Add new option to set internet facing IP. If option is not set,

Kippo will attempt to determine it by itself
2026-01-02 05:44:28 +01:00 · 2015-01-27 11:01:06 +00:00
parent c25efa3e4c
commit e595eda866
2 changed files with 16 additions and 0 deletions
--- a/kippo.cfg.dist
+++ b/kippo.cfg.dist
@@ -115,6 +115,11 @@ sftp_enabled = true
 # (default: not specified)
 #fake_addr = 192.168.66.254

+# The IP address on which this machine reachable on from the internet.
+# Useful if you use portforwarding or other mechanisms. If empty, the kippo
+# will determine by itself. Used in 'netstat' output
+#internet_facing_ip = 9.9.9.9
+
 # SSH Version String
 #
 # Use this to disguise your honeypot from a simple SSH version scan
--- a/kippo/core/protocol.py
+++ b/kippo/core/protocol.py
@@ -4,6 +4,7 @@
 import os
 import time
 import struct
+import socket
 import copy

 from twisted.conch import recvline
@@ -43,6 +44,7 @@ class HoneyPotBaseProtocol(insults.TerminalProtocol):
        transport = self.terminal.transport.session.conn.transport

        self.realClientIP = transport.transport.getPeer().host
+        self.realClientPort = transport.transport.getPeer().port
        self.clientVersion = transport.otherVersionString
        self.logintime = transport.logintime
        self.ttylog_file = transport.ttylog_file
@@ -54,6 +56,15 @@ class HoneyPotBaseProtocol(insults.TerminalProtocol):
        else:
            self.clientIP = self.realClientIP

+        if cfg.has_option('honeypot', 'internet_facing_ip'):
+            self.kippoIP = cfg.get('honeypot', 'internet_facing_ip')
+        else:
+            # Hack to get ip
+            s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+            s.connect(("8.8.8.8",80))
+            self.kippoIP = s.getsockname()[0]
+            s.close()
+
    def displayMOTD(self):
        try:
            self.writeln(self.fs.file_contents('/etc/motd'))