diff --git a/cmd/apiary.go b/cmd/apiary.go index f5effb3..2d2d503 100644 --- a/cmd/apiary.go +++ b/cmd/apiary.go @@ -8,12 +8,12 @@ import ( "os/signal" "time" - "github.com/gliderlabs/ssh" + sshlib "github.com/gliderlabs/ssh" "github.com/urfave/cli/v2" "github.uio.no/torjus/apiary" "github.uio.no/torjus/apiary/config" - "github.uio.no/torjus/apiary/honeypot" - "github.uio.no/torjus/apiary/honeypot/store" + "github.uio.no/torjus/apiary/honeypot/ssh" + "github.uio.no/torjus/apiary/honeypot/ssh/store" "github.uio.no/torjus/apiary/web" "go.uber.org/zap" "go.uber.org/zap/zapcore" @@ -82,7 +82,7 @@ func ActionServe(c *cli.Context) error { } // Setup honeypot - hs, err := honeypot.NewHoneypotServer(cfg.Honeypot, s) + hs, err := ssh.NewHoneypotServer(cfg.Honeypot, s) if err != nil { return err } @@ -123,7 +123,7 @@ func ActionServe(c *cli.Context) error { // Start ssh server go func() { loggers.rootLogger.Info("Starting SSH server") - if err := hs.ListenAndServe(); err != nil && err != ssh.ErrServerClosed { + if err := hs.ListenAndServe(); err != nil && err != sshlib.ErrServerClosed { loggers.rootLogger.Warnw("SSH server returned error", "error", err) } }() diff --git a/honeypot/ssh/Geoacumen-Country.mmdb b/honeypot/ssh/Geoacumen-Country.mmdb new file mode 100644 index 0000000..dc32ed1 Binary files /dev/null and b/honeypot/ssh/Geoacumen-Country.mmdb differ diff --git a/honeypot/actions.go b/honeypot/ssh/actions.go similarity index 92% rename from honeypot/actions.go rename to honeypot/ssh/actions.go index 8df36da..eae4d06 100644 --- a/honeypot/actions.go +++ b/honeypot/ssh/actions.go @@ -1,4 +1,4 @@ -package honeypot +package ssh type ActionType int diff --git a/honeypot/conn.go b/honeypot/ssh/conn.go similarity index 98% rename from honeypot/conn.go rename to honeypot/ssh/conn.go index 8f5ae4f..919a811 100644 --- a/honeypot/conn.go +++ b/honeypot/ssh/conn.go @@ -1,4 +1,4 @@ -package honeypot +package ssh import ( "net" diff --git a/honeypot/geolocate.go b/honeypot/ssh/geolocate.go similarity index 97% rename from honeypot/geolocate.go rename to honeypot/ssh/geolocate.go index d5baa60..8c0736e 100644 --- a/honeypot/geolocate.go +++ b/honeypot/ssh/geolocate.go @@ -1,4 +1,4 @@ -package honeypot +package ssh import ( _ "embed" diff --git a/honeypot/server.go b/honeypot/ssh/server.go similarity index 88% rename from honeypot/server.go rename to honeypot/ssh/server.go index a08a2d5..0049c8a 100644 --- a/honeypot/server.go +++ b/honeypot/ssh/server.go @@ -1,4 +1,4 @@ -package honeypot +package ssh import ( "context" @@ -12,9 +12,9 @@ import ( "github.uio.no/torjus/apiary/config" - "github.com/gliderlabs/ssh" + sshlib "github.com/gliderlabs/ssh" "github.com/google/uuid" - "github.uio.no/torjus/apiary/honeypot/store" + "github.uio.no/torjus/apiary/honeypot/ssh/store" "github.uio.no/torjus/apiary/models" "go.uber.org/zap" ) @@ -22,7 +22,7 @@ import ( type HoneypotServer struct { Logger *zap.SugaredLogger - sshServer *ssh.Server + sshServer *sshlib.Server attemptStore store.LoginAttemptStore attemptsCallbacks []func(l models.LoginAttempt) @@ -35,7 +35,7 @@ func NewHoneypotServer(cfg config.HoneypotConfig, store store.LoginAttemptStore) hs.attemptStore = store hs.Logger = zap.NewNop().Sugar() - hs.sshServer = &ssh.Server{ + hs.sshServer = &sshlib.Server{ Addr: cfg.ListenAddr, PasswordHandler: hs.passwordHandler, ConnCallback: hs.connCallback, @@ -75,7 +75,7 @@ func (hs *HoneypotServer) AddLoginCallback(c func(l models.LoginAttempt)) { hs.attemptsCallbacks = append(hs.attemptsCallbacks, c) } -func (hs *HoneypotServer) passwordHandler(ctx ssh.Context, password string) bool { +func (hs *HoneypotServer) passwordHandler(ctx sshlib.Context, password string) bool { sessUUID, ok := ctx.Value("uuid").