o ¥ ¼h3]ã@sDddlZddlZej ej ej e¡¡¡Zeejvr"ej de¡ddlZddl Z ddl Z ddl m Z m Z mZddlmZmZmZmZddlmZe je jdde  e¡ZddlmZddlmZdd lm Z dd l!m"Z"dd l#m$Z$e eƒZ%e$e%ƒd Z&ej'e&d de&e%j(d<hd£Z)dd„Z*ee%ddddddZ+edddZ,edddZ-edddZ.ed d!dZ/e+j0e,d"d#e+j0e-d"d#e+j0e.d"d#e+j0e/d$d#e+ 1d%ej2d&d'd(d)ej2d&d*d+d)ej2d&d,d-d)ej3d&d.d/d)ej2d&d0d1d)ej4d&d2d3d4d5œd)ej5ej2d&d6d7d8gd)d9œ¡Z6e+ 1d:ej2d;dej2dej2d;dej2d?dej4d@ddAœ¡Z8e+ 1dBej2d;dej2d?dej4d@dej2dCddDœ¡Z9e+ 1dEdFej2dGdi¡Z:e+ 1dHdIej2dd†dYdZ„Z?e?ƒZ@e"ƒZAed[d\„e@d]d^Dƒd_d\„e@d]d`DƒƒZBeB C¡e e@dadbƒZDee@dcddƒZEeBjF G¡D]ZHeB IeH¡ZJeJròeE KeHeJ¡qâeD L¡ZMeE NeM¡e, Ode¡Gdfd>„d>eƒƒZPe, Odg¡e, Qdhd;¡Gdidj„djeƒƒƒZRe- Odk¡e- Qdhd;¡Gdldm„dmeƒƒƒZSe- Odn¡e- Qdhd;¡Gdodp„dpeƒƒƒZTe. Odq¡e. Qdhd;¡Gdrds„dseƒƒƒZUe. Odt¡Gdudv„dveƒƒZVe/ Odw¡Gdxdy„dyeƒƒZWe%jOdedbdzigd{¢d|e%jOd}gd{¢d~dd€„ƒƒZXedkr e%jYe@d‚dƒe@d‚d„d&d…dSdS)‡éN)ÚFlaskÚrequestÚabort)ÚApiÚResourceÚ NamespaceÚfields)Úsecure_filenameú4%(asctime)s - %(name)s - %(levelname)s - %(message)s)ÚlevelÚformat)Ú PluginManager)Ú RuleEngine)Ú RuleManager)Úget_db_manager)ÚCORSzuploads/certificatesT)Úexist_okÚ UPLOAD_FOLDER>ÚkeyÚcertÚpemÚcrtcCs d|vo| dd¡d ¡tvS)u$检查文件扩展å是å¦è¢«å…许Ú.é)ÚrsplitÚlowerÚALLOWED_EXTENSIONS)Úfilename©rú/root/ive/api/server.pyÚ allowed_file+sÿr z1.0zIVE Honeypot APIuC蜜ç½ç³»ç»Ÿ API,用于管ç†èœœç½çŽ¯å¢ƒå’Œé…ç½®å制规则。z/docs/z/redoc/)ÚversionÚtitleÚ descriptionÚdocÚ redoc_urlÚ environmentsu 环境管ç†)r#Úcontrolu 环境控制Úcountermeasuresuå制能力管ç†Úfilesu 文件管ç†z/api/v1/environments)Úpathz /api/v1/filesÚEnvironmentInputFu 蜜ç½ç±»åž‹Úhttp)Úrequiredr#Úexampleu 蜜ç½åç§°Ú MyHoneypotu监å¬ä¸»æœºåœ°å€ú0.0.0.0u 监å¬ç«¯å£éPu æœåŠ¡ Bannerz Apache/2.4.1uSSL é…ç½® (如果需è¦HTTPS)z/path/to/cert.pemz/path/to/key.pem)ÚcertfileÚkeyfileu绑定的域å列表z example.comzwww.example.com)ÚtypeÚnameÚhostÚportÚbannerÚsslÚdomainsÚEnvironmentOutputu 环境 IDuæ“作结果信毩ÚidÚmessageÚEnvironmentListu使用的驱动u 环境é…ç½®)r=ÚdriverÚconfigÚEnvironmentDetailu 环境状æ€)r=r@rAÚstatusÚErrorÚerroru 错误信æ¯ÚMessager>ÚConfigureCountermeasuresInputu#è¦å…³è”到环境的规则ID列表Úinject_fake_flag_on_adminÚrandom_delay_on_loginuHè¦å…³è”到环境的完整规则对象列表 (优先级高于 rule_ids))r-r#)Úrule_idsÚrulesÚCountermeasureDescriptionuå制动作å称uå制动作æè¿°©r5r#Ú FileUploadu上传文件的存储路径©r>Úfilepathúconfig/config.jsonc Cs´z't|ddd }t |¡}Wdƒn1swYt d|›¡|WStyY}z&t d|›d|›¡dd d œd d id gdgdœddddœdœWYd}~Sd}~ww)u加载系统é…ç½®Úrzutf-8)ÚencodingNz!Loaded system configuration from z)Failed to