bump cowrie to latest master

Update conpot for scapy 2.4.5
update for py 3.12, harden image
2025-04-19 21:52:27 +00:00 · 2024-11-19 18:06:23 +01:00 · 2024-11-19 17:18:46 +01:00 · 2024-11-19 16:34:04 +01:00 · 2024-11-19 15:10:57 +01:00 · 2024-11-19 14:38:00 +01:00
8 changed files with 35 additions and 431 deletions
--- a/docker/adbhoney/Dockerfile
+++ b/docker/adbhoney/Dockerfile
@ -4,15 +4,15 @@ FROM alpine:3.20 AS builder
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN	echo "@testing http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories && \
+RUN	apk --no-cache -U add \
 	apk --no-cache -U add \
 		build-base \
 		git \
 		procps \
 		py3-psutil \
 		py3-requests \
-		py3-pyinstaller@testing \
+		py3-pip \
 		python3 && \
 		pip3 install --break-system-packages pyinstaller && \
 #
 # Install adbhoney from git
    git clone https://github.com/t3chn0m4g3/ADBHoney -b pyinstaller /opt/adbhoney && \
--- a/docker/ciscoasa/Dockerfile
+++ b/docker/ciscoasa/Dockerfile
@ -1,7 +1,4 @@
-FROM alpine:3.19
+FROM alpine:3.20 AS builder
 #
 # Include dist
 COPY dist/ /root/dist/
 #
 # Install packages
 RUN apk --no-cache -U add build-base \
@ -15,33 +12,22 @@ RUN apk --no-cache -U add build-base \
 		python3 \
 		python3-dev && \
 #
 # Setup user
    addgroup -g 2000 ciscoasa && \
    adduser -S -s /bin/bash -u 2000 -D -g 2000 ciscoasa && \
 #
 # Get and install packages
    mkdir -p /opt/ && \
    cd /opt/ && \
-    git clone https://github.com/cymmetria/ciscoasa_honeypot && \
+    git clone https://github.com/t3chn0m4g3/ciscoasa_honeypot && \
    cd ciscoasa_honeypot && \
    git checkout d6e91f1aab7fe6fc01fabf2046e76b68dd6dc9e2 && \
    sed -i "s/git+git/git+https/g" requirements.txt && \
-    pip3 install --break-system-packages --no-cache-dir -r requirements.txt && \
+    pip3 install --break-system-packages pyinstaller && \
-    cp /root/dist/asa_server.py /opt/ciscoasa_honeypot && \
+    pip3 install --break-system-packages --no-cache-dir -r requirements.txt
-    chown -R ciscoasa:ciscoasa /opt/ciscoasa_honeypot && \
+WORKDIR /opt/ciscoasa_honeypot
 RUN pyinstaller asa_server.py --add-data "./asa:./asa"
 #
-# Clean up
+FROM alpine:3.20
-    apk del --purge build-base \
+COPY --from=builder /opt/ciscoasa_honeypot/dist/ /opt/
                    git \
                    libffi-dev \
                    openssl-dev \
                    python3-dev && \
    rm -rf /root/* \
           /opt/ciscoasa_honeypot/.git \
           /var/cache/apk/*
 #
 # Start ciscoasa
 STOPSIGNAL SIGINT
-WORKDIR /tmp/ciscoasa/
+WORKDIR /opt/asa_server/
-USER ciscoasa:ciscoasa
+USER 2000:2000
-CMD cp -R /opt/ciscoasa_honeypot/* /tmp/ciscoasa && exec python3 asa_server.py --ike-port 5000 --enable_ssl --port 8443 --verbose >> /var/log/ciscoasa/ciscoasa.log 2>&1
+CMD ./asa_server --ike-port 5000 --enable_ssl --port 8443 --verbose >> /var/log/ciscoasa/ciscoasa.log 2>&1
--- a/docker/ciscoasa/dist/asa_server.py
+++ b/docker/ciscoasa/dist/asa_server.py
@ -1,307 +0,0 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 import os
 import time
 import socket
 import logging
 logging.basicConfig(format='%(message)s')
 import threading
 from io import BytesIO
 from xml.etree import ElementTree
 from http.server import HTTPServer
 from socketserver import ThreadingMixIn
 from http.server import SimpleHTTPRequestHandler
 import ike_server
 import datetime
 class NonBlockingHTTPServer(ThreadingMixIn, HTTPServer):
    pass
 class hpflogger:
    def __init__(self, hpfserver, hpfport, hpfident, hpfsecret, hpfchannel, serverid, verbose):
        self.hpfserver=hpfserver
        self.hpfport=hpfport
        self.hpfident=hpfident
        self.hpfsecret=hpfsecret
        self.hpfchannel=hpfchannel
        self.serverid=serverid
        self.hpc=None
        self.verbose=verbose
        if (self.hpfserver and self.hpfport and self.hpfident and self.hpfport and self.hpfchannel and self.serverid):
            import hpfeeds
            try:
                self.hpc = hpfeeds.new(self.hpfserver, self.hpfport, self.hpfident, self.hpfsecret)
                logger.debug("Logging to hpfeeds using server: {0}, channel {1}.".format(self.hpfserver, self.hpfchannel))
            except (hpfeeds.FeedException, socket.error, hpfeeds.Disconnect):
                logger.critical("hpfeeds connection not successful")
    def log(self, level, message):
        if self.hpc:
            if level in ['debug', 'info'] and not self.verbose:
                return
            self.hpc.publish(self.hpfchannel, "["+self.serverid+"] ["+level+"] ["+datetime.datetime.now().isoformat() +"] "  + str(message))
 def header_split(h):
    return [list(map(str.strip, l.split(': ', 1))) for l in h.strip().splitlines()]
