Initial commit

2023-12-26 16:44:59 +01:00 · 2023-12-26 16:44:59 +01:00 · fd6c0022d0
commit fd6c0022d0
6 changed files with 117 additions and 0 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,3 @@
+.dockerignore
+Dockerfile
+docker-compose.yaml
--- a/15
+++ b/15
@ -0,0 +1,15 @@
+FROM golang:1.21.5 AS builder
+
+WORKDIR /app
+
+COPY . .
+
+RUN CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o ssh-honeypot .
+
+FROM alpine:latest
+
+WORKDIR /app
+
+COPY --from=builder /app/ssh-honeypot .
+
+ENTRYPOINT ["./ssh-honeypot"]
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -0,0 +1,5 @@
+services:
+  ssh-honeypot:
+    build: .
+    ports:
+      - "2222:22"
--- a/go.mod
+++ b/go.mod
@ -0,0 +1,7 @@
+module ssh-honeypot
+
+go 1.21.5
+
+require golang.org/x/crypto v0.17.0
+
+require golang.org/x/sys v0.15.0
--- a/go.sum
+++ b/go.sum
@ -0,0 +1,6 @@
+golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
+golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
--- a/main.go
+++ b/main.go
@ -0,0 +1,81 @@
+package main
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+	"fmt"
+	"log"
+	"net"
+	"strconv"
+	"time"
+
+	"golang.org/x/crypto/ssh"
+)
+
+func main() {
+
+	port := 22
+
+	key, err := generateKeyPair()
+	if err != nil {
+		log.Fatalf("Failed to generate key pair: %v", err)
+	}
+
+	config := &ssh.ServerConfig{
+		PasswordCallback: func(c ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) {
+			ip, _, err := net.SplitHostPort(c.RemoteAddr().String())
+			if err != nil {
+				ip = c.RemoteAddr().String()
+			}
+			log.Printf("[%s] \"honeypot connection attempt: ssh - %s - %s - %s\"\n", time.Now().Format("2006-01-02 15:04:05.000"), ip, c.User(), string(pass))
+			return nil, fmt.Errorf("password rejected for %q", c.User())
+		},
+	}
+
+	config.AddHostKey(key)
+
+	// Listen on port 22
+	listener, err := net.Listen("tcp", "0.0.0.0:"+strconv.Itoa(port))
+	if err != nil {
+		log.Fatalf("Failed to listen on port %d: %v", port, err)
+	}
+	log.Printf("Listening on port %d...", port)
+
+	for {
+		conn, err := listener.Accept()
+		if err != nil {
+			log.Printf("Failed to accept incoming connection: %s", err)
+			continue
+		}
+
+		go handleConn(conn, config)
+	}
+}
+
+func generateKeyPair() (ssh.Signer, error) {
+	// Generate a new RSA private key
+	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		return nil, err
+	}
+
+	// Encode the private key to PEM format
+	privateKeyPEM := pem.EncodeToMemory(&pem.Block{
+		Type:  "RSA PRIVATE KEY",
+		Bytes: x509.MarshalPKCS1PrivateKey(privateKey),
+	})
+
+	// Parse the PEM encoded private key to get an ssh.Signer
+	signer, err := ssh.ParsePrivateKey(privateKeyPEM)
+	if err != nil {
+		return nil, err
+	}
+
+	return signer, nil
+}
+
+func handleConn(c net.Conn, config *ssh.ServerConfig) {
+	ssh.NewServerConn(c, config)
+}