Rooba
/
cowrie
mirror of https://github.com/cowrie/cowrie.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,042 Commits 3 Branches 21 Tags 58 MiB
Commit Graph

67 Commits

Author SHA1 Message Date
Michel Oosterhof 583f7f04c6
cowrie.readthedocs.io -> docs.cowrie.org (#2434) 
* cowrie.readthedocs.io -> docs.cowrie.org
 2024-12-18 14:52:06 +08:00
Michel Oosterhof 92e3452d98
remove blowfish (#2406) 2024-11-26 09:06:50 +08:00
Michel Oosterhof 97326badba
pool reqs (#1970) 
* pool reqs
* added unit for recycle period
 2024-11-21 23:53:26 +08:00
Michel Oosterhof 4db33a1855
Logtypes (#2397) 
* customizable log rotation
 2024-11-21 23:46:05 +08:00
Michel Oosterhof f6e5535153
rmq (#2396) 
thanks @vladiliushin
 2024-11-21 16:59:49 +08:00
Michel Oosterhof d4f3a7ef2a
add option to login with any public key (#2391) 
additional logging
 2024-11-20 09:52:11 +08:00
Michel Oosterhof c684333813
Datadir (#2381) 
* share_path -> data_path
This is a breaking change that moves static files to the src directory in preparation of distribution on pypi
* release 2.6.0
 2024-11-18 20:44:14 +08:00
Michel Oosterhof 06a28c435d
add prototype axiom output (#2323) 2024-09-19 11:40:40 +08:00
mjovanovic9999 25f4ffd58b
Added support for remote syslog logging (#2312) 
* remote syslog output plugin
* added tcp or udp support

---------

Co-authored-by: mj <mj@kali>
 2024-09-12 17:54:28 +08:00
Mattia Moretti 3b6c3c1d76
Oracle cloud custom logs plugin (#1997) 
* initial oraclecloud logs
---------

Co-authored-by: Michel Oosterhof <micheloosterhof@users.noreply.github.com>
 2023-11-13 20:26:50 +08:00
Michel Oosterhof e27a20f53c
17oct (#1968) 
* rewrite locks from try/finally to with syntax
* class->instance vars
* use definitions for states
* configurable libvirt_uri
* add data class
 2023-10-18 23:08:45 +08:00
onlyvae 02f1597efe
Correct description of the authentication_timeout setting in the configuration file (#1833) 
If set authentication_timeout to 0, a timeout exception will be raised immediately after receiving a connection.
 2023-04-17 20:38:30 +08:00
Ziyang d63d68d99a
fix macs typo (#1820) 2023-02-15 11:18:51 +08:00
udgover 899507e81a
Datadog output module (#1789) 
* Add Datadog output module

Co-authored-by: Fred Baguelin <frederic.baguelin@datadoghq.com>
 2022-11-18 11:32:53 +08:00
CyberSpark e502c57d6b
Add support for output to a Discord webhook (#1725) 2022-06-07 16:45:33 +08:00
Diego Parrilla cbaadeeec1
New ThreatJammer output module (#1712) 2022-04-30 23:28:11 +08:00
Pavel Valach 24a7317f1b
etc/cowrie.cfg.dist: remove unused options (#1704) 
In [honeypot], the report_public_ip and reported_ssh_port options are no longer used by the current code.
 2022-03-19 11:21:11 +08:00
Louren van Garderen 68c46118ed
Telegram bot output (#1675) 
* Implement Telegram bot based on #1291

* Code style improvements based on flake8 output
 2022-01-15 00:40:33 +08:00
smalinkin a733d663c2
Add output to Graylog via GELF HTTP input. (#1652) 
* Add output to Graylog via GELF HTTP input
 2021-11-19 19:32:59 +08:00
Sereysethy Touch 680132591d
add new public keys ECDSAKeys and ed25519 (#1627) 2021-09-28 11:16:02 +08:00
Hamid Mujtaba Khalil b8e69c2c1f
fix userdb.example (#1619) 2021-09-02 09:57:12 +08:00
Michel Oosterhof b80dad12b4
Csirtg (#1564) 
* update CSIRTG output plugin to use new library version
* update shadow file too. fix #1562
 2021-05-23 15:12:53 +08:00
Michel Oosterhof 7fe5ee0ad2
Malshare update API (#1472) 
* update malshare api
 2020-12-23 20:03:55 +08:00
Michel Oosterhof 3caef117f7
allow output plugin config via env variable (#1454) 
* remove debug version check statement
* uncomment all output plugins, but leave them in disabled state. This way they can be configured with environment variables
 2020-11-25 16:18:12 +08:00
Benjamin Stephens bb7e98e966
increase abuseipdb rereport_after (#1389) 
Increase re-report from 6 to 24 hours to conform with published AbuseIPDB guidelines.
 2020-07-28 14:34:23 +08:00
Michel Oosterhof ec9eb8b2cc
remove unicode characters in cowrie.cfg.dist (#1376) 2020-07-06 21:17:25 +08:00
Benjamin Stephens a7dd5f5d20
Abuseipdb plugin (#1346) 
* Added section for AbuseIPDB plugin
* Create abuseipdb.py
* replace abuseipdb instructions with reference to its pull request page on github