 class WebLogicHandler(SimpleHTTPRequestHandler):
    logger = None
    hpfl = None
    protocol_version = "HTTP/1.1"
    EXPLOIT_STRING = b"host-scan-reply"
    RESPONSE = b"""<?xml version="1.0" encoding="UTF-8"?>
 <config-auth client="vpn" type="complete">
 <version who="sg">9.0(1)</version>
 <error id="98" param1="" param2="">VPN Server could not parse request.</error>
 </config-auth>"""
    basepath = os.path.dirname(os.path.abspath(__file__))
    alert_function = None
    def setup(self):
        SimpleHTTPRequestHandler.setup(self)
        self.request.settimeout(3)
    def send_header(self, keyword, value):
        if keyword.lower() == 'server':
            return
        SimpleHTTPRequestHandler.send_header(self, keyword, value)
    def send_head(self):
        # send_head will return a file object that do_HEAD/GET will use
        # do_GET/HEAD are already implemented by SimpleHTTPRequestHandler
        filename = os.path.basename(self.path.rstrip('/').split('?', 1)[0])
        if self.path == '/':
            self.send_response(200)
            for k, v in header_split("""
                Content-Type: text/html
                Cache-Control: no-cache
                Pragma: no-cache
                Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
                Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
                Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
                Set-Cookie: webvpn_portal=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
                Set-Cookie: webvpnSharePoint=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
                Set-Cookie: webvpnlogin=1; path=/; secure
                Set-Cookie: sdesktop=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
            """):
                self.send_header(k, v)
            self.end_headers()
            return BytesIO(b'<html><script>document.location.replace("/+CSCOE+/logon.html")</script></html>\n')
        elif filename == 'asa':  # don't allow dir listing
            return self.send_file('wrong_url.html', 403)
        else:
            return self.send_file(filename)
    def redirect(self, loc):
        self.send_response(302)
        for k, v in header_split("""
            Content-Type: text/html
            Content-Length: 0
            Cache-Control: no-cache
            Pragma: no-cache
            Location: %s
            Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
        """ % (loc,)):
            self.send_header(k, v)
        self.end_headers()
    def do_GET(self):
        if self.path == '/+CSCOE+/logon.html':
            self.redirect('/+CSCOE+/logon.html?fcadbadd=1')
            return
        elif self.path.startswith('/+CSCOE+/logon.html?') and 'reason=1' in self.path:
            self.wfile.write(self.send_file('logon_failure').getvalue())
            return
        SimpleHTTPRequestHandler.do_GET(self)
    def do_POST(self):
        data_len = int(self.headers.get('Content-length', 0))
        data = self.rfile.read(data_len) if data_len else b''
        body = self.RESPONSE
        if self.EXPLOIT_STRING in data:
            xml = ElementTree.fromstring(data)
            payloads = []
            for x in xml.iter('host-scan-reply'):
                payloads.append(x.text)
            self.alert_function(self.client_address[0], self.client_address[1], payloads)
        elif self.path == '/':
            self.redirect('/+webvpn+/index.html')
            return
        elif self.path == '/+CSCOE+/logon.html':
            self.redirect('/+CSCOE+/logon.html?fcadbadd=1')
            return
        elif self.path.split('?', 1)[0] == '/+webvpn+/index.html':
            with open(os.path.join(self.basepath, 'asa', "logon_redir.html"), 'rb') as fh:
                body = fh.read()
        self.send_response(200)
        self.send_header('Content-Length', int(len(body)))
        self.send_header('Content-Type', 'text/html; charset=UTF-8')
        self.end_headers()
        self.wfile.write(body)
        return
    def send_file(self, filename, status_code=200, headers=[]):
        try:
            with open(os.path.join(self.basepath, 'asa', filename), 'rb') as fh:
                body = fh.read()
                self.send_response(status_code)
                for k, v in headers:
                    self.send_header(k, v)
                if status_code == 200:
                    for k, v in header_split("""
                        Cache-Control: max-age=0
                        Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
                        Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure
                        Set-Cookie: webvpnlogin=1; secure
