first commit
This commit is contained in:
commit
df3490f0c7
195
client.js
Normal file
195
client.js
Normal file
@ -0,0 +1,195 @@
|
|||||||
|
const node = require('hyper-ipc-secure')();
|
||||||
|
const crypto = require('hypercore-crypto');
|
||||||
|
const fs = require('fs');
|
||||||
|
const { exec } = require('child_process');
|
||||||
|
const net = require('net');
|
||||||
|
const http = require('http');
|
||||||
|
const ftpd = require('ftpd');
|
||||||
|
const TelnetServer = require('telnet');
|
||||||
|
const smtpServer = require('smtp-server').SMTPServer;
|
||||||
|
const dns = require('native-dns');
|
||||||
|
|
||||||
|
// Generate key pair and save to file if it doesn't exist
|
||||||
|
if (!fs.existsSync('kp.json')) {
|
||||||
|
const kp = crypto.keyPair();
|
||||||
|
fs.writeFileSync('kp.json', JSON.stringify({
|
||||||
|
publicKey: kp.publicKey.toString('hex'),
|
||||||
|
secretKey: kp.secretKey.toString('hex')
|
||||||
|
}));
|
||||||
|
}
|
||||||
|
|
||||||
|
const kp = JSON.parse(fs.readFileSync('kp.json'));
|
||||||
|
kp.publicKey = Buffer.from(kp.publicKey, 'hex');
|
||||||
|
kp.secretKey = Buffer.from(kp.secretKey, 'hex');
|
||||||
|
// Server public key (should be securely shared or known)
|
||||||
|
const serverPublicKey = '7c5b0b674e1af93a4df37a86ebc2cd58666c45fb46a78bbd02f198bbcf345f4c'; // Ensure this matches the server public key
|
||||||
|
|
||||||
|
// Register client with the server
|
||||||
|
async function registerClient() {
|
||||||
|
try {
|
||||||
|
console.log('Attempting to register client...');
|
||||||
|
console.log(`Server public key: ${serverPublicKey}`);
|
||||||
|
console.log(`Client public key: ${kp.publicKey.toString('hex')}`);
|
||||||
|
|
||||||
|
const result = await node.run(Buffer.from(serverPublicKey, 'hex'), 'register.client', { publicKey: kp.publicKey.toString('hex') });
|
||||||
|
console.log('Client registered with the server');
|
||||||
|
console.log(result);
|
||||||
|
} catch (e) {
|
||||||
|
console.error('Failed to register client:', e.message);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Simulate honeypots and report attacks
|
||||||
|
function setupHoneypots() {
|
||||||
|
// SSH Honeypot
|
||||||
|
const sshServer = net.createServer((socket) => {
|
||||||
|
const attackerIP = socket.remoteAddress;
|
||||||
|
const timestamp = new Date();
|
||||||
|
console.log(`SSH attack detected from IP: ${attackerIP}`);
|
||||||
|
reportAttack({
|
||||||
|
service: 'SSH',
|
||||||
|
ip: attackerIP,
|
||||||
|
timestamp,
|
||||||
|
data: 'SSH connection attempt'
|
||||||
|
});
|
||||||
|
socket.end();
|
||||||
|
}).listen(2222, () => console.log('SSH Honeypot running on port 2222'));
|
||||||
|
|
||||||
|
// HTTP Honeypot
|
||||||
|
const httpServer = http.createServer((req, res) => {
|
||||||
|
const attackerIP = req.connection.remoteAddress;
|
||||||
|
const timestamp = new Date();
|
||||||
|
console.log(`HTTP attack detected from IP: ${attackerIP}`);
|
||||||
|
reportAttack({
|
||||||
|
service: 'HTTP',
|
||||||
|
ip: attackerIP,
|
||||||
|
timestamp,
|
||||||
|
data: `HTTP request: ${req.method} ${req.url}`
|
||||||
|
});
|
||||||
|
res.end('Honeypot');
|
||||||
|
}).listen(88, () => console.log('HTTP Honeypot running on port 88'));
|
||||||
|
|
||||||
|
// FTP Honeypot
|
||||||
|
const ftpServer = new ftpd.FtpServer('0.0.0.0', {
|
||||||
|
getInitialCwd: () => '/',
|
||||||
|
getRoot: () => '/'
|
||||||
|
});
|
||||||
|
