /root/dist/logger.go /root/HellPot/src/logger/ && \
-    go mod download && \
-    go install && \
-    mkdir -p /opt/hellpot && \
-    mv /opt/go/bin/HellPot /opt/hellpot/ && \
-    mv /root/dist/config.toml /opt/hellpot && \
+    git checkout f87b1f17e21b36edae41b7f49d4a54ae420a9bf8 && \
+  # Hellpot ignores setting the logpath, need to this hardcoded :(
+    sed -i 's#logDir = snek.GetString("logger.directory")#logDir = "/var/log/hellpot/"#g' config/logger.go && \
+    sed -i 's#tnow := "HellPot"#tnow := "hellpot"#g' config/logger.go && \
+    go build cmd/HellPot/HellPot.go && \
+    mv /root/HellPot/HellPot /opt/hellpot/ && \
 #
 # Setup user, groups and configs
    addgroup -g 2000 hellpot && \
    adduser -S -s /bin/ash -u 2000 -D -g 2000 hellpot && \
    mkdir -p /var/log/hellpot && \
+  # Hellpot wants to create .config folder always in user's home
+    mkdir -p /home/hellpot/.config/HellPot/logs && \
+    mv /root/dist/config.toml /home/hellpot/.config/HellPot/ && \
+    chown hellpot:hellpot -R /home/hellpot && \
 #
 # Clean up
    apk del --purge build-base \
--- a/docker/hellpot/dist/config.toml
+++ b/docker/hellpot/dist/config.toml
@ -1,10 +1,23 @@
-name = "HellPot 0.1"
-
 [http]
  bind_addr = "0.0.0.0"
  bind_port = "8080"
-  paths = ["wp-login.php","wp-login"]
+  paths = ["wp-login.php","wp-login","wp-json/omapp/v1/support"]
+
+  # Unix Socket Listener (will override default)
+  use_unix_socket = false
+  unix_socket = "/var/run/hellpot"

 [logger]
  debug = true
  log_directory = "/var/log/hellpot/"
+  nocolor = true
+  use_date_filename = false
+
+[performance]
+  # max_workers is only valid if restrict_concurrency is true
+  restrict_concurrency = false
+  max_workers = 256
+  
+[deception]
+  # Used as "Server: " header (if not proxied)
+  server_name = "nginx"
--- a/docker/hellpot/dist/logger.go
+++ b/docker/hellpot/dist/logger.go
@ -1,27 +0,0 @@
-package logger
-
-import (
-	//"fmt"
-	"github.com/rs/zerolog"
-	//"github.com/rs/zerolog/log"
-	"github.com/yunginnanet/HellPot/src/config"
-	"os"
-)
-
-var (
-	logFile *os.File
-	err     error
-)
-
-var GlobalLogger zerolog.Logger
-
-func LogInit() {
-	if err := os.MkdirAll(config.LogDir, 0755); err != nil {
-		panic("cannot create log directory: " + config.LogDir + "(" + err.Error() + ")")
-	}
-	if logFile, err = os.OpenFile(config.LogDir+"hellpot.log", os.O_RDWR|os.O_CREATE|os.O_APPEND, 0666); err != nil {
-		panic("cannot create log file: " + err.Error())
-	}
-	multi := zerolog.MultiLevelWriter(zerolog.ConsoleWriter{Out: os.Stderr}, logFile)
-	GlobalLogger = zerolog.New(multi).With().Timestamp().Logger()
-}