snxraven/honeypeer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Raven Scott 2024-07-10 05:52:41 -04:00
commit df3490f0c7
2 changed files with 255 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

195
client.js Normal file
View File

@ -0,0 +1,195 @@
const node = require('hyper-ipc-secure')();
const crypto = require('hypercore-crypto');
const fs = require('fs');
const { exec } = require('child_process');
const net = require('net');
const http = require('http');
const ftpd = require('ftpd');
const TelnetServer = require('telnet');
const smtpServer = require('smtp-server').SMTPServer;
const dns = require('native-dns');
// Generate key pair and save to file if it doesn't exist
if (!fs.existsSync('kp.json')) {
const kp = crypto.keyPair();
fs.writeFileSync('kp.json', JSON.stringify({
publicKey: kp.publicKey.toString('hex'),
secretKey: kp.secretKey.toString('hex')
}));
}
const kp = JSON.parse(fs.readFileSync('kp.json'));
kp.publicKey = Buffer.from(kp.publicKey, 'hex');
kp.secretKey = Buffer.from(kp.secretKey, 'hex');
// Server public key (should be securely shared or known)
const serverPublicKey = '7c5b0b674e1af93a4df37a86ebc2cd58666c45fb46a78bbd02f198bbcf345f4c'; // Ensure this matches the server public key
// Register client with the server
async function registerClient() {
try {
console.log('Attempting to register client...');
console.log(`Server public key: ${serverPublicKey}`);
console.log(`Client public key: ${kp.publicKey.toString('hex')}`);
const result = await node.run(Buffer.from(serverPublicKey, 'hex'), 'register.client', { publicKey: kp.publicKey.toString('hex') });
console.log('Client registered with the server');
console.log(result);
} catch (e) {
console.error('Failed to register client:', e.message);
}
}
// Simulate honeypots and report attacks
function setupHoneypots() {
// SSH Honeypot
const sshServer = net.createServer((socket) => {
const attackerIP = socket.remoteAddress;
const timestamp = new Date();
console.log(`SSH attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'SSH',
ip: attackerIP,
timestamp,
data: 'SSH connection attempt'
});
socket.end();
}).listen(2222, () => console.log('SSH Honeypot running on port 2222'));
// HTTP Honeypot
const httpServer = http.createServer((req, res) => {
const attackerIP = req.connection.remoteAddress;
const timestamp = new Date();
console.log(`HTTP attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'HTTP',
ip: attackerIP,
timestamp,
data: `HTTP request: ${req.method} ${req.url}`
});
res.end('Honeypot');
}).listen(88, () => console.log('HTTP Honeypot running on port 88'));
// FTP Honeypot
const ftpServer = new ftpd.FtpServer('0.0.0.0', {
getInitialCwd: () => '/',
getRoot: () => '/'
});
ftpServer.on('client:connected', (connection) => {
const attackerIP = connection.socket.remoteAddress;
const timestamp = new Date();
console.log(`FTP attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'FTP',
ip: attackerIP,
timestamp,
data: 'FTP connection attempt'
});
});
ftpServer.listen(21);
console.log('FTP Honeypot running on port 21');
// Telnet Honeypot
const telnetServer = new TelnetServer({ shellPrompt: '/ # ' });
telnetServer.on('client', (client) => {
const attackerIP = client.socket.remoteAddress;
const timestamp = new Date();
console.log(`Telnet attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'Telnet',
ip: attackerIP,
timestamp,
data: 'Telnet connection attempt'
});
client.on('data', (data) => {
console.log(`Received Telnet data: ${data.toString()}`);
reportAttack({
service: 'Telnet',
ip: attackerIP,
timestamp: new Date(),
data: `Telnet data: ${data.toString()}`
});
});
client.end();
});
telnetServer.listen(23);
console.log('Telnet Honeypot running on port 23');
// SMTP Honeypot
const smtp = new smtpServer({
onData(stream, session, callback) {
let emailData = '';
stream.on('data', (chunk) => {
emailData += chunk;
});
stream.on('end', () => {
const attackerIP = session.remoteAddress;
const timestamp = new Date();
console.log(`SMTP attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'SMTP',
ip: attackerIP,
timestamp,
data: `SMTP data: ${emailData}`
});
callback();
});
}
});
smtp.listen(25, () => console.log('SMTP Honeypot running on port 25'));
// DNS Honeypot
const dnsServer = dns.createServer();
dnsServer.on('request', (request, response) => {
const attackerIP = request.address.address;
const timestamp = new Date();
console.log(`DNS attack detected from IP: ${attackerIP}`);
reportAttack({
service: 'DNS',
ip: attackerIP,
timestamp,
data: `DNS request: ${request.question[0].name}`
});
response.answer.push(dns.A({
name: request.question[0].name,
address: '127.0.0.1',
ttl: 600,
}));
response.send();
});
dnsServer.serve(53);
console.log('DNS Honeypot running on port 53');
}
// Report attack to the server
async function reportAttack(details) {
try {
console.log(`Reporting attack: ${JSON.stringify(details)}`);
const result = await node.run(Buffer.from(serverPublicKey, 'hex'), 'report.attack', { details });
console.log('Reported attack to server:', result);
} catch (e) {
console.error('Failed to report attack:', e.message);
}
}
// Define ban IP service
node.serve(kp, 'ban.ip', async (args) => {
const ipToBan = args.ip;
console.log(`Received ban command for IP: ${ipToBan}`);
exec(`csf -d ${ipToBan}`, (error, stdout, stderr) => {
if (error) {
console.error(`Error executing ban command: ${error.message}`);
return;
}
if (stderr) {
console.error(`Command stderr: ${stderr}`);
return;
}
console.log(`Ban command executed: ${stdout}`);
});
return { status: 'banned', ip: ipToBan };
});
// Start the client
console.log('Client is running...');
registerClient();
setupHoneypots();