                        X-Transcend-Version: 1
                    """):
                        self.send_header(k, v)
                self.send_header('Content-Length', int(len(body)))
                self.send_header('Content-Type', 'text/html')
                self.end_headers()
                return BytesIO(body)
        except IOError:
            return self.send_file('wrong_url.html', 404)
    def log_message(self, format, *args):
        self.logger.debug("{'timestamp': '%s', 'src_ip': '%s', 'payload_printable': '%s'}" %
                          (datetime.datetime.now().isoformat(),
                           self.client_address[0],
                           format % args))
        self.hpfl.log('debug', "%s - - [%s] %s" %
                          (self.client_address[0],
                           self.log_date_time_string(),
                           format % args))
    def handle_one_request(self):
        """Handle a single HTTP request.
        Overriden to not send 501 errors
        """
        self.close_connection = True
        try:
            self.raw_requestline = self.rfile.readline(65537)
            if len(self.raw_requestline) > 65536:
                self.requestline = ''
                self.request_version = ''
                self.command = ''
                self.close_connection = 1
                return
            if not self.raw_requestline:
                self.close_connection = 1
                return
            if not self.parse_request():
                # An error code has been sent, just exit
                return
            mname = 'do_' + self.command
            if not hasattr(self, mname):
                self.log_request()
                self.close_connection = True
                return
            method = getattr(self, mname)
            method()
            self.wfile.flush()  # actually send the response if not already done.
        except socket.timeout as e:
            # a read or a write timed out.  Discard this connection
            self.log_error("Request timed out: %r", e)
            self.close_connection = 1
            return
 if __name__ == '__main__':
    import click
    logging.basicConfig(level=logging.INFO)
    logger = logging.getLogger()
    logger.info('info')
    @click.command()
    @click.option('-h', '--host', default='0.0.0.0', help='Host to listen')
    @click.option('-p', '--port', default=8443, help='Port to listen', type=click.INT)
    @click.option('-i', '--ike-port', default=5000, help='Port to listen for IKE', type=click.INT)
    @click.option('-s', '--enable_ssl', default=False, help='Enable SSL', is_flag=True)
    @click.option('-c', '--cert', default=None, help='Certificate File Path (will generate self signed '
                                                     'cert if not supplied)')
    @click.option('-v', '--verbose', default=False, help='Verbose logging', is_flag=True)
    # hpfeeds options
    @click.option('--hpfserver', default=os.environ.get('HPFEEDS_SERVER'), help='HPFeeds Server')
    @click.option('--hpfport', default=os.environ.get('HPFEEDS_PORT'), help='HPFeeds Port', type=click.INT)
    @click.option('--hpfident', default=os.environ.get('HPFEEDS_IDENT'), help='HPFeeds Ident')
    @click.option('--hpfsecret', default=os.environ.get('HPFEEDS_SECRET'), help='HPFeeds Secret')
    @click.option('--hpfchannel', default=os.environ.get('HPFEEDS_CHANNEL'), help='HPFeeds Channel')
    @click.option('--serverid', default=os.environ.get('SERVERID'), help='Verbose logging')
    def start(host, port, ike_port, enable_ssl, cert, verbose, hpfserver, hpfport, hpfident, hpfsecret, hpfchannel, serverid):
        """
           A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101,
           a DoS and remote code execution vulnerability
        """
        hpfl=hpflogger(hpfserver, hpfport, hpfident, hpfsecret, hpfchannel, serverid, verbose)
        def alert(cls, host, port, payloads):
            logger.critical({
                 'timestamp': datetime.datetime.utcnow().isoformat(),
                 'src_ip': host,
                 'src_port': port,
                 'payload_printable': payloads,
            })
            #log to hpfeeds
            hpfl.log("critical", {
                 'src': host,
                 'spt': port,
                 'data': payloads,
             })
        if verbose:
            logger.setLevel(logging.DEBUG)
        requestHandler = WebLogicHandler
        requestHandler.alert_function = alert
        requestHandler.logger = logger
        requestHandler.hpfl = hpfl
        def log_date_time_string():
            """Return the current time formatted for logging."""