(uuid.UUID) if !ok { hs.Logger.Warn("Unable to get session UUID") @@ -114,7 +114,7 @@ func (hs *HoneypotServer) passwordHandler(ctx ssh.Context, password string) bool return false } -func (s *HoneypotServer) connCallback(ctx ssh.Context, conn net.Conn) net.Conn { +func (s *HoneypotServer) connCallback(ctx sshlib.Context, conn net.Conn) net.Conn { throttledConn := newThrottledConn(conn) throttledConn.SetSpeed(s.throttleSpeed) ctx.SetValue("uuid", throttledConn.ID) @@ -122,7 +122,7 @@ func (s *HoneypotServer) connCallback(ctx ssh.Context, conn net.Conn) net.Conn { return throttledConn } -func handler(session ssh.Session) { +func handler(session sshlib.Session) { _, _ = io.WriteString(session, "[root@hostname ~]#") session.Exit(1) } diff --git a/honeypot/store/cache.go b/honeypot/ssh/store/cache.go similarity index 100% rename from honeypot/store/cache.go rename to honeypot/ssh/store/cache.go diff --git a/honeypot/store/cache_test.go b/honeypot/ssh/store/cache_test.go similarity index 78% rename from honeypot/store/cache_test.go rename to honeypot/ssh/store/cache_test.go index 460ac68..2334467 100644 --- a/honeypot/store/cache_test.go +++ b/honeypot/ssh/store/cache_test.go @@ -3,7 +3,7 @@ package store_test import ( "testing" - "github.uio.no/torjus/apiary/honeypot/store" + "github.uio.no/torjus/apiary/honeypot/ssh/store" ) func TestCacheStore(t *testing.T) { diff --git a/honeypot/store/memory.go b/honeypot/ssh/store/memory.go similarity index 100% rename from honeypot/store/memory.go rename to honeypot/ssh/store/memory.go diff --git a/honeypot/store/memory_test.go b/honeypot/ssh/store/memory_test.go similarity index 85% rename from honeypot/store/memory_test.go rename to honeypot/ssh/store/memory_test.go index 810a962..604f213 100644 --- a/honeypot/store/memory_test.go +++ b/honeypot/ssh/store/memory_test.go @@ -3,7 +3,7 @@ package store_test import ( "testing" - "github.uio.no/torjus/apiary/honeypot/store" + "github.uio.no/torjus/apiary/honeypot/ssh/store" ) func TestMemoryStore(t *testing.T) { diff --git a/honeypot/store/postgres.go b/honeypot/ssh/store/postgres.go similarity index 100% rename from honeypot/store/postgres.go rename to honeypot/ssh/store/postgres.go diff --git a/honeypot/store/postgres_test.go b/honeypot/ssh/store/postgres_test.go similarity index 95% rename from honeypot/store/postgres_test.go rename to honeypot/ssh/store/postgres_test.go index c05ce1a..41f7250 100644 --- a/honeypot/store/postgres_test.go +++ b/honeypot/ssh/store/postgres_test.go @@ -5,7 +5,7 @@ import ( "os" "testing" - "github.uio.no/torjus/apiary/honeypot/store" + "github.uio.no/torjus/apiary/honeypot/ssh/store" ) func TestPostgresStore(t *testing.T) { diff --git a/honeypot/store/store.go b/honeypot/ssh/store/store.go similarity index 100% rename from honeypot/store/store.go rename to honeypot/ssh/store/store.go diff --git a/honeypot/store/store_test.go b/honeypot/ssh/store/store_test.go similarity index 99% rename from honeypot/store/store_test.go rename to honeypot/ssh/store/store_test.go index fd99a16..eb98697 100644 --- a/honeypot/store/store_test.go +++ b/honeypot/ssh/store/store_test.go @@ -7,7 +7,7 @@ import ( "time" "github.com/google/uuid" - "github.uio.no/torjus/apiary/honeypot/store" + "github.uio.no/torjus/apiary/honeypot/ssh/store" "github.uio.no/torjus/apiary/models" ) diff --git a/web/server.go b/web/server.go index e2203a9..d62cf7c 100644 --- a/web/server.go +++ b/web/server.go @@ -16,8 +16,8 @@ import ( "github.com/google/uuid" "github.uio.no/torjus/apiary" "github.uio.no/torjus/apiary/config" - "github.uio.no/torjus/apiary/honeypot" - "github.uio.no/torjus/apiary/honeypot/store" + "github.uio.no/torjus/apiary/honeypot/ssh" + "github.uio.no/torjus/apiary/honeypot/ssh/store" "github.uio.no/torjus/apiary/models" "go.uber.org/zap" "golang.org/x/crypto/acme/autocert" @@ -31,7 +31,7 @@ type Server struct { cfg config.FrontendConfig - honeypotServer *honeypot.HoneypotServer + honeypotServer *ssh.HoneypotServer store store.LoginAttemptStore ServerLogger *zap.SugaredLogger @@ -42,7 +42,7 @@ type Server struct { streamContext context.Context } -func NewServer(cfg config.FrontendConfig, hs *honeypot.HoneypotServer, store store.LoginAttemptStore) *Server { +func NewServer(cfg config.FrontendConfig, hs *ssh.HoneypotServer, store store.LoginAttemptStore) *Server { s := &Server{ ServerLogger: zap.NewNop().Sugar(), AccessLogger: zap.NewNop().Sugar(),