chrissewell/beelzebub
1
0
Fork 0
mirror of https://github.com/mariocandela/beelzebub.git synced 2025-07-01 18:47:26 -04:00
Code Issues Packages Projects Releases Wiki Activity

Configured Description filed into Event and Service configuration

Browse Source
This commit is contained in:
Mario
2022-05-31 22:39:56 +02:00
parent efefd0fb85
commit 25904ff751
4 changed files with 31 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
parser/configurationsParser.go
View File

@ -24,8 +24,8 @@ type Logging struct {
} }
type Tracing struct { type Tracing struct {
RabbitMQEnabled bool `yaml:"rabbitMQEnabled,omitempty"` RabbitMQEnabled bool `yaml:"rabbitMQEnabled"`
RabbitMQURI string `yaml:"rabbitMQURI,omitempty"` RabbitMQURI string `yaml:"rabbitMQURI"`
} }
type BeelzebubServiceConfiguration struct { type BeelzebubServiceConfiguration struct {
@ -37,6 +37,7 @@ type BeelzebubServiceConfiguration struct {
ServerName string `yaml:"serverName"` ServerName string `yaml:"serverName"`
DeadlineTimeoutSeconds int `yaml:"deadlineTimeoutSeconds"` DeadlineTimeoutSeconds int `yaml:"deadlineTimeoutSeconds"`
PasswordRegex string `yaml:"passwordRegex"` PasswordRegex string `yaml:"passwordRegex"`
Description string `yaml:"description"`
} }
type Command struct { type Command struct {

5
protocols/hypertextTransferProtocolStrategy.go
View File

@ -21,7 +21,7 @@ func (httpStrategy HypertextTransferProtocolStrategy) Init(beelzebubServiceConfi
serverMux := http.NewServeMux() serverMux := http.NewServeMux()
serverMux.HandleFunc("/", func(responseWriter http.ResponseWriter, request *http.Request) { serverMux.HandleFunc("/", func(responseWriter http.ResponseWriter, request *http.Request) {
traceRequest(request, tr) traceRequest(request, tr, beelzebubServiceConfiguration.Description)
for _, command := range httpStrategy.beelzebubServiceConfiguration.Commands { for _, command := range httpStrategy.beelzebubServiceConfiguration.Commands {
matched, err := regexp.MatchString(command.Regex, request.RequestURI) matched, err := regexp.MatchString(command.Regex, request.RequestURI)
if err != nil { if err != nil {
@ -51,7 +51,7 @@ func (httpStrategy HypertextTransferProtocolStrategy) Init(beelzebubServiceConfi
return nil return nil
} }
func traceRequest(request *http.Request, tr tracer.Tracer) { func traceRequest(request *http.Request, tr tracer.Tracer, HoneypotDescription string) {
bodyBytes, err := io.ReadAll(request.Body) bodyBytes, err := io.ReadAll(request.Body)
body := "" body := ""
if err == nil { if err == nil {
@ -70,6 +70,7 @@ func traceRequest(request *http.Request, tr tracer.Tracer) {
Status: tracer.Stateless.String(), Status: tracer.Stateless.String(),
RemoteAddr: request.RemoteAddr, RemoteAddr: request.RemoteAddr,
ID: uuid.New().String(), ID: uuid.New().String(),
Description: HoneypotDescription,
}) })
} }

45
protocols/secureShellStrategy.go
View File

@ -27,13 +27,14 @@ func (SSHStrategy *SecureShellStrategy) Init(beelzebubServiceConfiguration parse
uuidSession := uuid.New() uuidSession := uuid.New()
tr.TraceEvent(tracer.Event{ tr.TraceEvent(tracer.Event{
Msg: "New SSH Session", Msg: "New SSH Session",
Protocol: tracer.SSH.String(), Protocol: tracer.SSH.String(),
RemoteAddr: sess.RemoteAddr().String(), RemoteAddr: sess.RemoteAddr().String(),
Status: tracer.Start.String(), Status: tracer.Start.String(),
ID: uuidSession.String(), ID: uuidSession.String(),
Environ: strings.Join(sess.Environ(), ","), Environ: strings.Join(sess.Environ(), ","),
User: sess.User(), User: sess.User(),
Description: beelzebubServiceConfiguration.Description,
}) })
term := terminal.NewTerminal(sess, buildPrompt(sess.User(), beelzebubServiceConfiguration.ServerName)) term := terminal.NewTerminal(sess, buildPrompt(sess.User(), beelzebubServiceConfiguration.ServerName))
@ -43,12 +44,13 @@ func (SSHStrategy *SecureShellStrategy) Init(beelzebubServiceConfiguration parse
break break
} }
tr.TraceEvent(tracer.Event{ tr.TraceEvent(tracer.Event{
Msg: "New SSH Command", Msg: "New SSH Command",
RemoteAddr: sess.RemoteAddr().String(), RemoteAddr: sess.RemoteAddr().String(),
Status: tracer.Interaction.String(), Status: tracer.Interaction.String(),
Command: commandInput, Command: commandInput,
ID: uuidSession.String(), ID: uuidSession.String(),
Protocol: tracer.SSH.String(), Protocol: tracer.SSH.String(),
Description: beelzebubServiceConfiguration.Description,
}) })
if commandInput == "exit" { if commandInput == "exit" {
break break
@ -74,14 +76,15 @@ func (SSHStrategy *SecureShellStrategy) Init(beelzebubServiceConfiguration parse
}, },
PasswordHandler: func(ctx ssh.Context, password string) bool { PasswordHandler: func(ctx ssh.Context, password string) bool {
tr.TraceEvent(tracer.Event{ tr.TraceEvent(tracer.Event{
Msg: "New SSH attempt", Msg: "New SSH attempt",
Protocol: tracer.SSH.String(), Protocol: tracer.SSH.String(),
Status: tracer.Stateless.String(), Status: tracer.Stateless.String(),
User: ctx.User(), User: ctx.User(),
Password: password, Password: password,
Client: ctx.ClientVersion(), Client: ctx.ClientVersion(),
RemoteAddr: ctx.RemoteAddr().String(), RemoteAddr: ctx.RemoteAddr().String(),
ID: uuid.New().String(), ID: uuid.New().String(),
Description: beelzebubServiceConfiguration.Description,
}) })
matched, err := regexp.MatchString(beelzebubServiceConfiguration.PasswordRegex, password) matched, err := regexp.MatchString(beelzebubServiceConfiguration.PasswordRegex, password)
if err != nil { if err != nil {

1
tracer/tracer.go
View File

@ -40,6 +40,7 @@ type Event struct {
Body string Body string
HTTPMethod string HTTPMethod string
RequestURI string RequestURI string
Description string
} }
type Protocol int type Protocol int