            now = datetime.datetime.now().isoformat()
            return now
        def ike():
            ike_server.start(host, ike_port, alert, logger, hpfl)
        t = threading.Thread(target=ike)
        t.daemon = True
        t.start()
        httpd = HTTPServer((host, port), requestHandler)
        if enable_ssl:
            import ssl
            if not cert:
                import gencert
                cert = gencert.gencert()
            httpd.socket = ssl.wrap_socket(httpd.socket, certfile=cert, server_side=True)
        logger.info('Starting server on port {:d}/tcp, use <Ctrl-C> to stop'.format(port))
        hpfl.log('info', 'Starting server on port {:d}/tcp, use <Ctrl-C> to stop'.format(port))
        try:
            httpd.serve_forever()
        except KeyboardInterrupt:
            pass
        logger.info('Stopping server.')
        hpfl.log('info', 'Stopping server.')
        httpd.server_close()
    start()
--- a/docker/citrixhoneypot/Dockerfile
+++ b/docker/citrixhoneypot/Dockerfile
@ -1,21 +1,21 @@
-FROM alpine:3.19
+FROM alpine:3.20 AS builder
 #
 # Install packages
 RUN apk --no-cache -U add \
        build-base \
 		git \
 		libcap \
 		openssl \
 		py3-pip \
 		python3 && \
 #
-    pip3 install --break-system-packages --no-cache-dir python-json-logger && \
+    pip3 install --break-system-packages --no-cache-dir \
        pyinstaller \
        python-json-logger
 #
 # Install CitrixHoneypot from GitHub
-    git clone https://github.com/t3chn0m4g3/CitrixHoneypot /opt/citrixhoneypot && \
+RUN git clone https://github.com/t3chn0m4g3/CitrixHoneypot /opt/citrixhoneypot && \
    cd /opt/citrixhoneypot && \
    git checkout f59ad7320dc5bbb8c23c8baa5f111b52c52fbef3 && \
 #
 # Setup user, groups and configs
    mkdir -p /opt/citrixhoneypot/logs /opt/citrixhoneypot/ssl && \
    openssl req \
          -nodes \
@ -25,20 +25,18 @@ RUN apk --no-cache -U add \
          -out "/opt/citrixhoneypot/ssl/cert.pem" \
          -days 365 \
          -subj '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd' && \
-    addgroup -g 2000 citrixhoneypot && \
+    chown 2000:2000 -R ssl/
    adduser -S -H -s /bin/ash -u 2000 -D -g 2000 citrixhoneypot && \
    chown -R citrixhoneypot:citrixhoneypot /opt/citrixhoneypot && \
    setcap cap_net_bind_service=+ep $(readlink -f $(type -P python3)) && \
 #
-# Clean up
+WORKDIR /opt/citrixhoneypot
-    apk del --purge git \
+RUN pyinstaller CitrixHoneypot.py
-                    openssl && \
+#
-    rm -rf /root/* \
+FROM alpine:3.20
-           /opt/citrixhoneypot/.git \
+COPY --from=builder /opt/citrixhoneypot/dist/CitrixHoneypot/ /opt/citrixhoneypot
-           /var/cache/apk/*
+COPY --from=builder /opt/citrixhoneypot/ssl /opt/citrixhoneypot/ssl
 COPY --from=builder /opt/citrixhoneypot/responses/ /opt/citrixhoneypot/responses
 #
 # Set workdir and start citrixhoneypot
 STOPSIGNAL SIGINT
-USER citrixhoneypot:citrixhoneypot
+USER 2000:2000
