Initial commit.

.dockerignore

@@ -0,0 +1 @@
+.gitignore

.travis.yml

@@ -0,0 +1,18 @@
+language: generic
+
+sudo: required
+
+services:
+  - docker
+
+env:
+  - BUILD=ubuntu
+  - BUILD=centos
+
+script:
+  - "docker-compose build $BUILD"
+  - "docker-compose run --entrypoint /opt/dionaea/bin/dionaea $BUILD status"
+
+notifications:
+  email:
+    - [email protected]

Dockerfile-centos

@@ -0,0 +1,19 @@
+FROM centos:centos7
+
+LABEL maintainer Alexander Merck <[email protected]>
+LABEL name "dionaea"
+LABEL version "0.1"
+LABEL release "1"
+LABEL summary "Dionaea HoneyPot container"
+LABEL description "Dionaea is meant to be a nepenthes successor, embedding python as scripting language, using libemu to detect shellcodes, supporting ipv6 and tls."
+LABEL autoritative-source-url "https://github.com/CommunityHoneyNetwork/communityhoneynetwork"
+LABEL changelog-url "https://github.com/CommunityHoneyNetwork/communityhoneynetwork/commits/master"
+
+# Set DOCKER var - used by Dionaea init to determine logging
+ENV DOCKER "yes"
+ENV playbook "dionaea.yml"
+
+RUN yum install -y epel-release \
+        && yum install -y ansible
+RUN yum groupinstall -y "Development Tools"
+

Dockerfile-ubuntu

@@ -0,0 +1,24 @@
+FROM ubuntu:17.10
+
+LABEL maintainer Alexander Merck <[email protected]>
+LABEL name "dionaea"
+LABEL version "0.1"
+LABEL release "1"
+LABEL summary "Dionaea HoneyPot container"
+LABEL description "Dionaea is meant to be a nepenthes successor, embedding python as scripting language, using libemu to detect shellcodes, supporting ipv6 and tls."
+LABEL autoritative-source-url "https://github.com/CommunityHoneyNetwork/communityhoneynetwork"
+LABEL changelog-url "https://github.com/CommunityHoneyNetwork/communityhoneynetwork/commits/master"
+
+ENV DOCKER "yes"
+ENV playbook "dionaea.yml"
+
+RUN apt-get update \
+    && apt-get install -y ansible
+RUN apt-get install -y python-apt
+
+RUN echo "localhost ansible_connection=local" >> /etc/ansible/hosts
+ADD . /opt/
+RUN ansible-playbook /opt/${playbook}
+
+ENTRYPOINT ["/usr/bin/runsvdir", "-P", "/etc/service"]
+#ENTRYPOINT ["/bin/bash"]

