summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authoranthraxx2015-06-18 18:01:24 +0200
committeranthraxx2015-06-18 18:01:24 +0200
commit387ea8bd1145e86ecc87cc1fa4f33fcde05809ba (patch)
tree3527ec0edeef631d658016b0cc3ef5cf83bf5e0a
downloadaur-387ea8bd1145e86ecc87cc1fa4f33fcde05809ba.tar.gz
addpkg: kippo 0.9-3
Diffstat
-rw-r--r--.SRCINFO22
-rw-r--r--INSTALL4
-rw-r--r--PKGBUILD50
-rw-r--r--kippo.install26
-rw-r--r--kippo.service14
5 files changed, 116 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..938e188beb01
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,22 @@
+pkgbase = kippo
+ pkgdesc = A medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker
+ pkgver = 0.9
+ pkgrel = 3
+ url = https://github.com/desaster/kippo
+ install = kippo.install
+ arch = any
+ license = BSD
+ depends = twisted
+ depends = pycrypto
+ depends = zope-interface
+ depends = python2-pyasn1
+ backup = etc/kippo.cfg
+ source = kippo-0.9.tar.gz::https://github.com/desaster/kippo/archive/v0.9.tar.gz
+ source = kippo.service
+ source = INSTALL
+ sha512sums = 0e17c410ecb8e44ba3862f0bd6c2773d6fa768750d7917ba7f5fbfdec8ddfa63fbde0e0190bcd5361a6c5ea0bcb2017e24593c4181b5cb915a605723bce07a26
+ sha512sums = f815717a2abb7abf548e229be83f62d166f039e9018c30f6a1d47c48dfafe5d6bb417b046e3d5056ac69e6791fb26ba04f20718fa3593f77e41c09d1830ebb42
+ sha512sums = fd82f060af248b413e62d779a4a20c6d6f4972cc724503a8c60fe435955ad7b1829caf9b5a8ceca41a2d9cf02144ab9fa9d892b59012e52a81d9dbfa832d4106
+
+pkgname = kippo
+
diff --git a/INSTALL b/INSTALL
new file mode 100644
index 000000000000..92131e9e9b17
--- /dev/null
+++ b/INSTALL
@@ -0,0 +1,4 @@
+By default, kippo runs on port 2222. Do not try to run it on port 22.
+Instead, use something like
+ iptables -t nat -A PREROUTING -i enp0s1 -p tcp --dport 22 -j REDIRECT --to-port 2222
+to make it reachable on port 22.
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..bf8b4e8ee07a
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,50 @@
+# Maintainer: Levente Polyak <levente[at]leventepolyak[dot]net>
+# Contributor: Andre Kwakernaak <andre.kwakernaak@gmail.com>
+# Contributor: Sven-Hendrik Haase <sh@lutzhaase.com>
+
+pkgname=kippo
+pkgver=0.9
+pkgrel=3
+pkgdesc="A medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker"
+url="https://github.com/desaster/kippo"
+arch=('any')
+license=('BSD')
+depends=('twisted' 'pycrypto' 'zope-interface' 'python2-pyasn1')
+backup=('etc/kippo.cfg')
+install=kippo.install
+source=(${pkgname}-${pkgver}.tar.gz::https://github.com/desaster/kippo/archive/v${pkgver}.tar.gz
+ kippo.service
+ INSTALL)
+sha512sums=('0e17c410ecb8e44ba3862f0bd6c2773d6fa768750d7917ba7f5fbfdec8ddfa63fbde0e0190bcd5361a6c5ea0bcb2017e24593c4181b5cb915a605723bce07a26'
+ 'f815717a2abb7abf548e229be83f62d166f039e9018c30f6a1d47c48dfafe5d6bb417b046e3d5056ac69e6791fb26ba04f20718fa3593f77e41c09d1830ebb42'
+ 'fd82f060af248b413e62d779a4a20c6d6f4972cc724503a8c60fe435955ad7b1829caf9b5a8ceca41a2d9cf02144ab9fa9d892b59012e52a81d9dbfa832d4106')
+
+prepare() {
+ cd ${pkgname}-${pkgver}
+ sed -e 's|env python$|env python2|g' -i utils/*
+ sed -e 's|/usr/bin/python$|/usr/bin/python2|g' -i utils/fsctl.py
+ sed -e 's|kippo.cfg|/etc/kippo.cfg|g' -i kippo.tac
+}
+
+build() {
+ cd ${pkgname}-${pkgver}
+ python2 -m compileall .
+ python2 -O -m compileall .
+}
+
+package() {
+ cd ${pkgname}-${pkgver}
+
+ install -Dm 644 kippo.cfg.dist "${pkgdir}/etc/kippo.cfg"
+ install -Dm 644 ../kippo.service \
+ "${pkgdir}/usr/lib/systemd/system/kippo.service"
+
+ find . -type f -not \( -name kippo.cfg.dist -o -name start.sh -o -name stop.sh \) \
+ -exec install -Dm 644 {} "${pkgdir}/opt/kippo/{}" \;
+
+ install -Dm 644 doc/COPYRIGHT "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+ install -Dm 644 doc/README "${pkgdir}/usr/share/doc/${pkgname}/README"
+ install -Dm 644 ../INSTALL "${pkgdir}/usr/share/doc/${pkgname}/INSTALL"
+}
+
+# vim: ts=2 sw=2 et:
diff --git a/kippo.install b/kippo.install
new file mode 100644
index 000000000000..c30e615d803e
--- /dev/null
+++ b/kippo.install
@@ -0,0 +1,26 @@
+post_install() {
+ getent group kippo > /dev/null || groupadd kippo
+ getent passwd kippo > /dev/null || \
+ useradd -d /opt/kippo -g kippo -s /bin/nologin kippo
+
+ mkdir -p /opt/kippo/log/tty /opt/kippo/dl
+ chown -R kippo:kippo /opt/kippo
+
+ cat /usr/share/doc/kippo/INSTALL
+}
+
+post_upgrade() {
+ post_install
+}
+
+pre_remove() {
+ if [[ -f /opt/kippo/kippo.pid ]]; then
+ systemctl stop kippo
+ fi
+}
+
+post_remove() {
+ userdel kippo
+}
+
+# vim: ts=2 sw=2 et:
diff --git a/kippo.service b/kippo.service
new file mode 100644
index 000000000000..01d8a49cdd5b
--- /dev/null
+++ b/kippo.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=Kippo Honey Pot
+After=network.target
+
+[Service]
+Type=forking
+User=kippo
+Group=kippo
+WorkingDirectory=/opt/kippo
+PIDFile=/opt/kippo/kippo.pid
+ExecStart=/usr/bin/twistd -y kippo.tac -l log/kippo.log --pidfile kippo.pid
+
+[Install]
+WantedBy=multi-user.target