 WORKDIR /opt/citrixhoneypot/
-CMD nohup /usr/bin/python3 CitrixHoneypot.py
+CMD nohup ./CitrixHoneypot
--- a/docker/conpot/dist/requirements.txt
+++ b/docker/conpot/dist/requirements.txt
@ -2,7 +2,7 @@ pysnmp-mibs
 pysmi==0.3.4
 libtaxii>=1.1.0
 crc16
-scapy==2.4.3rc1
+scapy==2.4.5
 hpfeeds3
 modbus-tk
 stix-validator
--- a/docker/cowrie/Dockerfile
+++ b/docker/cowrie/Dockerfile
@ -1,4 +1,4 @@
-FROM alpine:3.19
+FROM alpine:3.20
 #
 # Include dist
 COPY dist/ /root/dist/
@ -40,10 +40,9 @@ RUN apk --no-cache -U add \
 # Install cowrie
    mkdir -p /home/cowrie && \
    cd /home/cowrie && \
    # git clone --depth=1 https://github.com/cowrie/cowrie -b v2.5.0 && \
    git clone https://github.com/cowrie/cowrie && \
    cd cowrie && \
-    git checkout 3394082040c02d91e79efa2c640ad68da9fe2231 && \
+    git checkout 347b61fb081d68ae6e15e3d6d0da65c82985014a && \
    mkdir -p log && \
    cp /root/dist/requirements.txt . && \
    pip3 install --break-system-packages --upgrade pip && \
--- a/docker/cowrie/dist/cowrie.cfg
+++ b/docker/cowrie/dist/cowrie.cfg
@ -18,8 +18,8 @@ auth_class_parameters = 2, 5, 10
 data_path = /tmp/cowrie/data
 [shell]
-filesystem = share/cowrie/fs.pickle 
+filesystem = src/cowrie/data/fs.pickle
-processes = share/cowrie/cmdoutput.json
+processes = src/cowrie/data/cmdoutput.json
 #arch = linux-x64-lsb
 arch = bsd-aarch64-lsb, bsd-aarch64-msb, bsd-bfin-msb, bsd-mips-lsb, bsd-mips-msb, bsd-mips64-lsb, bsd-mips64-msb, bsd-powepc-msb, bsd-powepc64-lsb, bsd-riscv64-lsb, bsd-sparc-msb, bsd-sparc64-msb, bsd-x32-lsb, bsd-x64-lsb, linux-aarch64-lsb, linux-aarch64-msb, linux-alpha-lsb, linux-am33-lsb, linux-arc-lsb, linux-arc-msb, linux-arm-lsb, linux-arm-msb, linux-avr32-lsb, linux-bfin-lsb, linux-c6x-lsb, linux-c6x-msb, linux-cris-lsb, linux-frv-msb, linux-h8300-msb, linux-hppa-msb, linux-hppa64-msb, linux-ia64-lsb, linux-m32r-msb, linux-m68k-msb, linux-microblaze-msb, linux-mips-lsb, linux-mips-msb, linux-mips64-lsb, linux-mips64-msb, linux-mn10300-lsb, linux-nios-lsb, linux-nios-msb, linux-powerpc-lsb, linux-powerpc-msb, linux-powerpc64-lsb, linux-powerpc64-msb, linux-riscv64-lsb, linux-s390x-msb, linux-sh-lsb, linux-sh-msb, linux-sparc-msb, linux-sparc64-msb, linux-tilegx-lsb, linux-tilegx-msb, linux-tilegx64-lsb, linux-tilegx64-msb, linux-x64-lsb, linux-x86-lsb, linux-xtensa-msb, osx-x32-lsb, osx-x64-lsb
 kernel_version = 5.15.0-23-generic-amd64
--- a/docker/cowrie/dist/cowrie_tpot.cfg
+++ b/docker/cowrie/dist/cowrie_tpot.cfg
@ -1,72 +0,0 @@
 [honeypot]
 hostname = ubuntu
 log_path = log
 download_path = dl
 share_path= share/cowrie
 state_path = /tmp/cowrie/data
 etc_path = etc
 contents_path = honeyfs
 txtcmds_path = txtcmds
 ttylog = true
 ttylog_path = log/tty
 interactive_timeout = 180
 authentication_timeout = 120
 backend = shell
 timezone = UTC
 auth_class = AuthRandom
 auth_class_parameters = 2, 5, 10
 data_path = /tmp/cowrie/data
 [shell]
 filesystem = share/cowrie/fs.pickle 
