add option to disable ssh

2025-12-17 22:14:19 +01:00 · 2016-09-23 19:55:34 +00:00
parent 910256686b
commit 12ec797bbb
2 changed files with 43 additions and 20 deletions
--- a/cowrie.cfg.dist
+++ b/cowrie.cfg.dist
@@ -245,6 +245,11 @@ forward_redirect_25 = 127.0.0.1:12525
 forward_redirect_587 = 127.0.0.1:12525
 [ssh]
 # Enable Telnet support, enabled by default
 enabled = true
 # ============================================================================
 # Telnet Specific Options
 # ============================================================================
--- a/twisted/plugins/cowrie_plugin.py
+++ b/twisted/plugins/cowrie_plugin.py
@@ -99,31 +99,49 @@ class CowrieServiceMaker(object):
            factory.portal.registerChecker(
                core.checkers.HoneypotNoneChecker())
-        if cfg.has_option('ssh', 'listen_addr'):
+        # ssh is enabled by default
-            listen_ssh_addr = cfg.get('ssh', 'listen_addr')
+        if cfg.has_option('ssh', 'enabled') == False or \
-        elif cfg.has_option('honeypot', 'listen_addr'):
+           (cfg.has_option('ssh', 'enabled') and \
-            listen_ssh_addr = cfg.get('honeypot', 'listen_addr')
+               cfg.getboolean('ssh', 'enabled') == True):
            enableSSH = True
        else:
-            listen_ssh_addr = '0.0.0.0'
+            enableSSH = False
        # Preference: 1, option, 2, config, 3, default of 2222
        if options['port'] != 0:
            listen_ssh_port = int(options["port"])
        elif cfg.has_option('ssh', 'listen_port'):
            listen_ssh_port = cfg.getint('ssh', 'listen_port')
        elif cfg.has_option('honeypot', 'listen_port'):
            listen_ssh_port = cfg.getint('honeypot', 'listen_port')
        else:
            listen_ssh_port = 2222
        for i in listen_ssh_addr.split():
            svc = internet.TCPServer(listen_ssh_port, factory, interface=i)
            # FIXME: Use addService on topService ?
            svc.setServiceParent(topService)
        # telnet is disabled by default
        if cfg.has_option('telnet', 'enabled') and \
                 cfg.getboolean('telnet', 'enabled') == True:
            enableTelnet = True
        else:
            enableTelnet = False
        if enableTelnet == False and enableSSH == False:
            print('ERROR: You must at least enable SSH or Telnet')
            sys.exit(1)
        if enableSSH:
            if cfg.has_option('ssh', 'listen_addr'):
                listen_ssh_addr = cfg.get('ssh', 'listen_addr')
            elif cfg.has_option('honeypot', 'listen_addr'):
                listen_ssh_addr = cfg.get('honeypot', 'listen_addr')
            else:
                listen_ssh_addr = '0.0.0.0'
            # Preference: 1, option, 2, config, 3, default of 2222
            if options['port'] != 0:
                listen_ssh_port = int(options["port"])
            elif cfg.has_option('ssh', 'listen_port'):
                listen_ssh_port = cfg.getint('ssh', 'listen_port')
            elif cfg.has_option('honeypot', 'listen_port'):
                listen_ssh_port = cfg.getint('honeypot', 'listen_port')
            else:
                listen_ssh_port = 2222
            for i in listen_ssh_addr.split():
                svc = internet.TCPServer(listen_ssh_port, factory, interface=i)
                # FIXME: Use addService on topService ?
                svc.setServiceParent(topService)
        if enableTelnet:
            if cfg.has_option('telnet', 'listen_addr'):
                listen_telnet_addr = cfg.get('telnet', 'listen_addr')
            else: