-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathcoret_factory.py
executable file
·28 lines (26 loc) · 1.06 KB
/
coret_factory.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#!/usr/bin/env python
from coret_fake import *
from honey_pot_ssh_user_auth_server import *
from twisted.conch.ssh import factory, connection, transport, userauth
from twisted.conch.ssh import keys as tkeys
from twisted.conch.ssh.common import *
class CoretFactory(factory.SSHFactory):
publicKeys = {'ssh-rsa': tkeys.Key.fromString(data=FAKE_SSH_KEY)}
privateKeys = {'ssh-rsa': tkeys.Key.fromString(data=FAKE_SSH_PRIVKEY)}
services = {
'ssh-userauth': HoneyPotSSHUserAuthServer,
'ssh-connection': connection.SSHConnection
}
def buildProtocol(self, addr):
t = transport.SSHServerTransport()
#
# Fix for BUG 1463701 "NMap recognizes Kojoney as a Honeypot"
#
t.ourVersionString = FAKE_SSH_SERVER_VERSION
t.supportedPublicKeys = self.privateKeys.keys()
if not self.primes:
ske = t.supportedKeyExchanges[:]
ske.remove('diffie-hellman-group-exchange-sha1')
t.supportedKeyExchanges = ske
t.factory = self
return t