Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-20 06:02:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

update go-pot to latest master

Browse source 
tweaking
This commit is contained in:
t3chn0m4g3 2024-11-29 14:44:23 +01:00
parent 8282084d49
commit ef8e71007c
8 changed files with 46 additions and 60 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
compose/mini.yml
View file

@ -225,6 +225,7 @@ services:
- "22:22" - "22:22"
- "23:23" - "23:23"
- "25:25" - "25:25"
- "67:67/udp"
- "53:53/udp" - "53:53/udp"
- "80:80" - "80:80"
- "110:110" - "110:110"

12
compose/tarpit.yml
View file

@ -104,19 +104,19 @@ services:
networks: networks:
- heralding_local - heralding_local
ports: ports:
# - "21:21" - "21:21"
# - "22:22" # - "22:22"
# - "23:23" - "23:23"
# - "25:25" - "25:25"
# - "80:80" # - "80:80"
- "110:110" - "110:110"
- "143:143" - "143:143"
# - "443:443" - "443:443"
- "465:465" - "465:465"
- "993:993" - "993:993"
- "995:995" - "995:995"
# - "3306:3306" - "3306:3306"
# - "3389:3389" - "3389:3389"
- "1080:1080" - "1080:1080"
- "5432:5432" - "5432:5432"
- "5900:5900" - "5900:5900"

55
compose/tpot_services.yml
View file

@ -429,25 +429,25 @@ services:
- ${TPOT_DATA_PATH}/galah/cert:/opt/galah/config/cert - ${TPOT_DATA_PATH}/galah/cert:/opt/galah/config/cert
- ${TPOT_DATA_PATH}/galah/log:/opt/galah/log - ${TPOT_DATA_PATH}/galah/log:/opt/galah/log
# # Glutton service # Glutton service
# glutton: glutton:
# container_name: glutton container_name: glutton
# restart: always restart: always
# depends_on: depends_on:
# tpotinit: tpotinit:
# condition: service_healthy condition: service_healthy
# tmpfs: tmpfs:
# - /var/lib/glutton:uid=2000,gid=2000 - /var/lib/glutton:uid=2000,gid=2000
# - /run:uid=2000,gid=2000 - /run:uid=2000,gid=2000
# network_mode: "host" network_mode: "host"
# cap_add: cap_add:
# - NET_ADMIN - NET_ADMIN
# image: ${TPOT_REPO}/glutton:${TPOT_VERSION} image: ${TPOT_REPO}/glutton:${TPOT_VERSION}
# pull_policy: ${TPOT_PULL_POLICY} pull_policy: ${TPOT_PULL_POLICY}
# read_only: true read_only: true
# volumes: volumes:
# - ${TPOT_DATA_PATH}/glutton/log:/var/log/glutton - ${TPOT_DATA_PATH}/glutton/log:/var/log/glutton
# - ${TPOT_DATA_PATH}/glutton/payloads:/opt/glutton/payloads - ${TPOT_DATA_PATH}/glutton/payloads:/opt/glutton/payloads
# Go-pot service # Go-pot service
go-pot: go-pot:
@ -514,19 +514,19 @@ services:
networks: networks:
- heralding_local - heralding_local
ports: ports:
# - "21:21" - "21:21"
# - "22:22" - "22:22"
# - "23:23" - "23:23"
# - "25:25" - "25:25"
# - "80:80" - "80:80"
- "110:110" - "110:110"
- "143:143" - "143:143"
# - "443:443" - "443:443"
- "465:465" - "465:465"
- "993:993" - "993:993"
- "995:995" - "995:995"
# - "3306:3306" - "3306:3306"
# - "3389:3389" - "3389:3389"
- "1080:1080" - "1080:1080"
- "5432:5432" - "5432:5432"
- "5900:5900" - "5900:5900"
@ -572,6 +572,7 @@ services:
- "23:23" - "23:23"
- "25:25" - "25:25"
- "53:53/udp" - "53:53/udp"
- "67:67/udp"
- "80:80" - "80:80"
- "110:110" - "110:110"
- "123:123" - "123:123"