ftpServer.on('client:connected', (connection) => {
|
||||||
|
const attackerIP = connection.socket.remoteAddress;
|
||||||
|
const timestamp = new Date();
|
||||||
|
console.log(`FTP attack detected from IP: ${attackerIP}`);
|
||||||
|
reportAttack({
|
||||||
|
service: 'FTP',
|
||||||
|
ip: attackerIP,
|
||||||
|
timestamp,
|
||||||
|
data: 'FTP connection attempt'
|
||||||
|
});
|
||||||
|
});
|
||||||
|
ftpServer.listen(21);
|
||||||
|
console.log('FTP Honeypot running on port 21');
|
||||||
|
|
||||||
|
// Telnet Honeypot
|
||||||
|
const telnetServer = new TelnetServer({ shellPrompt: '/ # ' });
|
||||||
|
telnetServer.on('client', (client) => {
|
||||||
|
const attackerIP = client.socket.remoteAddress;
|
||||||
|
const timestamp = new Date();
|
||||||
|
console.log(`Telnet attack detected from IP: ${attackerIP}`);
|
||||||
|
reportAttack({
|
||||||
|
service: 'Telnet',
|
||||||
|
ip: attackerIP,
|
||||||
|
timestamp,
|
||||||
|
data: 'Telnet connection attempt'
|
||||||
|
});
|
||||||
|
client.on('data', (data) => {
|
||||||
|
console.log(`Received Telnet data: ${data.toString()}`);
|
||||||
|
reportAttack({
|
||||||
|
service: 'Telnet',
|
||||||
|
ip: attackerIP,
|
||||||
|
timestamp: new Date(),
|
||||||
|
data: `Telnet data: ${data.toString()}`
|
||||||
|
});
|
||||||
|
});
|
||||||
|
client.end();
|
||||||
|
});
|
||||||
|
telnetServer.listen(23);
|
||||||
|
console.log('Telnet Honeypot running on port 23');
|
||||||
|
|
||||||
|
// SMTP Honeypot
|
||||||
|
const smtp = new smtpServer({
|
||||||
|
onData(stream, session, callback) {
|
||||||
|
let emailData = '';
|
||||||
|
stream.on('data', (chunk) => {
|
||||||
|
emailData += chunk;
|
||||||
|
});
|
||||||
|
stream.on('end', () => {
|
||||||
|
const attackerIP = session.remoteAddress;
|
||||||
|
const timestamp = new Date();
|
||||||
|
console.log(`SMTP attack detected from IP: ${attackerIP}`);
|
||||||
|
reportAttack({
|
||||||
|
service: 'SMTP',
|
||||||
|
ip: attackerIP,
|
||||||
|
timestamp,
|
||||||
|
data: `SMTP data: ${emailData}`
|
||||||
|
});
|
||||||
|
callback();
|
||||||
|
});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
smtp.listen(25, () => console.log('SMTP Honeypot running on port 25'));
|
||||||
|
|
||||||
|
// DNS Honeypot
|
||||||
|
const dnsServer = dns.createServer();
|
||||||
|
dnsServer.on('request', (request, response) => {
|
||||||
|
const attackerIP = request.address.address;
|
||||||
|
const timestamp = new Date();
|
||||||
|
console.log(`DNS attack detected from IP: ${attackerIP}`);
|
||||||
|
reportAttack({
|
||||||
|
service: 'DNS',
|
||||||
|
ip: attackerIP,
|
||||||
|
timestamp,
|
||||||
|
data: `DNS request: ${request.question[0].name}`
|
||||||
|
});
|
||||||
|
response.answer.push(dns.A({
|
||||||
|
name: request.question[0].name,
|
||||||
|
address: '127.0.0.1',
|
||||||
|
ttl: 600,
|
||||||
|
}));
|
||||||
|
response.send();
|
||||||
|
});
|
||||||
|
dnsServer.serve(53);
|
||||||
|
console.log('DNS Honeypot running on port 53');
|
||||||
|
}
|
||||||
|
|
||||||
|
// Report attack to the server
|
||||||
|
async function reportAttack(details) {
|
||||||
|
try {
|
||||||
|
console.log(`Reporting attack: ${JSON.stringify(details)}`);
|
||||||
|
const result = await node.run(Buffer.from(serverPublicKey, 'hex'), 'report.attack', { details });
|
||||||
|
console.log('Reported attack to server:', result);
|
||||||
|
} catch (e) {
|
||||||
|
console.error('Failed to report attack:', e.message);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Define ban IP service
