make telnet optional, small prompt fixes

2025-12-18 22:44:29 +01:00 · 2016-08-22 15:56:19 +04:00
parent 31bdc68b0d
commit 1602fa735a
4 changed files with 61 additions and 43 deletions
--- a/cowrie.cfg.dist
+++ b/cowrie.cfg.dist
@@ -248,22 +248,26 @@ forward_redirect_587 = 127.0.0.1:12525
 # ============================================================================
 # Telnet Specific Options
 # ============================================================================
+[telnet]
+
+# Enable Telnet support, disabled by default
+enabled = false

 # IP addresses to listen for incoming Telnet connections.
 #
 # (default: 0.0.0.0) = any IPv4 address
-#listen_telnet_addr = 0.0.0.0
+#listen_addr = 0.0.0.0
 # (use :: for listen to all IPv6 and IPv4 addresses)
-#listen_telnet_addr = ::
+#listen_addr = ::


 # Port to listen for incoming Telnet connections.
 #
 # (default: 2223)
-#listen_telnet_port = 2223
+#listen_port = 2223

 # Source Port to report in logs (useful if you use iptables to forward ports to Cowrie)
-#reported_telnet_port = 23
+#reported_port = 23


 # ============================================================================
--- a/cowrie/core/realm.py
+++ b/cowrie/core/realm.py
@@ -81,9 +81,9 @@ class HoneyPotRealm(object):
            user = avatar.CowrieUser(avatarId, serv)
            return interfaces[0], user, user.logout
        elif ITelnetProtocol in interfaces:
-            cs = server.CowrieServer(self)
-            av = session.HoneyPotTelnetSession(avatarId, cs)
-            return interfaces[0], av, lambda:None
+            serv = server.CowrieServer(self)
+            user = session.HoneyPotTelnetSession(avatarId, serv)
+            return interfaces[0], user, user.logout

        log.msg('No supported interfaces found.')
        # TODO: this exception doesn't raise for a reason I don't understand
--- a/cowrie/telnet/transport.py
+++ b/cowrie/telnet/transport.py
@@ -101,15 +101,20 @@ class HoneyPotTelnetFactory(protocol.ServerFactory):

 class HoneyPotTelnetAuthProtocol(AuthenticatingTelnetProtocol, TimeoutMixin):
    """
-    Telnet Transport that takes care of Authentication. Once authenticated this
-    transport is replaced with HoneyPotTelnetSession.
+    TelnetAuthProtocol that takes care of Authentication. Once authenticated this
+    protocol is replaced with HoneyPotTelnetSession.
    """

-    def connectionMade(self):
+    loginPrompt = 'login: '
+    passwordPrompt = 'Password: '

+    def connectionMade(self):
+        """
+        """
        self.transportId = uuid.uuid4().hex[:8]
        sessionno = self.transport.transport.sessionno
        self.factory.sessions[sessionno] = self.transportId
+        self.setTimeout(120)

        log.msg(eventid='cowrie.session.connect',
           format='New connection: %(src_ip)s:%(src_port)s (%(dst_ip)s:%(dst_port)s) [session: %(sessionno)s]',
@@ -120,10 +125,7 @@ class HoneyPotTelnetAuthProtocol(AuthenticatingTelnetProtocol, TimeoutMixin):
        # I need to doubly escape here since my underlying
        # StripCrTelnetTransport hack would remove it and leave just \n
        self.transport.write(self.factory.banner.replace('\n', '\r\r\n'))
-        # FIXME: this should be configurable or provided via filesystem
-        self.transport.write("User Access Verification\n\nUsername: ".replace('\n', '\r\r\n'))
-
-        self.setTimeout(120)
+        self.transport.write(self.loginPrompt)


    def connectionLost(self, reason):
@@ -145,10 +147,10 @@ class HoneyPotTelnetAuthProtocol(AuthenticatingTelnetProtocol, TimeoutMixin):
        """
        self.username = line
        # only send ECHO option if we are chatting with a real Telnet client
-        if self.transport.options:
-            self.transport.will(ECHO)
+        #if self.transport.options: <-- doesn't work
+        self.transport.will(ECHO)
        # FIXME: this should be configurable or provided via filesystem
-        self.transport.write("Password: ")
+        self.transport.write(self.passwordPrompt)
        return 'Password'


@@ -195,7 +197,12 @@ class HoneyPotTelnetAuthProtocol(AuthenticatingTelnetProtocol, TimeoutMixin):
        protocol.makeConnection(self.transport)
        self.transport.protocol = protocol

