telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

incl. XFF for qhoneypots, some tweaking

Browse Source
This commit is contained in:
t3chn0m4g3
2022-02-11 10:32:31 +00:00
parent d2e54d5cf0
commit 53afb1ba10
6 changed files with 20 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
bin/dps.sh
View File

@ -8,8 +8,14 @@ if [ "$myWHOAMI" != "root" ]
exit exit
fi fi
# Show current status of T-Pot containers
myPARAM="$1" myPARAM="$1"
if [[ $myPARAM =~ ^([1-9]|[1-9][0-9]|[1-9][0-9][0-9])$ ]];
then
watch --color -n $myPARAM "dps.sh"
exit
fi
# Show current status of T-Pot containers
myCONTAINERS="$(cat /opt/tpot/etc/tpot.yml | grep -v '#' | grep container_name | cut -d: -f2 | sort | tr -d " ")" myCONTAINERS="$(cat /opt/tpot/etc/tpot.yml | grep -v '#' | grep container_name | cut -d: -f2 | sort | tr -d " ")"
myRED="" myRED=""
myGREEN="" myGREEN=""
@ -50,8 +56,6 @@ printf "${myMAGENTA}%+11s %-20s\n" "BLACKHOLE: " "$myBLACKHOLE_STATUS${myWHITE}"
echo echo
} }
while true
do
myDPS=$(fuGETSTATUS) myDPS=$(fuGETSTATUS)
myDPSNAMES=$(echo "$myDPS" | awk '{ print $1 }' | sort) myDPSNAMES=$(echo "$myDPS" | awk '{ print $1 }' | sort)
fuGETSYS fuGETSYS
@ -67,10 +71,3 @@ while true
printf "%-28s %-28s\n" "$myRED$i" "DOWN$myWHITE" printf "%-28s %-28s\n" "$myRED$i" "DOWN$myWHITE"
fi fi
done done
if [[ $myPARAM =~ ^([1-9]|[1-9][0-9]|[1-9][0-9][0-9])$ ]];
then
sleep "$myPARAM"
else
break
fi
done

2
docker/elk/docker-compose.yml
View File

@ -85,7 +85,7 @@ services:
# networks: # networks:
# - map_local # - map_local
ports: ports:
- "9999:13337" - "127.0.0.1:64299:64299"
image: "dtagdevsec/map_web:2203" image: "dtagdevsec/map_web:2203"
depends_on: depends_on:
- map_redis - map_redis

2
docker/elk/map/docker-compose.yml
View File

@ -32,7 +32,7 @@ services:
# networks: # networks:
# - map_local # - map_local
ports: ports:
- "9999:13337" - "127.0.0.1:64299:64299"
image: "dtagdevsec/map_web:2203" image: "dtagdevsec/map_web:2203"
depends_on: depends_on:
- map_redis - map_redis

2
docker/honeypots/Dockerfile
View File

@ -30,7 +30,7 @@ RUN apk -U add \
cd /opt/ && \ cd /opt/ && \
git clone https://github.com/qeeqbox/honeypots && \ git clone https://github.com/qeeqbox/honeypots && \
cd honeypots && \ cd honeypots && \
git checkout b88cbbd5aa1d2724c6f7de5d723f0d0e753912bb && \ git checkout bee3147cf81837ba7639f1e27fe34d717ecccf29 && \
pip3 install --upgrade pip && \ pip3 install --upgrade pip && \
pip3 install --ignore-installed hiredis packaging && \ pip3 install --ignore-installed hiredis packaging && \
pip3 install . && \ pip3 install . && \

3
docker/honeypots/dist/config.json vendored
View File

@ -44,7 +44,8 @@
"password":"admin", "password":"admin",
"log_file_name":"http.log", "log_file_name":"http.log",
"max_bytes":0, "max_bytes":0,
"backup_count":10 "backup_count":10,
"options":"fix_get_client_ip"
}, },
"https":{ "https":{
"port":443, "port":443,

8
docker/nginx/dist/conf/tpotweb.conf vendored
View File

@ -124,6 +124,14 @@ server {
rewrite /es/(.*)$ /$1 break; rewrite /es/(.*)$ /$1 break;
} }
### Map
location /map/ {
proxy_pass http://127.0.0.1:64299/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
}
### spiderfoot ### spiderfoot
location /spiderfoot { location /spiderfoot {
proxy_pass http://127.0.0.1:64303; proxy_pass http://127.0.0.1:64303;