|
||||||
|
node.serve(kp, 'ban.ip', async (args) => {
|
||||||
|
const ipToBan = args.ip;
|
||||||
|
console.log(`Received ban command for IP: ${ipToBan}`);
|
||||||
|
exec(`csf -d ${ipToBan}`, (error, stdout, stderr) => {
|
||||||
|
if (error) {
|
||||||
|
console.error(`Error executing ban command: ${error.message}`);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (stderr) {
|
||||||
|
console.error(`Command stderr: ${stderr}`);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
console.log(`Ban command executed: ${stdout}`);
|
||||||
|
});
|
||||||
|
return { status: 'banned', ip: ipToBan };
|
||||||
|
});
|
||||||
|
|
||||||
|
// Start the client
|
||||||
|
console.log('Client is running...');
|
||||||
|
registerClient();
|
||||||
|
setupHoneypots();
|
60
server.js
Normal file
60
server.js
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
const node = require('hyper-ipc-secure')();
|
||||||
|
const crypto = require('hypercore-crypto');
|
||||||
|
const fs = require('fs');
|
||||||
|
|
||||||
|
// Generate key pair and save to file if it doesn't exist
|
||||||
|
if (!fs.existsSync('kp.json')) {
|
||||||
|
const kp = crypto.keyPair();
|
||||||
|
fs.writeFileSync('kp.json', JSON.stringify({
|
||||||
|
publicKey: kp.publicKey.toString('hex'),
|
||||||
|
secretKey: kp.secretKey.toString('hex')
|
||||||
|
}));
|
||||||
|
}
|
||||||
|
|
||||||
|
// Read key pair from file
|
||||||
|
const kp = JSON.parse(fs.readFileSync('kp.json'));
|
||||||
|
kp.publicKey = Buffer.from(kp.publicKey, 'hex');
|
||||||
|
kp.secretKey = Buffer.from(kp.secretKey, 'hex');
|
||||||
|
|
||||||
|
// Store clients
|
||||||
|
let clients = [];
|
||||||
|
|
||||||
|
// Function to extract IPv4 address from potential IPv6 format
|
||||||
|
function extractIPv4(ip) {
|
||||||
|
const ipv4Match = ip.match(/(\d{1,3}\.){3}\d{1,3}/);
|
||||||
|
return ipv4Match ? ipv4Match[0] : ip;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Define services
|
||||||
|
node.serve(kp, 'report.attack', async (args) => {
|
||||||
|
const attackDetails = args.details;
|
||||||
|
console.log(`Received attack report from client. Details: ${JSON.stringify(attackDetails, null, 2)}`);
|
||||||
|
|
||||||
|
// Extract and use IPv4 address
|
||||||
|
const attackerIP = extractIPv4(attackDetails.ip);
|
||||||
|
for (const client of clients) {
|
||||||
|
try {
|
||||||
|
await node.run(client, 'ban.ip', { ip: attackerIP });
|
||||||
|
console.log(`Sent ban command to client for IP: ${attackerIP}`);
|
||||||
|
} catch (e) {
|
||||||
|
console.error(`Failed to send ban command to client: ${e.message}`);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return { status: 'ban commands sent' };
|
||||||
|
});
|
||||||
|
|
||||||
|
node.serve(kp, 'register.client', async (args) => {
|
||||||
|
try {
|
||||||
|
console.log('Received register client request:', args);
|
||||||
|
const clientPublicKey = Buffer.from(args.publicKey, 'hex');
|
||||||
|
clients.push(clientPublicKey);
|
||||||
|
console.log(`Client registered: ${args.publicKey}`);
|
||||||
|
return { status: 'registered' };
|
||||||
|
} catch (e) {
|
||||||
|
console.error('Failed to register client:', e.message);
|
||||||
|
return { status: 'error', message: e.message };
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
// Start the server
|
||||||
|
// Add server start logic if required
|
Loading…
Reference in New Issue
Block a user