|
|
@ -5,7 +5,7 @@ import (
|
|
|
|
"b612.me/starlog"
|
|
|
|
"b612.me/starlog"
|
|
|
|
"b612.me/starnet"
|
|
|
|
"b612.me/starnet"
|
|
|
|
"crypto/elliptic"
|
|
|
|
"crypto/elliptic"
|
|
|
|
"encoding/json"
|
|
|
|
"encoding/csv"
|
|
|
|
"fmt"
|
|
|
|
"fmt"
|
|
|
|
"github.com/spf13/cobra"
|
|
|
|
"github.com/spf13/cobra"
|
|
|
|
"golang.org/x/crypto/ssh"
|
|
|
|
"golang.org/x/crypto/ssh"
|
|
|
@ -13,15 +13,17 @@ import (
|
|
|
|
"os"
|
|
|
|
"os"
|
|
|
|
"os/signal"
|
|
|
|
"os/signal"
|
|
|
|
"strings"
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"time"
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
var (
|
|
|
|
var (
|
|
|
|
listenAddr string
|
|
|
|
listenAddr string
|
|
|
|
keyFile string
|
|
|
|
keyFile string
|
|
|
|
KeyPasswd string
|
|
|
|
KeyPasswd string
|
|
|
|
outpath string
|
|
|
|
outpath string
|
|
|
|
curlUrl string
|
|
|
|
curlUrl string
|
|
|
|
curlArg []string
|
|
|
|
serverVersion string
|
|
|
|
|
|
|
|
curlArg []string
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
func init() {
|
|
|
@ -29,6 +31,7 @@ func init() {
|
|
|
|
cmdSSHJar.Flags().StringVarP(&keyFile, "key", "k", "", "私钥文件")
|
|
|
|
cmdSSHJar.Flags().StringVarP(&keyFile, "key", "k", "", "私钥文件")
|
|
|
|
cmdSSHJar.Flags().StringVarP(&KeyPasswd, "passwd", "p", "", "私钥密码")
|
|
|
|
cmdSSHJar.Flags().StringVarP(&KeyPasswd, "passwd", "p", "", "私钥密码")
|
|
|
|
cmdSSHJar.Flags().StringVarP(&outpath, "output", "o", "", "输出文件")
|
|
|
|
cmdSSHJar.Flags().StringVarP(&outpath, "output", "o", "", "输出文件")
|
|
|
|
|
|
|
|
cmdSSHJar.Flags().StringVarP(&serverVersion, "version", "v", "OpenSSH", "SSH版本")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var cmdSSHJar = &cobra.Command{
|
|
|
|
var cmdSSHJar = &cobra.Command{
|
|
|
@ -36,11 +39,11 @@ var cmdSSHJar = &cobra.Command{
|
|
|
|
Short: "SSH蜜罐",
|
|
|
|
Short: "SSH蜜罐",
|
|
|
|
Long: "SSH蜜罐",
|
|
|
|
Long: "SSH蜜罐",
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
|
|
runSSHHoneyJar(listenAddr, keyFile, KeyPasswd, outpath)
|
|
|
|
runSSHHoneyJar(listenAddr, keyFile, KeyPasswd, outpath, serverVersion)
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func runSSHHoneyJar(listenAddr, keyFile, KeyPasswd, outpath string) {
|
|
|
|
func runSSHHoneyJar(listenAddr, keyFile, KeyPasswd, outpath, version string) {
|
|
|
|
var f *os.File
|
|
|
|
var f *os.File
|
|
|
|
var err error
|
|
|
|
var err error
|
|
|
|
if outpath != "" {
|
|
|
|
if outpath != "" {
|
|
|
@ -50,16 +53,17 @@ func runSSHHoneyJar(listenAddr, keyFile, KeyPasswd, outpath string) {
|
|
|
|
return
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
conn := csv.NewWriter(f)
|
|
|
|
defer f.Close()
|
|
|
|
defer f.Close()
|
|
|
|
|
|
|
|
defer conn.Flush()
|
|
|
|
config := &ssh.ServerConfig{
|
|
|
|
config := &ssh.ServerConfig{
|
|
|
|
|
|
|
|
ServerVersion: version,
|
|
|
|
// 密码验证回调函数
|
|
|
|
// 密码验证回调函数
|
|
|
|
PasswordCallback: func(c ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) {
|
|
|
|
PasswordCallback: func(c ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) {
|
|
|
|
starlog.Infof("Login attempt from %s with %s %s\n", c.RemoteAddr(), c.User(), string(pass))
|
|
|
|
starlog.Infof("Login attempt from %s with %s %s\n", c.RemoteAddr(), c.User(), string(pass))
|
|
|
|
data := []string{c.RemoteAddr().String(), c.User(), string(pass)}
|
|
|
|
data := []string{time.Now().Format("2006-01-02 15:04:05"), c.RemoteAddr().String(), c.User(), string(pass)}
|
|
|
|
bts, _ := json.Marshal(data)
|
|
|
|
|
|
|
|
if f != nil {
|
|
|
|
if f != nil {
|
|
|
|
f.Write(bts)
|
|
|
|
conn.Write(data)
|
|
|
|
f.Write([]byte("\n"))
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if curlUrl != "" {
|
|
|
|
if curlUrl != "" {
|
|
|
|
go func() {
|
|
|
|
go func() {
|
|
|
|