snxraven/honeypeer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
df3490f0c7
honeypeer/client.js

195 lines
5.9 KiB
JavaScript
Raw Normal View History

first commit
2024-07-10 05:52:41 -04:00
const node = require('hyper-ipc-secure')();
const crypto = require('hypercore-crypto');
const fs = require('fs');
const { exec } = require('child_process');
const net = require('net');
const http = require('http');
const ftpd = require('ftpd');
const TelnetServer = require('telnet');
const smtpServer = require('smtp-server').SMTPServer;
const dns = require('native-dns');
// Generate key pair and save to file if it doesn't exist
if (!fs.existsSync('kp.json')) {
const kp = crypto.keyPair();
fs.writeFileSync('kp.json', JSON.stringify({
publicKey: kp.publicKey.toString('hex'),
secretKey: kp.secretKey.toString('hex')
}));
}
const kp = JSON.parse(fs.readFileSync('kp.json'));
kp.publicKey = Buffer.from(kp.publicKey, 'hex');
kp.secretKey = Buffer.from(kp.secretKey, 'hex');
// Server public key (should be securely shared or known)
const serverPublicKey = '7c5b0b674e1af93a4df37a86ebc2cd58666c45fb46a78bbd02f198bbcf345f4c'; // Ensure this matches the server public key
// Register client with the server
async function registerClient() {
try {
console.log('Attempting to register client...');
console.log(`Server public key: ${serverPublicKey}`);
console.log(`Client public key: ${kp.publicKey.toString('hex')}`);
const result = await node.run(Buffer.from(serverPublicKey, 'hex'), 'register.client', { publicKey: kp.publicKey.toString('hex') });
console.log('Client registered with the server');
console.log(result);
} catch (e) {
console.error('Failed to register client:', e.message);
}
}
// Simulate honeypots and report attacks
function setupHoneypots() {
// SSH Honeypot
const sshServer = net.createServer((socket) => {
const attackerIP = socket.remoteAddress;
const timestamp = new Date();
console.log(`SSH attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'SSH',
ip: attackerIP,
timestamp,
data: 'SSH connection attempt'
});
socket.end();
}).listen(2222, () => console.log('SSH Honeypot running on port 2222'));
// HTTP Honeypot
const httpServer = http.createServer((req, res) => {
const attackerIP = req.connection.remoteAddress;
const timestamp = new Date();
console.log(`HTTP attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'HTTP',
ip: attackerIP,
timestamp,
data: `HTTP request: ${req.method} ${req.url}`
});
res.end('Honeypot');
}).listen(88, () => console.log('HTTP Honeypot running on port 88'));
// FTP Honeypot
const ftpServer = new ftpd.FtpServer('0.0.0.0', {
getInitialCwd: () => '/',
getRoot: () => '/'
});
ftpServer.on('client:connected', (connection) => {
const attackerIP = connection.socket.remoteAddress;
const timestamp = new Date();
console.log(`FTP attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'FTP',
ip: attackerIP,
timestamp,
data: 'FTP connection attempt'
});
});
ftpServer.listen(21);
console.log('FTP Honeypot running on port 21');
// Telnet Honeypot
const telnetServer = new TelnetServer({ shellPrompt: '/ # ' });
telnetServer.on('client', (client) => {
const attackerIP = client.socket.remoteAddress;
const timestamp = new Date();
console.log(`Telnet attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'Telnet',
ip: attackerIP,
timestamp,
data: 'Telnet connection attempt'
});
client.on('data', (data) => {
console.log(`Received Telnet data: ${data.toString()}`);
reportAttack({
service: 'Telnet',
ip: attackerIP,
timestamp: new Date(),
data: `Telnet data: ${data.toString()}`
});
});
client.end();
});
telnetServer.listen(23);
console.log('Telnet Honeypot running on port 23');
// SMTP Honeypot
const smtp = new smtpServer({
onData(stream, session, callback) {
let emailData = '';
stream.on('data', (chunk) => {
emailData += chunk;
});
stream.on('end', () => {
const attackerIP = session.remoteAddress;
const timestamp = new Date();
console.log(`SMTP attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'SMTP',
ip: attackerIP,
timestamp,
data: `SMTP data: ${emailData}`
});
callback();
});
}
});
smtp.listen(25, () => console.log('SMTP Honeypot running on port 25'));
// DNS Honeypot
const dnsServer = dns.createServer();
dnsServer.on('request', (request, response) => {
const attackerIP = request.address.address;
const timestamp = new Date();
console.log(`DNS attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'DNS',
ip: attackerIP,
timestamp,
data: `DNS request: ${request.question[0].name}`
});
response.answer.push(dns.A({
name: request.question[0].name,
address: '127.0.0.1',
ttl: 600,
}));
response.send();
});
dnsServer.serve(53);
console.log('DNS Honeypot running on port 53');
}
// Report attack to the server
async function reportAttack(details) {
try {
console.log(`Reporting attack: ${JSON.stringify(details)}`);
const result = await node.run(Buffer.from(serverPublicKey, 'hex'), 'report.attack', { details });
console.log('Reported attack to server:', result);
} catch (e) {
console.error('Failed to report attack:', e.message);
}
}
// Define ban IP service
node.serve(kp, 'ban.ip', async (args) => {
const ipToBan = args.ip;
console.log(`Received ban command for IP: ${ipToBan}`);
exec(`csf -d ${ipToBan}`, (error, stdout, stderr) => {
if (error) {
console.error(`Error executing ban command: ${error.message}`);
return;
}
if (stderr) {
console.error(`Command stderr: ${stderr}`);
return;
}
console.log(`Ban command executed: ${stdout}`);
});
return { status: 'banned', ip: ipToBan };
});
// Start the client
console.log('Client is running...');
registerClient();
setupHoneypots();
Reference in New Issue Copy Permalink