first commit
This commit is contained in:
commit
df3490f0c7
195
client.js
Normal file
195
client.js
Normal file
@ -0,0 +1,195 @@
|
||||
const node = require('hyper-ipc-secure')();
|
||||
const crypto = require('hypercore-crypto');
|
||||
const fs = require('fs');
|
||||
const { exec } = require('child_process');
|
||||
const net = require('net');
|
||||
const http = require('http');
|
||||
const ftpd = require('ftpd');
|
||||
const TelnetServer = require('telnet');
|
||||
const smtpServer = require('smtp-server').SMTPServer;
|
||||
const dns = require('native-dns');
|
||||
|
||||
// Generate key pair and save to file if it doesn't exist
|
||||
if (!fs.existsSync('kp.json')) {
|
||||
const kp = crypto.keyPair();
|
||||
fs.writeFileSync('kp.json', JSON.stringify({
|
||||
publicKey: kp.publicKey.toString('hex'),
|
||||
secretKey: kp.secretKey.toString('hex')
|
||||
}));
|
||||
}
|
||||
|
||||
const kp = JSON.parse(fs.readFileSync('kp.json'));
|
||||
kp.publicKey = Buffer.from(kp.publicKey, 'hex');
|
||||
kp.secretKey = Buffer.from(kp.secretKey, 'hex');
|
||||
// Server public key (should be securely shared or known)
|
||||
const serverPublicKey = '7c5b0b674e1af93a4df37a86ebc2cd58666c45fb46a78bbd02f198bbcf345f4c'; // Ensure this matches the server public key
|
||||
|
||||
// Register client with the server
|
||||
async function registerClient() {
|
||||
try {
|
||||
console.log('Attempting to register client...');
|
||||
console.log(`Server public key: ${serverPublicKey}`);
|
||||
console.log(`Client public key: ${kp.publicKey.toString('hex')}`);
|
||||
|
||||
const result = await node.run(Buffer.from(serverPublicKey, 'hex'), 'register.client', { publicKey: kp.publicKey.toString('hex') });
|
||||
console.log('Client registered with the server');
|
||||
console.log(result);
|
||||
} catch (e) {
|
||||
console.error('Failed to register client:', e.message);
|
||||
}
|
||||
}
|
||||
|
||||
// Simulate honeypots and report attacks
|
||||
function setupHoneypots() {
|
||||
// SSH Honeypot
|
||||
const sshServer = net.createServer((socket) => {
|
||||
const attackerIP = socket.remoteAddress;
|
||||
const timestamp = new Date();
|
||||
console.log(`SSH attack detected from IP: ${attackerIP}`);
|
||||
reportAttack({
|
||||
service: 'SSH',
|
||||
ip: attackerIP,
|
||||
timestamp,
|
||||
data: 'SSH connection attempt'
|
||||
});
|
||||
socket.end();
|
||||
}).listen(2222, () => console.log('SSH Honeypot running on port 2222'));
|
||||
|
||||
// HTTP Honeypot
|
||||
const httpServer = http.createServer((req, res) => {
|
||||
const attackerIP = req.connection.remoteAddress;
|
||||
const timestamp = new Date();
|
||||
console.log(`HTTP attack detected from IP: ${attackerIP}`);
|
||||
reportAttack({
|
||||
service: 'HTTP',
|
||||
ip: attackerIP,
|
||||
timestamp,
|
||||
data: `HTTP request: ${req.method} ${req.url}`
|
||||
});
|
||||
res.end('Honeypot');
|
||||
}).listen(88, () => console.log('HTTP Honeypot running on port 88'));
|
||||
|
||||
// FTP Honeypot
|
||||
const ftpServer = new ftpd.FtpServer('0.0.0.0', {
|
||||
getInitialCwd: () => '/',
|
||||
getRoot: () => '/'
|
||||
});
|
||||
ftpServer.on('client:connected', (connection) => {
|
||||
const attackerIP = connection.socket.remoteAddress;
|
||||
const timestamp = new Date();
|
||||
console.log(`FTP attack detected from IP: ${attackerIP}`);
|
||||
reportAttack({
|
||||
service: 'FTP',
|
||||
ip: attackerIP,
|
||||
timestamp,
|
||||
data: 'FTP connection attempt'
|
||||
});
|
||||
});
|
||||
ftpServer.listen(21);
|
||||
console.log('FTP Honeypot running on port 21');
|
||||
|
||||
// Telnet Honeypot
|
||||
const telnetServer = new TelnetServer({ shellPrompt: '/ # ' });
|
||||
telnetServer.on('client', (client) => {
|
||||
const attackerIP = client.socket.remoteAddress;
|
||||
const timestamp = new Date();
|
||||
console.log(`Telnet attack detected from IP: ${attackerIP}`);
|
||||
reportAttack({
|
||||
service: 'Telnet',
|
||||
ip: attackerIP,
|
||||
timestamp,
|
||||
data: 'Telnet connection attempt'
|
||||
});
|
||||
client.on('data', (data) => {
|
||||
console.log(`Received Telnet data: ${data.toString()}`);
|
||||
reportAttack({
|
||||
service: 'Telnet',
|
||||
ip: attackerIP,
|
||||
timestamp: new Date(),
|
||||
data: `Telnet data: ${data.toString()}`
|
||||
});
|
||||
});
|
||||
client.end();
|
||||
});
|
||||
telnetServer.listen(23);
|
||||
console.log('Telnet Honeypot running on port 23');
|
||||
|
||||
// SMTP Honeypot
|
||||
const smtp = new smtpServer({
|
||||
onData(stream, session, callback) {
|
||||
let emailData = '';
|
||||
stream.on('data', (chunk) => {
|
||||
emailData += chunk;
|
||||
});
|
