From 1aafe735052aee8b4fd961cbecdce2bce03d5c80 Mon Sep 17 00:00:00 2001 From: Mario Date: Fri, 3 Jun 2022 14:05:11 +0200 Subject: [PATCH] SSH log rawCommand, added new password on SSH honeypot --- configurations/services/ssh-22.yaml | 2 +- protocols/secureShellStrategy.go | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/configurations/services/ssh-22.yaml b/configurations/services/ssh-22.yaml index 03c0b85..b9e7ea8 100644 --- a/configurations/services/ssh-22.yaml +++ b/configurations/services/ssh-22.yaml @@ -21,5 +21,5 @@ commands: handler: "command not found" serverVersion: "OpenSSH" serverName: "ubuntu" -passwordRegex: "^(root|qwerty|Smoker666)$" +passwordRegex: "^(root|qwerty|Smoker666|123456|jenkins|minecraft|sinus|alex|postgres|Ly123456)$" deadlineTimeoutSeconds: 60 \ No newline at end of file diff --git a/protocols/secureShellStrategy.go b/protocols/secureShellStrategy.go index a8ffd2d..d616f93 100644 --- a/protocols/secureShellStrategy.go +++ b/protocols/secureShellStrategy.go @@ -35,6 +35,7 @@ func (SSHStrategy *SecureShellStrategy) Init(beelzebubServiceConfiguration parse Environ: strings.Join(sess.Environ(), ","), User: sess.User(), Description: beelzebubServiceConfiguration.Description, + Command: sess.RawCommand(), }) term := terminal.NewTerminal(sess, buildPrompt(sess.User(), beelzebubServiceConfiguration.ServerName)) @@ -44,7 +45,7 @@ func (SSHStrategy *SecureShellStrategy) Init(beelzebubServiceConfiguration parse break } tr.TraceEvent(tracer.Event{ - Msg: "New SSH Command", + Msg: "New SSH Terminal Session", RemoteAddr: sess.RemoteAddr().String(), Status: tracer.Interaction.String(), Command: commandInput,