From fd6c0022d01f6994d6b594ef721fe21349759c5a Mon Sep 17 00:00:00 2001 From: Bhasher Date: Tue, 26 Dec 2023 16:44:59 +0100 Subject: [PATCH] Initial commit --- .dockerignore | 3 ++ Dockerfile | 15 +++++++++ docker-compose.yaml | 5 +++ go.mod | 7 ++++ go.sum | 6 ++++ main.go | 81 +++++++++++++++++++++++++++++++++++++++++++++ 6 files changed, 117 insertions(+) create mode 100644 .dockerignore create mode 100644 Dockerfile create mode 100644 docker-compose.yaml create mode 100644 go.mod create mode 100644 go.sum create mode 100644 main.go diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..9ef7109 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,3 @@ +.dockerignore +Dockerfile +docker-compose.yaml \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..ac70471 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,15 @@ +FROM golang:1.21.5 AS builder + +WORKDIR /app + +COPY . . + +RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o ssh-honeypot . + +FROM alpine:latest + +WORKDIR /app + +COPY --from=builder /app/ssh-honeypot . + +ENTRYPOINT ["./ssh-honeypot"] diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..9a2e3af --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,5 @@ +services: + ssh-honeypot: + build: . + ports: + - "2222:22" diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..8b4db35 --- /dev/null +++ b/go.mod @@ -0,0 +1,7 @@ +module ssh-honeypot + +go 1.21.5 + +require golang.org/x/crypto v0.17.0 + +require golang.org/x/sys v0.15.0 diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..f71f446 --- /dev/null +++ b/go.sum @@ -0,0 +1,6 @@ +golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= +golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= +golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= diff --git a/main.go b/main.go new file mode 100644 index 0000000..c688ee7 --- /dev/null +++ b/main.go @@ -0,0 +1,81 @@ +package main + +import ( + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/pem" + "fmt" + "log" + "net" + "strconv" + "time" + + "golang.org/x/crypto/ssh" +) + +func main() { + + port := 22 + + key, err := generateKeyPair() + if err != nil { + log.Fatalf("Failed to generate key pair: %v", err) + } + + config := &ssh.ServerConfig{ + PasswordCallback: func(c ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) { + ip, _, err := net.SplitHostPort(c.RemoteAddr().String()) + if err != nil { + ip = c.RemoteAddr().String() + } + log.Printf("[%s] \"honeypot connection attempt: ssh - %s - %s - %s\"\n", time.Now().Format("2006-01-02 15:04:05.000"), ip, c.User(), string(pass)) + return nil, fmt.Errorf("password rejected for %q", c.User()) + }, + } + + config.AddHostKey(key) + + // Listen on port 22 + listener, err := net.Listen("tcp", "0.0.0.0:"+strconv.Itoa(port)) + if err != nil { + log.Fatalf("Failed to listen on port %d: %v", port, err) + } + log.Printf("Listening on port %d...", port) + + for { + conn, err := listener.Accept() + if err != nil { + log.Printf("Failed to accept incoming connection: %s", err) + continue + } + + go handleConn(conn, config) + } +} + +func generateKeyPair() (ssh.Signer, error) { + // Generate a new RSA private key + privateKey, err := rsa.GenerateKey(rand.Reader, 2048) + if err != nil { + return nil, err + } + + // Encode the private key to PEM format + privateKeyPEM := pem.EncodeToMemory(&pem.Block{ + Type: "RSA PRIVATE KEY", + Bytes: x509.MarshalPKCS1PrivateKey(privateKey), + }) + + // Parse the PEM encoded private key to get an ssh.Signer + signer, err := ssh.ParsePrivateKey(privateKeyPEM) + if err != nil { + return nil, err + } + + return signer, nil +} + +func handleConn(c net.Conn, config *ssh.ServerConfig) { + ssh.NewServerConn(c, config) +}