dionaea.run.j2

@@ -0,0 +1,124 @@
+#!/bin/bash
+
+trap "exit 130" SIGINT
+trap "exit 137" SIGKILL
+trap "exit 143" SIGTERM
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+DIONAEA_JSON='/etc/dionaea.json'
+
+
+register () {
+    local deploy_key="${1:-}"
+    local chnserver="${2:-localhost}"
+    local json="${3:-dionaea}"
+    local hostname="$(hostname -f)"
+    local honeypot="dionaea"
+
+    if [[ -z ${deploy_key} ]]
+    then
+        return 1
+    fi
+
+    curl -s -X POST -H "Content-Type: application/json" -d "{
+      \"name\": \"${hostname}-${honeypot}\",
+      \"hostname\": \"$hostname\",
+      \"deploy_key\": \"$deploy_key\",
+      \"honeypot\": \"$honeypot\"
+    }" ${chnserver}/api/sensor/ > ${json}
+
+}
+
+
+setup_dionaea_conf () {
+
+    source {{ sysconfig_dir }}/dionaea
+
+    local uid=${1:-}
+    local secret=${2:-}
+    local debug=${3:-false}
+
+    pushd /opt/dionaea/etc/dionaea
+    cp dionaea.cfg dionaea.cfg.orig
+
+    sed -i "s/# listen.addresses=.*/listen.addresses=$LISTEN_ADDRESSES/g" dionaea.cfg
+    sed -i "s/# listen.interfaces=.*/listen.interfaces=$LISTEN_INTERFACES/g" dionaea.cfg
+
+    # Enable services
+    rm -f ./services-enabled/*.yaml
+    for i in ${SERVICES[@]}; do
+      ln -s {{ dionaea_dir }}/etc/dionaea/services-available/$i.yaml ./services-enabled/$i.yaml
+    done
+
+    rm -f ./ihandlers-enabled/*.yaml
+    if [[ ${HPFEEDS_ENABLED} == "true" ]]
+    then
+      ln -s {{ dionaea_dir }}/etc/dionaea/ihandlers-available/hpfeeds.yaml ./ihandlers-enabled/hpfeeds.yaml
+      sed -i "s/server:.*/server: \"${FEEDS_SERVER}\"/g" {{ dionaea_dir }}/etc/dionaea/ihandlers-available/hpfeeds.yaml
+      sed -i "s/ident:.*/ident: \"${uid}\"/g" {{ dionaea_dir }}/etc/dionaea/ihandlers-available/hpfeeds.yaml
+      sed -i "s/secret:.*/secret: \"${secret}\"/g" {{ dionaea_dir }}/etc/dionaea/ihandlers-available/hpfeeds.yaml
+    fi
+
+    popd
+}
+
+
+main() {
+  source {{ sysconfig_dir }}/dionaea
+
+  if [[ ${DEBUG} == "true" ]]
+  then
+    set -o xtrace
+  fi
+
+  local deploy_key=${DEPLOY_KEY:-}
+  local chn_server=${CHN_SERVER}
+  local feeds_server=${FEEDS_SERVER:-localhost}
+  local feeds_server_port=${FEEDS_SERVER_PORT:-10000}
+  local json=${DIONAEA_JSON:-dionaea.json}
+
+  local debug=${DEBUG:-false}
+
+  if [[ -z ${deploy_key} ]]
+  then
+    echo "[CRIT] - No deploy key found"
+    exit 1
+  fi
+
+  # If it doesn't exist or is empty
+  if [[ ! -f ${json}  ]] || [[ ! -s ${json} ]]
+  then
+    register ${deploy_key} ${chn_server} ${json}
+
+    return=$?
+
+    if [[ $return -ne 0 ]]
+    then
+      echo "Failed to register with ${chn_server} using key: ${deploy_key}"
+      exit 1
+    fi
+  fi
+
+  local uuid=$(python -c "import json;obj=json.load(file('${json}'));print obj['uuid']")
+
+  if [ -z "$uuid" ]
+  then
+    echo "Could not create sensor using name \"$(hostname -f)\"."
+    exit 1
+  else
+    echo "Created sensor: " $uuid
+  fi
+
+  local uid=$(python -c "import json;obj=json.load(file('${json}'));print obj['identifier']")
+  local secret=$(python -c "import json;obj=json.load(file('${json}'));print obj['secret']")
+
+  setup_dionaea_conf ${uid} ${secret}
+
+  exec /opt/dionaea/bin/dionaea -c "/opt/dionaea/etc/dionaea/dionaea.cfg" -u nobody -g nogroup
+}
+
+
+main "$@"

dionaea.sysconfig

@@ -0,0 +1,20 @@
+
+DEBUG=true
+
+CHN_SERVER="http://chnserver"
+DEPLOY_KEY="c0ZM2XZH"
+
+# Network options
+LISTEN_ADDRESSES="0.0.0.0"
+LISTEN_INTERFACES="eth0"
+
+
+# Service options
+# blackhole, epmap, ftp, http, memcache, mirror, mongo, mqtt, mssql, mysql, pptp, sip, smb, tftp, upnp
+SERVICES=(ftp mssql smb)
+
+
+# Logging options
+HPFEEDS_ENABLED=true
+FEEDS_SERVER="hpfeeds"
+FEEDS_SERVER_PORT=10000

