From 3f75a2c7de0a774b49341600409dddd71c383b48 Mon Sep 17 00:00:00 2001 From: kayos Date: Fri, 11 Jun 2021 17:04:32 -0700 Subject: [PATCH] refactor our http routing and logging --- go.mod | 1 + go.sum | 2 ++ hellpot.go | 18 ++++-------------- http.go | 36 ++++++++++++++++++++++++++++++++++-- 4 files changed, 41 insertions(+), 16 deletions(-) diff --git a/go.mod b/go.mod index a7a2041..d5b3ad4 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,7 @@ module HellPot go 1.16 require ( + github.com/gorilla/mux v1.8.0 github.com/pelletier/go-toml v1.6.0 // indirect github.com/rs/zerolog v1.22.0 github.com/spf13/afero v1.2.2 // indirect diff --git a/go.sum b/go.sum index 2c86dc9..218b900 100644 --- a/go.sum +++ b/go.sum @@ -67,6 +67,8 @@ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= +github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= diff --git a/hellpot.go b/hellpot.go index 8374c4e..ee8f28a 100644 --- a/hellpot.go +++ b/hellpot.go @@ -3,7 +3,7 @@ package main import ( "HellPot/src/config" "context" - "io" + "github.com/gorilla/mux" "net/http" "os" "os/signal" @@ -14,7 +14,6 @@ import ( const robotsTxt = "User-agent: *\r\n" func startPot() { - var paths string addr := config.BindAddr port := config.BindPort @@ -22,20 +21,11 @@ func startPot() { stopChan := make(chan os.Signal, 1) signal.Notify(stopChan, syscall.SIGINT, syscall.SIGTERM) - for _, p := range config.Paths { - http.HandleFunc(p, func(w http.ResponseWriter, r *http.Request) { - DefaultHoneypot(w, r) - }) - paths = paths + "Disallow: " + p + "\r\n" - } + r := mux.NewRouter() - http.HandleFunc("/robots.txt", func(w http.ResponseWriter, r *http.Request) { - if _, err := io.WriteString(w, robotsTxt+paths+"\r\n"); err != nil { - log.Error().Err(err).Msg("SERVE_ROBOTS_ERROR") - } - }) + r.HandleFunc("/{path}", DefaultHoneypot) - srv := &http.Server{Addr: addr + ":" + port, Handler: http.DefaultServeMux} + srv := &http.Server{Addr: addr + ":" + port, Handler: r} go func() { log.Info().Str("bind_addr", addr).Str("bind_port", port). diff --git a/http.go b/http.go index 71af032..fc656fe 100644 --- a/http.go +++ b/http.go @@ -1,6 +1,8 @@ package main import ( + "HellPot/src/config" + "github.com/gorilla/mux" "io" "net/http" "sync" @@ -28,10 +30,40 @@ func NewHoneypot(mm MarkovMap, buffsize int) http.HandlerFunc { } return func(w http.ResponseWriter, r *http.Request) { + vars := mux.Vars(r) + var inscope bool = false + + if vars["path"] == "robots.txt" { + var paths string + for _, p := range config.Paths { + paths = paths + "Disallow: " + p + "\r\n" + } + + if _, err := io.WriteString(w, robotsTxt+paths+"\r\n"); err != nil { + log.Error().Err(err).Msg("SERVE_ROBOTS_ERROR") + } + return + } + + for _, p := range config.Paths { + if vars["path"] == p { + inscope = true + } + } + + if !inscope { + log.Warn(). + Str("UserAgent", r.UserAgent()). + Str("URL", r.URL.RequestURI()). + Strs("REMOTE_ADDR", r.Header.Values("X-Real-IP")). + Msg("Request outside of configured scope!") + return + } + s := time.Now() log.Info(). Str("UserAgent", r.UserAgent()). - Interface("URL", r.URL). + Interface("URL", r.URL.RequestURI()). Strs("REMOTE_ADDR", r.Header.Values("X-Real-IP")). Msg("SERVE") buf := getBuffer() @@ -40,7 +72,7 @@ func NewHoneypot(mm MarkovMap, buffsize int) http.HandlerFunc { n, err := io.CopyBuffer(w, mm, buf) log.Info(). Str("UserAgent", r.UserAgent()). - Interface("URL", r.URL). + Interface("URL", r.URL.RequestURI()). Strs("REMOTE_ADDR", r.Header.Values("X-Real-IP")). Int64("BYTES", n). Dur("DURATION", time.Since(s)).