60
server.js Normal file
View File

@ -0,0 +1,60 @@
const node = require('hyper-ipc-secure')();
const crypto = require('hypercore-crypto');
const fs = require('fs');
// Generate key pair and save to file if it doesn't exist
if (!fs.existsSync('kp.json')) {
const kp = crypto.keyPair();
fs.writeFileSync('kp.json', JSON.stringify({
publicKey: kp.publicKey.toString('hex'),
secretKey: kp.secretKey.toString('hex')
}));
}
// Read key pair from file
const kp = JSON.parse(fs.readFileSync('kp.json'));
kp.publicKey = Buffer.from(kp.publicKey, 'hex');
kp.secretKey = Buffer.from(kp.secretKey, 'hex');
// Store clients
let clients = [];
// Function to extract IPv4 address from potential IPv6 format
function extractIPv4(ip) {
const ipv4Match = ip.match(/(\d{1,3}\.){3}\d{1,3}/);
return ipv4Match ? ipv4Match[0] : ip;
}
// Define services
node.serve(kp, 'report.attack', async (args) => {
const attackDetails = args.details;
console.log(`Received attack report from client. Details: ${JSON.stringify(attackDetails, null, 2)}`);
// Extract and use IPv4 address
const attackerIP = extractIPv4(attackDetails.ip);
for (const client of clients) {
try {
await node.run(client, 'ban.ip', { ip: attackerIP });
console.log(`Sent ban command to client for IP: ${attackerIP}`);
} catch (e) {
console.error(`Failed to send ban command to client: ${e.message}`);
}
}
return { status: 'ban commands sent' };
});
node.serve(kp, 'register.client', async (args) => {
try {
console.log('Received register client request:', args);
const clientPublicKey = Buffer.from(args.publicKey, 'hex');
clients.push(clientPublicKey);
console.log(`Client registered: ${args.publicKey}`);
return { status: 'registered' };
} catch (e) {
console.error('Failed to register client:', e.message);
return { status: 'error', message: e.message };
}
});
// Start the server
// Add server start logic if required