dionaea.yml

@@ -0,0 +1,85 @@
+---
+  - hosts: all
+
+    tasks:
+      - name: Dionaea | Gather | print os info
+        debug:
+          msg: "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}"
+
+      - name: Dionaea | Gather | os info
+        include_vars: "{{ item }}"
+        with_first_found:
+          - "{{ ansible_distribution }}-{{ ansible_distribution_major_version}}.yml"
+          - "{{ ansible_distribution }}.yml"
+        tags: vars
+
+      - name: Dionaea | Gather | default info
+        include_vars:
+          file: default.yml
+        tags: vars
+
+      - name: Dionaea | install non-specific packages
+        package:
+          name: "{{ item }}"
+        with_items: "{{ pkgs }}"
+
+      - name: Dionaea | install os-specific packages
+        package:
+          name: "{{ item }}"
+        with_items: "{{ pkgs_osspec }}"
+
+      - name: Dionaea | add users group
+        group:
+          name: users
+
+      - name: Dionaea | create dionaea user
+        user:
+          name: dionaea
+          shell: /bin/bash
+          group: users
+
+      - name: Dionaea | clone dionaea source
+        git:
+          repo: "{{ dionaea_repo }}"
+          version: "{{ dionaea_version }}"
+          dest: /opt/dionaea
+
+      - name: Dionaea | build dionaea
+        command: "{{ item }}"
+        args:
+          chdir: /opt/dionaea
+        with_items:
+          - "autoreconf -vi"
+          - "./configure {{config_options}}"
+          - "make"
+          - "make install"
+
+      - name: Dionaea | set file perms
+        file:
+          path: "{{ dionaea_dir }}"
+          owner: "{{ dionaea_user }}"
+          group: root
+          recurse: yes
+        file:
+          path: "{{ dionaea_dir }}/var/dionaea"
+          owner: nobody
+          group: nogroup
+          recurse: yes
+
+      - name: Dionaea | copy dionaea sysconfig file
+        copy:
+          dest: "{{ sysconfig_dir }}/dionaea"
+          src: dionaea.sysconfig
+          mode: 0644
+
+      - name: Dionaea | create runit directories
+        file:
+          state: directory
+          path: "{{ runit_service_dir }}"
+          mode: 0755
+
+      - name: Dionaea | create dionaea runit run file
+        template:
+          src: dionaea.run.j2
+          dest: "{{ runit_service_dir }}/run"
+          mode: 0755

docker-compose.yml

@@ -0,0 +1,17 @@
+version: '2'
+services:
+  ubuntu:
+    build:
+      context: .
+      dockerfile: Dockerfile-ubuntu
+    image: dionaea:ubuntu
+    volumes:
+      - ./dionaea.sysconfig:/etc/default/dionaea:z
+
+#  centos:
+#    build:
+#      context: .
+#      dockerfile: Dockerfile-centos
+#    image: dionaea:centos
+#    volumes:
+#      - ./dionaea.sysconfig:/etc/default/dionaea:z

vars/CentOS.yml

@@ -0,0 +1,13 @@
+---
+  pkgs_osspec:
+    - python34-cython
+    - libcurl-devel
+    - libev-devel
+    - glib2-devel
+    - libnetfliter_queue-devel
+    - libnl-devel
+    - openssl-devel
+    - python34
+    - python34-devel
+
+  sysconfig_dir: /etc/default

vars/Ubuntu.yml

@@ -0,0 +1,24 @@
+---
+  pkgs_osspec:
+    - runit
+    - build-essential
+    - cython3
+    - libcurl4-openssl-dev
+    - libemu-dev
+    - libev-dev
+    - libglib2.0-dev
+    - libloudmouth1-dev
+    - libnetfilter-queue-dev
+    - libnl-3-dev
+    - libpcap-dev
+    - libssl-dev
+    - libudns-dev
+    - python3
+    - python3-dev
+    - python3-bson
+    - python3-yaml
+
+  config_options: --disable-werror --prefix=/opt/dionaea --with-python=/usr/bin/python3 --with-cython-dir=/usr/bin --with-ev-include=/usr/include --with-ev-lib=/usr/lib --with-emu-lib=/usr/lib/libemu --with-emu-include=/usr/include --with-nl-include=/usr/include/libnl3 --with-nl-lib=/usr/lib
+
+  sysconfig_dir: /etc/default
+

vars/default.yml

@@ -0,0 +1,18 @@
+---
+  pkgs:
+    - git
+    - python-virtualenv
+    - autoconf
+    - automake
+    - check
+    - libtool
+    - curl
+
+  dionaea_repo: http://github.com/dinotools/dionaea
+
+  dionaea_version: master
+
+  dionaea_dir: /opt/dionaea
+  dionaea_user: dionaea
+
+  runit_service_dir: /etc/service/dionaea