-
Notifications
You must be signed in to change notification settings - Fork 4
/
bap.py
executable file
·161 lines (135 loc) · 4.21 KB
/
bap.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
#!/usr/bin/env python
#
# bap - http Basic Authentication honeyPot
#
# A webservice honeypot that logs HTTP basic authentication credentials
# in a "parser friendly format"(tm).
#
import os
import sys
import datetime
import BaseHTTPServer
import base64
# Config
HTTP_ADDR = ''
HTTP_PORT = 8080
class StdLogger():
def __init__(self, logname):
self.logfile = os.path.join(os.path.dirname(__file__), logname) + '.log'
def write(self, message):
f = open(self.logfile, 'a')
f.write('%s' % (message))
f.close()
class BapLogger():
def __init__(self, logname):
self.logfile = os.path.join(os.path.dirname(__file__), logname) + '.log'
def logtime(self):
now = datetime.datetime.now()
part1 = now.strftime('%Y-%m-%d %H:%M:%S')
part2 = now.strftime('%f')
# Floor milliseconds
return '%s,%s' % (part1, part2[:3])
def log(self, format, *args):
f = open(self.logfile, 'a')
f.write(
'[%s] %s\n' % (
self.logtime(),
format%args))
f.close()
class BapRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
# Create loggers
potlogger = BapLogger('bap')
accesslogger = BapLogger('access')
errorlogger = BapLogger('error')
# Get client source port
def srcport_string(self):
host, port = self.client_address[:2]
return port
#
# Override BaseHTTPServer
#
# Set server header
server_version = 'Admin Console/1.0'
sys_version = ''
# Hide error response body
error_message_format = ''
# Change log format
def log_request(self, code='-', size='-'):
self.log_message(
'"%s" %s "%s"',
self.requestline.replace('"', '\\"'),
str(code),
self.headers.getheader('User-Agent', '').replace('"', '\\"'))
# Log messages to access.log instead of stderr
def log_message(self, format, *args):
self.accesslogger.log(
'%s:%s %s',
self.address_string(),
self.srcport_string(),
format%args)
# Log errors to error.log instead of calling log_message()
def log_error(self, format, *args):
self.errorlogger.log(
'%s:%s %s',
self.address_string(),
self.srcport_string(),
format%args)
# Skip name resolving
def address_string(self):
host, port = self.client_address[:2]
return host
#
# Request handling
#
# Handle requests in do_HEAD()
def do_HEAD(self):
# Always send 401 response
self.send_response(401)
self.send_header('WWW-Authenticate', 'Basic realm="ADMIN"')
self.send_header('Content-type', 'text/html')
self.end_headers()
# Decode and log credentials, if any.
authstring = self.headers.getheader('Authorization', None)
if authstring != None:
authparts = authstring.split()
if len(authparts) == 2 and authparts[0] == 'Basic':
try:
authdecoded = base64.b64decode(authparts[1])
except TypeError, e:
self.errorlogger.log(
'%s:%s DecodeFailure %s',
self.address_string(),
self.srcport_string(),
authparts[1])
else:
self.potlogger.log(
'%s:%s Basic %s',
self.address_string(),
self.srcport_string(),
authdecoded)
# GET = HEAD
def do_GET(self):
self.do_HEAD()
# Main
def main():
# Redirect stdout and stderr
stdlog = StdLogger('bap')
outsave = sys.stdout
errsave = sys.stderr
sys.stdout = stdlog
sys.stderr = stdlog
# Start listener
httpd = BaseHTTPServer.HTTPServer(
(HTTP_ADDR, HTTP_PORT), BapRequestHandler)
print "Starting bap on %s:%s" % (HTTP_ADDR, HTTP_PORT)
try:
httpd.serve_forever()
except KeyboardInterrupt:
pass
httpd.server_close()
print "bap stopped"
# Restore stdout and stderr
sys.stdout = outsave
sys.stderr = errsave
if __name__ == '__main__':
main()