+
+    def _ebLogin(self, failure):
    # TODO: provide a way to have user configurable strings for wrong password
+        self.transport.write("\nLogin incorrect\n")
+        self.transport.write(self.loginPrompt)
+        self.state = "User"


 class StripCrTelnetTransport(TelnetTransport):
--- a/twisted/plugins/cowrie_plugin.py
+++ b/twisted/plugins/cowrie_plugin.py
@@ -100,16 +100,20 @@ class CowrieServiceMaker(object):
            factory.portal.registerChecker(
                core.checkers.HoneypotNoneChecker())

-        if cfg.has_option('honeypot', 'listen_ssh_addr'):
-            listen_ssh_addr = cfg.get('honeypot', 'listen_ssh_addr')
+        if cfg.has_option('ssh', 'listen_addr'):
+            listen_ssh_addr = cfg.get('ssh', 'listen_addr')
+        elif cfg.has_option('honeypot', 'listen_addr'):
+            listen_ssh_addr = cfg.get('honeypot', 'listen_addr')
        else:
            listen_ssh_addr = '0.0.0.0'

        # Preference: 1, option, 2, config, 3, default of 2222
        if options['port'] != 0:
            listen_ssh_port = int(options["port"])
-        elif cfg.has_option('honeypot', 'listen_ssh_port'):
-            listen_ssh_port = int(cfg.get('honeypot', 'listen_ssh_port'))
+        elif cfg.has_option('ssh', 'listen_port'):
+            listen_ssh_port = int(cfg.get('ssh', 'listen_port'))
+        elif cfg.has_option('honeypot', 'listen_port'):
+            listen_ssh_port = int(cfg.get('honeypot', 'listen_port'))
        else:
            listen_ssh_port = 2222

@@ -118,29 +122,32 @@ class CowrieServiceMaker(object):
            # FIXME: Use addService on topService ?
            svc.setServiceParent(topService)

-        # TODO deduplicate telnet and ssh into a generic loop for each service
-        if cfg.has_option('honeypot', 'listen_telnet_addr'):
-            listen_telnet_addr = cfg.get('honeypot', 'listen_telnet_addr')
-        else:
-            listen_telnet_addr = '0.0.0.0'
-
-        # Preference: 1, config, 2, default of 2223
-        if cfg.has_option('honeypot', 'listen_telnet_port'):
-            listen_telnet_port = int(cfg.get('honeypot', 'listen_telnet_port'))
-        else:
-            listen_telnet_port = 2223
-
-        f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
-        f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
-        f.portal.registerChecker(core.checkers.HoneypotPasswordChecker(cfg))
-        if cfg.has_option('honeypot', 'auth_none_enabled') and \
-                 cfg.get('honeypot', 'auth_none_enabled').lower() in \
+        if cfg.has_option('telnet', 'enabled') and \
+                 cfg.get('telnet', 'enabled').lower() in \
                 ('yes', 'true', 'on'):
-            f.portal.registerChecker(core.checkers.HoneypotNoneChecker())
-        for i in listen_telnet_addr.split():
-            tsvc = internet.TCPServer(listen_telnet_port, f, interface=i)
-            # FIXME: Use addService on topService ?
-            tsvc.setServiceParent(topService)
+
+            if cfg.has_option('telnet', 'listen_addr'):
+                listen_telnet_addr = cfg.get('telnet', 'listen_addr')
+            else:
+                listen_telnet_addr = '0.0.0.0'
+
+            # Preference: 1, config, 2, default of 2223
+            if cfg.has_option('telnet', 'listen_port'):
+                listen_telnet_port = int(cfg.get('telnet', 'listen_port'))
+            else:
+                listen_telnet_port = 2223
+
+            f = cowrie.telnet.transport.HoneyPotTelnetFactory(cfg)
+            f.portal = portal.Portal(core.realm.HoneyPotRealm(cfg))
+            f.portal.registerChecker(core.checkers.HoneypotPasswordChecker(cfg))
+            if cfg.has_option('honeypot', 'auth_none_enabled') and \
+                     cfg.get('honeypot', 'auth_none_enabled').lower() in \
+                     ('yes', 'true', 'on'):
+                f.portal.registerChecker(core.checkers.HoneypotNoneChecker())
+            for i in listen_telnet_addr.split():
+                tsvc = internet.TCPServer(listen_telnet_port, f, interface=i)
+                # FIXME: Use addService on topService ?
+                tsvc.setServiceParent(topService)

        if cfg.has_option('honeypot', 'interact_enabled') and \
                 cfg.get('honeypot', 'interact_enabled').lower() in \