 processes = share/cowrie/cmdoutput.json
 #arch = linux-x64-lsb
 arch = bsd-aarch64-lsb, bsd-aarch64-msb, bsd-bfin-msb, bsd-mips-lsb, bsd-mips-msb, bsd-mips64-lsb, bsd-mips64-msb, bsd-powepc-msb, bsd-powepc64-lsb, bsd-riscv64-lsb, bsd-sparc-msb, bsd-sparc64-msb, bsd-x32-lsb, bsd-x64-lsb, linux-aarch64-lsb, linux-aarch64-msb, linux-alpha-lsb, linux-am33-lsb, linux-arc-lsb, linux-arc-msb, linux-arm-lsb, linux-arm-msb, linux-avr32-lsb, linux-bfin-lsb, linux-c6x-lsb, linux-c6x-msb, linux-cris-lsb, linux-frv-msb, linux-h8300-msb, linux-hppa-msb, linux-hppa64-msb, linux-ia64-lsb, linux-m32r-msb, linux-m68k-msb, linux-microblaze-msb, linux-mips-lsb, linux-mips-msb, linux-mips64-lsb, linux-mips64-msb, linux-mn10300-lsb, linux-nios-lsb, linux-nios-msb, linux-powerpc-lsb, linux-powerpc-msb, linux-powerpc64-lsb, linux-powerpc64-msb, linux-riscv64-lsb, linux-s390x-msb, linux-sh-lsb, linux-sh-msb, linux-sparc-msb, linux-sparc64-msb, linux-tilegx-lsb, linux-tilegx-msb, linux-tilegx64-lsb, linux-tilegx64-msb, linux-x64-lsb, linux-x86-lsb, linux-xtensa-msb, osx-x32-lsb, osx-x64-lsb
 kernel_version = 3.2.0-4-amd64
 kernel_build_string = #1 SMP Debian 3.2.68-1+deb7u1
 hardware_platform = x86_64
 operating_system = GNU/Linux
 ssh_version = OpenSSH_7.9p1, OpenSSL 1.1.1a  20 Nov 2018
 [ssh]
 enabled = true
 rsa_public_key = etc/ssh_host_rsa_key.pub
 rsa_private_key = etc/ssh_host_rsa_key
 dsa_public_key = etc/ssh_host_dsa_key.pub
 dsa_private_key = etc/ssh_host_dsa_key
 ecdsa_public_key = etc/ssh_host_ecdsa_key.pub
 ecdsa_private_key = etc/ssh_host_ecdsa_key
 ed25519_public_key = etc/ssh_host_ed25519_key.pub
 ed25519_private_key = etc/ssh_host_ed25519_key
 public_key_auth = ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
 #version = SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2
 version = SSH-2.0-OpenSSH_7.9p1
 ciphers = aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc
 macs = hmac-sha2-512,hmac-sha2-384,hmac-sha2-56,hmac-sha1,hmac-md5
 compression = zlib@openssh.com,zlib,none
 listen_endpoints = tcp:22:interface=0.0.0.0
 sftp_enabled = true
 forwarding = true
 forward_redirect = false
 forward_tunnel = false
 auth_none_enabled = false
 auth_keyboard_interactive_enabled = true
 [telnet]
 enabled = true
 listen_endpoints = tcp:23:interface=0.0.0.0
 reported_port = 23
 [output_jsonlog]
 enabled = true
 logfile = log/cowrie.json
 epoch_timestamp = false
 [output_textlog]
 enabled = false
 logfile = log/cowrie-textlog.log
 format = text
 [output_crashreporter]
 enabled = false
 debug = false
Author	SHA1	Message	Date
t3chn0m4g3	5da84a5c74	bump cowrie to latest master	2024-11-19 18:06:23 +01:00
t3chn0m4g3	8c7636bd94	Update conpot for scapy 2.4.5	2024-11-19 17:18:46 +01:00
t3chn0m4g3	f04455544e	update for py 3.12, harden image	2024-11-19 16:34:04 +01:00
t3chn0m4g3	09716a30c1	switch to pyinstaller from pypi	2024-11-19 15:10:57 +01:00
t3chn0m4g3	4f0db18fc1	Update ciscoasa for py3.12 harden image	2024-11-19 14:38:00 +01:00