update ssh config

2025-12-17 05:54:21 +01:00 · 2017-03-16 10:57:53 +04:00
parent dd6034a95c
commit 5133c0e99d
6 changed files with 52 additions and 50 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,4 @@
-
+* 2017-03-15 SSH Forwarding/SFTP/keys/version config have been moved to [ssh]. Change your config file!
 * 2017-02-12 Implemented toggle for SSH forwarding
 * 2016-08-22 Merged Telnet support by @obilodeau!
 * 2016-08-20 Update your libraries! 'configparser' now required: "pip install configparser"
--- a/cowrie.cfg.dist
+++ b/cowrie.cfg.dist
@@ -165,19 +165,27 @@ auth_class = UserDB
 # historical options in [honeypot] that have not yet been moved to [ssh]
 # ============================================================================
-
+# Source Port to report in logs (useful if you use iptables to forward ports to Cowrie)
-# IP addresses to listen for incoming SSH connections.
+#reported_ssh_port = 22
 #
 # (default: 0.0.0.0) = any IPv4 address
 #listen_addr = 0.0.0.0
 # (use :: for listen to all IPv6 and IPv4 addresses)
 #listen_addr = ::
-# Port to listen for incoming SSH connections.
+
-#
+# ============================================================================
-# (default: 2222)
+# SSH Specific Options
-#listen_port = 2222
+# ============================================================================
 [ssh]
 # Enable SSH support
 # (default: true)
 enabled = true
 # Public and private SSH key files. If these don't exist, they are created
 # automatically.
 rsa_public_key = etc/ssh_host_rsa_key.pub
 rsa_private_key = etc/ssh_host_rsa_key
 dsa_public_key = etc/ssh_host_dsa_key.pub
 dsa_private_key = etc/ssh_host_dsa_key
 # SSH Version String
@@ -205,36 +213,46 @@ auth_class = UserDB
 # SSH-2.0-OpenSSH_5.9
 #
 # (default: "SSH-2.0-SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2")
-ssh_version_string = SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2
+version = SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2
-# Source Port to report in logs (useful if you use iptables to forward ports to Cowrie)
+# IP addresses to listen for incoming SSH connections.
-#reported_ssh_port = 22
+#
 # (default: 0.0.0.0) = any IPv4 address
 #listen_addr = 0.0.0.0
 # (use :: for listen to all IPv6 and IPv4 addresses)
 #listen_addr = ::
-# Public and private SSH key files. If these don't exist, they are created
+# Port to listen for incoming SSH connections.
-# automatically.
+#
-rsa_public_key = data/ssh_host_rsa_key.pub
+# (default: 2222)
-rsa_private_key = data/ssh_host_rsa_key
+#listen_port = 2222
 dsa_public_key = data/ssh_host_dsa_key.pub
 dsa_private_key = data/ssh_host_dsa_key
 # sftp_enabled enables the sftp subsystem
 sftp_enabled = true
-# SSH forwarding
+# Enable SSH direct-tcpip forwarding
-# Useful for forwarding protocols to other honeypots
+# (default: true)
 forwarding = true
 # This enables redirecting forwarding requests to another address
-ssh_forward_redirect = false
+# Useful for forwarding protocols to other honeypots
 # (default: false)
 forward_redirect = false
 # Configure where to forward the data to.
 # forward_redirect_<portnumber> = <redirect ip>:<redirect port>
-forward_redirect_80 = 127.0.0.1:8080
+
 # Redirect http/https
 forward_redirect_80 = 127.0.0.1:8000
 forward_redirect_443 = 127.0.0.1:8443
-# If you want to record SMTP traffic, install SMTP honeypoint.
+
 # To record SMTP traffic, install an SMTP honeypoint.
 # (e.g https://github.com/awhitehatter/mailoney), run
 # python mailoney.py -s yahoo.com -t schizo_open_relay -p 12525
 forward_redirect_25 = 127.0.0.1:12525
@@ -242,22 +260,6 @@ forward_redirect_587 = 127.0.0.1:12525
 # ============================================================================
 # SSH Specific Options
 # ============================================================================
 [ssh]
 # Enable SSH support
 # (default: true)
 enabled = true
 # Enable SSH direct-tcpip forwarding
 # (default: true)
 forwarding = true
 # ============================================================================
 # Telnet Specific Options
 # ============================================================================
--- a/cowrie/core/avatar.py
+++ b/cowrie/core/avatar.py
@@ -43,7 +43,7 @@ class CowrieUser(avatar.ConchUser):
        # SFTP support enabled only when option is explicitly set
        try:
-            if self.cfg.getboolean('honeypot', 'sftp_enabled') == True:
+            if self.cfg.getboolean('ssh', 'sftp_enabled') == True:
                self.subsystemLookup['sftp'] = conchfiletransfer.FileTransferServer
        except ValueError as e:
            pass
--- a/cowrie/core/keys.py
+++ b/cowrie/core/keys.py
@@ -14,8 +14,8 @@ from twisted.python import log
 def getRSAKeys(cfg):
    """
    """
-    publicKeyFile = cfg.get('honeypot', 'rsa_public_key')
+    publicKeyFile = cfg.get('ssh', 'rsa_public_key')
-    privateKeyFile = cfg.get('honeypot', 'rsa_private_key')
+    privateKeyFile = cfg.get('ssh', 'rsa_private_key')
    if not (os.path.exists(publicKeyFile) and os.path.exists(privateKeyFile)):
        log.msg("Generating new RSA keypair...")
        from Crypto.PublicKey import RSA
@@ -40,8 +40,8 @@ def getRSAKeys(cfg):
 def getDSAKeys(cfg):
    """
    """
-    publicKeyFile = cfg.get('honeypot', 'dsa_public_key')
+    publicKeyFile = cfg.get('ssh', 'dsa_public_key')
-    privateKeyFile = cfg.get('honeypot', 'dsa_private_key')
+    privateKeyFile = cfg.get('ssh', 'dsa_private_key')
    if not (os.path.exists(publicKeyFile) and os.path.exists(privateKeyFile)):
        log.msg("Generating new DSA keypair...")
        from Crypto.PublicKey import DSA
--- a/cowrie/ssh/factory.py
+++ b/cowrie/ssh/factory.py
@@ -91,7 +91,7 @@ class CowrieSSHFactory(factory.SSHFactory):
        t = transport.HoneyPotSSHTransport()
        try:
-            t.ourVersionString = self.cfg.get('honeypot', 'ssh_version_string')
+            t.ourVersionString = self.cfg.get('ssh', 'version')
        except:
            t.ourVersionString = "SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2"
--- a/cowrie/ssh/forwarding.py
+++ b/cowrie/ssh/forwarding.py
@@ -23,7 +23,7 @@ def cowrieOpenConnectForwardingClient(remoteWindow, remoteMaxPacket, data, avata
    cfg = avatar.cfg
    try:
-        if cfg.getboolean('honeypot', 'ssh_forward_redirect') == True:
+        if cfg.getboolean('ssh', 'forward_redirect') == True:
            redirectEnabled = True
        else:
            redirectEnabled = False
@@ -32,7 +32,7 @@ def cowrieOpenConnectForwardingClient(remoteWindow, remoteMaxPacket, data, avata
    if redirectEnabled:
        redirects = {}
-        items = cfg.items('honeypot')
+        items = cfg.items('ssh')
        for i in items:
            if i[0].startswith('forward_redirect'):
                destPort = i[0].split('_')[-1]