diff --git a/PLAN.md b/PLAN.md index 8ffe7b2..8901da1 100644 --- a/PLAN.md +++ b/PLAN.md @@ -191,11 +191,11 @@ Goal: Add the entertaining shell implementations. Goal: Make the web UI great and add operational niceties. -### 4.1 Enhanced Web UI -- GeoIP lookups and world map visualization of attack sources -- Charts: attempts over time, hourly patterns, credential trends -- Session detail view with full command log -- Filtering and search +### 4.1 Enhanced Web UI ✅ +- GeoIP lookups and world map visualization of attack sources ✅ +- Charts: attempts over time, hourly patterns, credential trends ✅ +- Session detail view with full command log ✅ +- Filtering and search ✅ ### 4.2 Operational ✅ - Prometheus metrics endpoint ✅ @@ -209,15 +209,15 @@ Goal: Make the web UI great and add operational niceties. - Store country/city with each attempt ✅ - Aggregate stats by country ✅ -### 4.4 Capture SSH Exec Commands +### 4.4 Capture SSH Exec Commands ✅ Many bots send a command directly via `ssh user@host ` (an SSH "exec" request) rather than requesting an interactive shell. Currently these are rejected and the command is lost. We should capture them. -- Handle `"exec"` request type in the server's request loop (alongside `"pty-req"` and `"shell"`) -- Parse the command string from the exec payload -- Add an `exec_command` column (nullable) to the `sessions` table via a new migration -- Store the command on the session record before closing the channel +- Handle `"exec"` request type in the server's request loop (alongside `"pty-req"` and `"shell"`) ✅ +- Parse the command string from the exec payload ✅ +- Add an `exec_command` column (nullable) to the `sessions` table via a new migration ✅ +- Store the command on the session record before closing the channel ✅ - Optionally return plausible fake output for common commands (e.g. `uname`, `id`, `cat /etc/passwd`) to encourage further interaction -- Surface exec commands in the web UI (session detail view) +- Surface exec commands in the web UI (session detail view) ✅ #### 4.4.1 Fake Exec Output Return plausible fake output for exec commands to encourage bots to interact further.