Co-authored-by: -8 <57877722+hyfn8@users.noreply.github.com>
 2020-05-07 14:17:59 +08:00
asr 8f1d386ced
HTTPS + Credentials + GeoIP support in Elasticsearch output (#1329) 
* add credentials and https support in elasticsearch output
* add new options (creds + https) for elasticsearch output
* change default document type in elasticsearch output, add some extra infos
* add index checking in es output
* add geoip mapping in es output
* add function to setup geoip pipeline in es output


Co-authored-by: Alban Siffer <alban.siffer@irisa.fr>
 2020-04-20 21:07:55 +08:00
Michel Oosterhof d3d602ca6b
put hpfeeds3 in default config file (#1322) 2020-04-01 09:33:04 +08:00
Jesse Bowling 62abf94669
Update hpfeeds3 plugin to use config named hpfeeds3 (#1304) 2020-04-01 09:18:46 +08:00
Matthias 5689817f97
Add misp output (resolves #1306) (#1317) 
* Introduce MISP output plugin

* Add cfg dist settings

* Remove non-needed test code

* Rename misp output class and add final newline to config

* Introduce compatibility to Python 2 and 3

* Update new event text

* Adjust for latest PyMISP API changes and introduce debug

As the PyMISP API deprecated the upload_sample method, we now need to do this manually.
Also, a settings switch for debug output was introduced.

* Add requirements compat for 2 and 3 and introduce publish switch

* Linting and code style update
 2020-03-27 13:59:04 +00:00
cryptax fd6ff4a423
Working ELK setup for 7.6.1 (#1316) 
* Working ELK setup for 7.6.1

* adding custom prompt option

Co-authored-by: axelle <aapvrille@fortinet.com>
 2020-03-27 13:51:31 +00:00
Michel Oosterhof 8b6df7e255
disable crash reporter by default (#1299) 2020-02-07 15:58:32 +00:00
Michel Oosterhof d9f120a4b9
Telnet logging (#1288) 
* fix SSH version comment
* better logging for output modules for telnet commands
 2020-01-13 09:37:51 +00:00
Michel Oosterhof 41077d3664
Crash defaults (#1201) 
* change defaults on crash reporter
 2019-09-06 15:12:52 +01:00
Michel Oosterhof 7a48eda9ec
Telemetry (#1194) 
* crashreporter uploads crashes to api.cowrie.org
 2019-09-04 16:01:48 +01:00
Guilherme Borges d2fe36c44c
Add option to configure Qemu machine (#1189) 2019-08-27 20:05:24 +01:00
Guilherme Borges cdbb2ac2ab
Improve docs on backend pool (#1187) 
* improve docs on backend pool
 2019-08-27 18:40:33 +01:00
Guilherme Borges aeba97b4cc
Add a pool of backends for the proxy (#1181) 
* add pool configs

* add pool interface from proxy branch

* add support for pool initialisation in plugin

* add pool to telnet

* backend pool as service

* move libvirt backend to own dir

* add NAT settings

* add guest backend config

* check for telnet in nmap if ssh is disabled

* add pool periodic cleanup

* add developer guide for backend pool

* add proxy documentation

* add backend pool docs

* docs on XML configs

* add method to check guest connectivity

* add telnet exec class

* update circle deps

* add tox libvirt dep
 2019-08-26 12:11:58 +01:00
Guilherme Borges 34f8464732 Add a Telnet proxy for Cowrie (#1159) 
* add telnet proxy
 2019-07-01 21:41:03 +04:00
Guilherme Borges cc7d65adc0 Add an SSH proxy for Cowrie (#1154) 
* add SSH proxy
 2019-06-29 13:20:26 +04:00
Michel Oosterhof 8b7415cb1b
Move `auth_none` and `auth_keyboard_interactive_enabled` to [ssh] config section (#1153) 2019-06-20 11:33:38 +04:00
Mehtab Zafar 4ef3d18270 Remove deprecated options from config file (#1151) 2019-06-20 11:27:50 +04:00
Mehtab Zafar f2c899cb96 Handle timeout error (#1093) 
* Handle timeout error
* Add debug option in config file
 2019-04-21 11:41:21 +04:00
Mehtab Zafar 140c816569 Add output plugin for greynoise (#1065) 2019-03-23 20:18:42 +04:00
Mehtab Zafar bf46431456 Add output plugin for reverse DNS lookup (#1060) 
* Add output plugin for reverse DNS lookup
 2019-03-19 15:36:56 +04:00
Mayank Sharma ca45ef8d07 Expose SSH key exchange parameters in config file (#1051) 
* Added support for getting encryption, compression, and hash methods from
config file
 2019-03-14 10:14:15 +04:00
Mehtab Zafar ce6452c204 Disable keyboard-interactive authentication by default with option to enable (#1033) 2019-03-13 07:38:12 +04:00
Michel Oosterhof 3ce157548c change ssh version to [shell] ssh_version 2019-03-07 23:48:51 +04:00
Michel Oosterhof 0af74b9e97
Configurable timezone (#1032) 
* configurable time zone for logging
 2019-03-07 23:40:58 +04:00