||||
stream.on('end', () => {
|
||||
const attackerIP = session.remoteAddress;
|
||||
const timestamp = new Date();
|
||||
console.log(`SMTP attack detected from IP: ${attackerIP}`);
|
||||
reportAttack({
|
||||
service: 'SMTP',
|
||||
ip: attackerIP,
|
||||
timestamp,
|
||||
data: `SMTP data: ${emailData}`
|
||||
});
|
||||
callback();
|
||||
});
|
||||
}
|
||||
});
|
||||
smtp.listen(25, () => console.log('SMTP Honeypot running on port 25'));
|
||||
|
||||
// DNS Honeypot
|
||||
const dnsServer = dns.createServer();
|
||||
dnsServer.on('request', (request, response) => {
|
||||
const attackerIP = request.address.address;
|
||||
const timestamp = new Date();
|
||||
console.log(`DNS attack detected from IP: ${attackerIP}`);
|
||||
reportAttack({
|
||||
service: 'DNS',
|
||||
ip: attackerIP,
|
||||
timestamp,
|
||||
data: `DNS request: ${request.question[0].name}`
|
||||
});
|
||||
response.answer.push(dns.A({
|
||||
name: request.question[0].name,
|
||||
address: '127.0.0.1',
|
||||
ttl: 600,
|
||||
}));
|
||||
response.send();
|
||||
});
|
||||
dnsServer.serve(53);
|
||||
console.log('DNS Honeypot running on port 53');
|
||||
}
|
||||
|
||||
// Report attack to the server
|
||||
async function reportAttack(details) {
|
||||
try {
|
||||
console.log(`Reporting attack: ${JSON.stringify(details)}`);
|
||||
const result = await node.run(Buffer.from(serverPublicKey, 'hex'), 'report.attack', { details });
|
||||
console.log('Reported attack to server:', result);
|
||||
} catch (e) {
|
||||
console.error('Failed to report attack:', e.message);
|
||||
}
|
||||
}
|
||||
|
||||
// Define ban IP service
|
||||
node.serve(kp, 'ban.ip', async (args) => {
|
||||
const ipToBan = args.ip;
|
||||
console.log(`Received ban command for IP: ${ipToBan}`);
|
||||
exec(`csf -d ${ipToBan}`, (error, stdout, stderr) => {
|
||||
if (error) {
|
||||
console.error(`Error executing ban command: ${error.message}`);
|
||||
return;
|
||||
}
|
||||
if (stderr) {
|
||||
console.error(`Command stderr: ${stderr}`);
|
||||
return;
|
||||
}
|
||||
console.log(`Ban command executed: ${stdout}`);
|
||||
});
|
||||
return { status: 'banned', ip: ipToBan };
|
||||
});
|
||||
|
||||
// Start the client
|
||||
console.log('Client is running...');
|
||||
registerClient();
|
||||
setupHoneypots();
|
60
server.js
Normal file
60
server.js
Normal file
@ -0,0 +1,60 @@
|
||||
const node = require('hyper-ipc-secure')();
|
||||
const crypto = require('hypercore-crypto');
|
||||
const fs = require('fs');
|
||||
|
||||
// Generate key pair and save to file if it doesn't exist
|
||||
if (!fs.existsSync('kp.json')) {
|
||||
const kp = crypto.keyPair();
|
||||
fs.writeFileSync('kp.json', JSON.stringify({
|
||||
publicKey: kp.publicKey.toString('hex'),
|
||||
secretKey: kp.secretKey.toString('hex')
|
||||
}));
|
||||
}
|
||||
|
||||
// Read key pair from file
|
||||
const kp = JSON.parse(fs.readFileSync('kp.json'));
|
||||
kp.publicKey = Buffer.from(kp.publicKey, 'hex');
|
||||
kp.secretKey = Buffer.from(kp.secretKey, 'hex');
|
||||
|
||||
// Store clients
|
||||
let clients = [];
|
||||
|
||||
// Function to extract IPv4 address from potential IPv6 format
|
||||
function extractIPv4(ip) {
|
||||
const ipv4Match = ip.match(/(\d{1,3}\.){3}\d{1,3}/);
|
||||
return ipv4Match ? ipv4Match[0] : ip;
|
||||
}
|
||||
|
||||
// Define services
|
||||
node.serve(kp, 'report.attack', async (args) => {
|
||||
const attackDetails = args.details;
|
||||
console.log(`Received attack report from client. Details: ${JSON.stringify(attackDetails, null, 2)}`);
|
||||
|
||||
// Extract and use IPv4 address
|
||||
const attackerIP = extractIPv4(attackDetails.ip);
|
||||
for (const client of clients) {
|
||||
try {
|
||||
await node.run(client, 'ban.ip', { ip: attackerIP });
|
||||
console.log(`Sent ban command to client for IP: ${attackerIP}`);
|
||||
} catch (e) {
|
||||
console.error(`Failed to send ban command to client: ${e.message}`);
|
||||
}
|
||||
}
|
||||
return { status: 'ban commands sent' };
|
||||
});
|
||||
|
||||
node.serve(kp, 'register.client', async (args) => {
|
||||
try {
|
||||
console.log('Received register client request:', args);
|
||||
const clientPublicKey = Buffer.from(args.publicKey, 'hex');
|
||||
clients.push(clientPublicKey);
|
||||
console.log(`Client registered: ${args.publicKey}`);
|
||||
return { status: 'registered' };
|
||||
} catch (e) {
|
||||
console.error('Failed to register client:', e.message);
|
||||
return { status: 'error', message: e.message };
|
||||
}
|
||||
});
|
||||
|
||||
// Start the server
|
||||
// Add server start logic if required
|
Loading…
Reference in New Issue
Block a user