3
docker/elk/logstash/dist/http_output.conf vendored
View file

@ -518,6 +518,9 @@ filter {
date { date {
match => [ "timestamp", "ISO8601" ] match => [ "timestamp", "ISO8601" ]
} }
mutate {
remove_field => ["ts"]
}
} }
# Hellpot # Hellpot

3
docker/elk/logstash/dist/logstash.conf vendored
View file

@ -510,6 +510,9 @@ filter {
date { date {
match => [ "timestamp", "ISO8601" ] match => [ "timestamp", "ISO8601" ]
} }
mutate {
remove_field => ["ts"]
}
} }
# Glutton # Glutton

8
docker/go-pot/Dockerfile
View file

@ -3,18 +3,18 @@ RUN <<EOF
apk -U add git apk -U add git
mkdir -p /opt mkdir -p /opt
cd /opt cd /opt
git clone https://github.com/t3chn0m4g3/go-pot git clone https://github.com/ryanolee/go-pot
cd go-pot
git checkout fbb3e66e454e5f6092b4294a52e2cfa44e5b7259
EOF EOF
WORKDIR /opt/go-pot WORKDIR /opt/go-pot
# #
RUN go get github.com/ua-parser/uap-go/uaparser
RUN go mod download
RUN CGO_ENABLED=0 GOOS=linux go build -o /opt/go-pot/go-pot RUN CGO_ENABLED=0 GOOS=linux go build -o /opt/go-pot/go-pot
# #
FROM scratch FROM scratch
# #
COPY --from=builder /opt/go-pot/go-pot /opt/go-pot/go-pot COPY --from=builder /opt/go-pot/go-pot /opt/go-pot/go-pot
COPY --from=builder /opt/go-pot/config.yml /opt/go-pot/config.yml COPY dist/config.yml /opt/go-pot/config.yml
# #
STOPSIGNAL SIGINT STOPSIGNAL SIGINT
USER 2000:2000 USER 2000:2000

21
docker/go-pot/Dockerfile.dev
View file

@ -1,21 +0,0 @@
FROM golang:1.23-alpine AS builder
RUN <<EOF
apk -U add git
mkdir -p /opt
cd /opt
git clone https://github.com/ryanolee/go-pot
EOF
WORKDIR /opt/go-pot
#
RUN CGO_ENABLED=0 GOOS=linux go build -o /opt/go-pot/go-pot
#
FROM scratch
#
COPY --from=builder /opt/go-pot/go-pot /opt/go-pot/go-pot
COPY dist/config.yml /opt/go-pot/config.yml
#
STOPSIGNAL SIGINT
USER 2000:2000
WORKDIR /opt/go-pot
CMD ["start", "--host", "0.0.0.0", "--config-file", "config.yml"]
ENTRYPOINT ["./go-pot"]

3
docker/go-pot/dist/config.yml vendored
View file

@ -56,8 +56,7 @@ server:
# - device_brand: The type of device of the client (Inferred from the user agent) # - device_brand: The type of device of the client (Inferred from the user agent)
# - phase: "start" or "end" depending on the phase of the request # - phase: "start" or "end" depending on the phase of the request
# - duration: The duration of the request in milliseconds (Only available as a part of the end phase of a request) # - duration: The duration of the request in milliseconds (Only available as a part of the end phase of a request)
#fields: "src_ip,method,path,qs,duration" fields_to_log: "timestamp,id,status,src_ip,method,path,qs,dest_port,type,host,user_agent,browser,browser_version,os,os_version,device,device_brand,phase,duration"
fields: "timestamp,id,status,src_ip,method,path,qs,dest_port,type,host,user_agent,browser,browser_version,os,os_version,device,device_brand,phase,duration"
# Configuration for logging related settings for go-pot # Configuration for logging related settings for go-pot
logging: logging: