diff options
-rw-r--r-- | .SRCINFO | 38 | ||||
-rw-r--r-- | .gitignore | 3 | ||||
-rw-r--r-- | 0001-patch-service.patch | 83 | ||||
-rw-r--r-- | PKGBUILD | 54 |
4 files changed, 141 insertions, 37 deletions
@@ -1,27 +1,29 @@ pkgbase = cowrie pkgdesc = Medium interaction SSH honeypot designed to log brute force attacks and entire shell interaction - pkgver = 1.1.0 - pkgrel = 3 + pkgver = 2.1.0 + pkgrel = 1 url = https://github.com/micheloosterhof/cowrie install = cowrie.install arch = any license = BSD - depends = python2-twisted - depends = python2-zope-interface - depends = python2-crypto - depends = python2-pyasn1 - depends = python2-cryptography - depends = python2-gmpy2 - depends = python2-pyopenssl - depends = mysql-python - depends = python2-dateutil - depends = python2-tftpy - depends = python2-configparser - depends = python2-service-identity - depends = python2-requests - backup = etc/cowrie.cfg - source = cowrie-1.1.0.tar.gz::https://github.com/micheloosterhof/cowrie/archive/v1.1.0.tar.gz - sha512sums = da6cb2e25f57dd5a1e9b7ff02a39ae4d6955ee2be03b0054f92f07b429a1a12b938c571862b05d5ccbe9949d132185079bd93644bd38469e841cb9a8cc95dfbd + depends = python-appdirs + depends = python-attrs + depends = python-bcrypt + depends = python-cryptography + depends = python-packaging + depends = python-pyasn1-modules + depends = python-pyopenssl + depends = python-pyparsing + depends = python-dateutil + depends = python-service-identity + depends = python-tftpy + depends = python-treq + depends = python-twisted + backup = etc/cowrie/cowrie.cfg + source = cowrie-2.1.0.tar.gz::https://github.com/micheloosterhof/cowrie/archive/v2.1.0.tar.gz + source = 0001-patch-service.patch + sha512sums = b1d4a76beffb9e03e1c1f0299eea858d9d245f15eca10146410d4b3fee0f76ff4cb7e3017643cba719a677d3c0591a267a6d6df261c2a66d99a677c10720e4de + sha512sums = 76bfbd8cdf78e7365e95fb017e241ec23015b56f7ac292370d90cfabbd0086e7c199278f6956aabfc9e658fdbaacb16ac22699c39d042d6973a5963add0812ee pkgname = cowrie diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000000..d725ba4cf0d2 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.tar.* +pkg/ +src/ diff --git a/0001-patch-service.patch b/0001-patch-service.patch new file mode 100644 index 000000000000..15816c676e9b --- /dev/null +++ b/0001-patch-service.patch @@ -0,0 +1,83 @@ +From 726fe83fac7f451bac14fae80de272bc0d00dabe Mon Sep 17 00:00:00 2001 +From: Cody P Schafer <dev@codyps.com> +Date: Mon, 22 Jun 2020 01:52:25 -0400 +Subject: [PATCH] patch service + +--- + .../systemd/etc/systemd/system/cowrie.service | 25 ++++++++++++++----- + etc/cowrie.cfg.dist | 4 +-- + 2 files changed, 21 insertions(+), 8 deletions(-) + +diff --git a/docs/systemd/etc/systemd/system/cowrie.service b/docs/systemd/etc/systemd/system/cowrie.service +index b8b2fd4..934e77d 100644 +--- a/docs/systemd/etc/systemd/system/cowrie.service ++++ b/docs/systemd/etc/systemd/system/cowrie.service +@@ -1,24 +1,37 @@ + [Unit] + Description=A SSH and Telnet honeypot service + After=network.target +-After=rsyslog.service + Requires=cowrie.socket + + [Service] + User=cowrie + Group=cowrie + ++NoNewPrivileges=true ++ProtectSystem=strict ++ProtectHome=true ++ReadOnlyPaths=/opt/cowrie ++ReadWritePaths=/opt/cowrie/var ++PrivateDevices=true ++ProtectClock=true ++#ProtectHostname=true ++#PrivateUsers=true ++ProtectKernelTunables=true ++ProtectKernelLogs=true ++ProtectKernelModules=true ++ProtectControlGroups=true ++RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 ++LockPersonality=yes ++RestrictRealtime=true ++RestrictSUIDSGID=true ++ + Restart=always + RestartSec=5 + + Environment=PYTHONPATH=/opt/cowrie/src + WorkingDirectory=/opt/cowrie + +-ExecStart=/opt/cowrie-env/bin/python /opt/cowrie-env/bin/twistd --umask 0022 --nodaemon --pidfile= -l - cowrie +- +-StandardOutput=syslog +-StandardError=syslog +-SyslogIdentifier=cowrie ++ExecStart=/usr/bin/twistd3 --umask 0022 --nodaemon --pidfile= -l - cowrie + + [Install] + WantedBy=multi-user.target +diff --git a/etc/cowrie.cfg.dist b/etc/cowrie.cfg.dist +index 7139aa1..f044c47 100644 +--- a/etc/cowrie.cfg.dist ++++ b/etc/cowrie.cfg.dist +@@ -590,7 +590,7 @@ compression = zlib@openssh.com,zlib,none + # e.g listen_endpoints = "tcp:2222:interface=0.0.0.0 tcp:1022:interface=0.0.0.0" will result listening both on ports 2222 and 1022 + # use authbind for port numbers under 1024 + +-listen_endpoints = tcp:2222:interface=0.0.0.0 ++listen_endpoints = systemd:domain=INET6:index=0 + + # Enable the SFTP subsystem + # (default: true) +@@ -665,7 +665,7 @@ enabled = false + # e.g "listen_endpoints = tcp:2223:interface=0.0.0.0 tcp:2323:interface=0.0.0.0" will result listening both on ports 2223 and 2323 + # use authbind for port numbers under 1024 + +-listen_endpoints = tcp:2223:interface=0.0.0.0 ++listen_endpoints = systemd:domain=INET6:index=1 + + + # Source Port to report in logs (useful if you use iptables to forward ports to Cowrie) +-- +2.27.0 + @@ -1,46 +1,62 @@ # Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> pkgname=cowrie -pkgver=1.1.0 -pkgrel=3 +pkgver=2.1.0 +pkgrel=1 pkgdesc='Medium interaction SSH honeypot designed to log brute force attacks and entire shell interaction' url='https://github.com/micheloosterhof/cowrie' arch=('any') license=('BSD') -depends=('python2-twisted' 'python2-zope-interface' 'python2-crypto' 'python2-pyasn1' 'python2-cryptography' - 'python2-gmpy2' 'python2-pyopenssl' 'mysql-python' 'python2-dateutil' 'python2-tftpy' - 'python2-configparser' 'python2-service-identity' 'python2-requests') -backup=('etc/cowrie.cfg') +# from the requirements.txt +depends=( + 'python-appdirs' + 'python-attrs' + 'python-bcrypt' +# 'python-configparser' + 'python-cryptography' + 'python-packaging' + 'python-pyasn1-modules' + 'python-pyopenssl' + 'python-pyparsing' + 'python-dateutil' + 'python-service-identity' + 'python-tftpy' + 'python-treq' + 'python-twisted' + ) + +backup=('etc/cowrie/cowrie.cfg') install=cowrie.install -source=(${pkgname}-${pkgver}.tar.gz::https://github.com/micheloosterhof/${pkgname}/archive/v${pkgver}.tar.gz) -sha512sums=('da6cb2e25f57dd5a1e9b7ff02a39ae4d6955ee2be03b0054f92f07b429a1a12b938c571862b05d5ccbe9949d132185079bd93644bd38469e841cb9a8cc95dfbd') +source=(${pkgname}-${pkgver}.tar.gz::https://github.com/micheloosterhof/${pkgname}/archive/v${pkgver}.tar.gz + '0001-patch-service.patch') +sha512sums=('b1d4a76beffb9e03e1c1f0299eea858d9d245f15eca10146410d4b3fee0f76ff4cb7e3017643cba719a677d3c0591a267a6d6df261c2a66d99a677c10720e4de' + '76bfbd8cdf78e7365e95fb017e241ec23015b56f7ac292370d90cfabbd0086e7c199278f6956aabfc9e658fdbaacb16ac22699c39d042d6973a5963add0812ee') prepare() { cd ${pkgname}-${pkgver} - sed -e 's|env python$|env python2|g' -i bin/* cowrie/commands/tftp.py - sed -e 's|/home/cowrie|/opt|g' -i doc/systemd/cowrie.service - sed -e '/PIDFile/d' -i doc/systemd/cowrie.service - sed -r 's|(cowrie)$|\1 -c /etc/cowrie.cfg|g' -i start.sh + patch -p1 -Ni '../0001-patch-service.patch' } build() { cd ${pkgname}-${pkgver} - python2 -m compileall . - python2 -O -m compileall . + python setup.py build } package() { cd ${pkgname}-${pkgver} - install -Dm 644 cowrie.cfg.dist "${pkgdir}/etc/cowrie.cfg" - install -Dm 644 doc/systemd/cowrie.service -t "${pkgdir}/usr/lib/systemd/system" + mkdir -p "${pkgdir}/etc/cowrie" + install -Dm 644 etc/cowrie.cfg.dist "${pkgdir}/etc/cowrie/cowrie.cfg" + install -Dm 644 docs/systemd/etc/systemd/system/cowrie.service -t "${pkgdir}/usr/lib/systemd/system" + install -Dm 644 docs/systemd/etc/systemd/system/cowrie.socket -t "${pkgdir}/usr/lib/systemd/system" install -d "${pkgdir}/opt/cowrie" cp -a . "${pkgdir}/opt/cowrie" - rm -r "${pkgdir}/opt/cowrie/cowrie.cfg.dist" + rm "${pkgdir}/opt/cowrie/etc/cowrie.cfg.dist" - install -Dm 644 doc/COPYRIGHT "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" - install -Dm 644 README.md INSTALL.md CHANGELOG.md -t "${pkgdir}/usr/share/doc/${pkgname}" + install -Dm 644 docs/LICENSE.rst "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" + mkdir -p "${pkgdir}/usr/share/doc/${pkgname}" + cp -a docs/* "${pkgdir}/usr/share/doc/${pkgname}" } # vim: ts=2 sw=2 et: |