load system configuration from z: r0i‘)r6r7r*zdata/honeypot.dbz ./driversz./countermeasures)Ú driver_dirsÚcountermeasure_dirsÚINFOr z./logs/countermeasure_audit.log)r r Úaudit_log_file)ÚserverÚdatabaseÚpluginsÚlogging)ÚopenÚjsonÚloadÚloggerÚinfoÚ ExceptionrE)Ú config_fileÚfrAÚerrrÚload_system_config‚s( ÿþýù€ýrecCóg|] }tj t|¡‘qSr©Úosr*ÚjoinÚ project_root©Ú.0Údir_pathrrrÚ ¢órnrZrTcCrfrrgrkrrrrn£rorUrYr*r[rWú/c @s€eZdZe d¡e e¡dd„ƒƒZe d¡eje ddej e dde  d d e ¡e  d d e ¡e  d de ¡dd„ƒƒƒƒƒƒZdS)r?Úlist_environmentscCs t ¡}|S)u列出所有环境)Ú rule_managerrq)ÚselfÚdb_environmentsrrrÚget¸szEnvironmentList.getÚcreate_environmentT©ÚvalidateéÉ©Úcodeéú Invalid JSONé™zEnvironment already existséôz'Driver not available or creation failedcCs¦tj}|s t dd¡| dd¡}|dkr|›dnd}t |¡}|s4t d¡}|s4t dd|›d ¡| |¡}t |||¡}|sLt d d |›d ¡|d dœdfS)u创建新环境r|r}r4r,Ú _honeypotÚ http_honeypotrzDriver for type 'z' not availabler~zEnvironment with ID 'z' already existszEnvironment createdr<ry)ÚapiÚpayloadrruÚplugin_managerÚ get_driverrvrr)rsÚdataÚenv_typeÚ driver_namer@Úenv_idÚsuccessrrrÚpostÂs     zEnvironmentList.postN)Ú__name__Ú __module__Ú __qualname__Úns_envr$Úmarshal_list_withÚenvironment_list_modelruÚexpectÚenvironment_input_modelÚ marshal_withÚenvironment_output_modelÚresponseÚ error_modelr‹rrrrr?¶s      z/r‰c@speZdZe d¡e e¡e dde¡dd„ƒƒƒZ e d¡e dd¡e dde¡e d d e¡d d „ƒƒƒƒZ d S)Ú EnvironmentÚget_environmenté”úEnvironment not foundcCsNt |¡}|s t dd¡|d}t |¡}|r!| |¡|d<|Sd|d<|S)u获å–环境详情ršú!Environment not found in databaser@rCÚunknown)rrr™r‚rr„r…Úget_environment_status)rsr‰Úenvrˆr@rrrruîs   þzEnvironment.getÚdelete_environmentéÌzEnvironment deletedrz'Driver not available or deletion failedcCs†t |¡}|s t dd¡|d}t |¡}|s$t d|›d|›d¡d}t|dƒr0|  |¡}t  |¡}|r;|r;d St d d ¡d S) u 删除环境ršrœr@úDriver z not available for environment z during deletionTr )Úr¡rzFailed to delete environmentN) rrr™r‚rr„r…r_ÚwarningÚhasattrr )rsr‰rŸrˆr@Údriver_delete_successÚdb_delete_successrrrÚdeletes      zEnvironment.deleteN) rŒrrŽrr$r”Úenvironment_detail_modelr–r—rur¨rrrrr˜ës    r˜z//startc@óHeZdZe d¡e dde¡e dde¡e dde¡dd „ƒƒƒƒZd S) ÚEnvironmentStartÚstart_environmentéÈúEnvironment startedršr›rz$Driver not available or start failedcCs~t |¡}|s t dd¡|d}t |¡}|s"t dd|›d¡t|ƒ| |¡}t|ƒ|r7ddid fSt dd ¡d S) u å¯åŠ¨çŽ¯å¢ƒršrœr@rr¢ú not availabler>r®r­zFailed to start environmentN)rrr™r‚rr„r…Úprintr¬©rsr‰rŸrˆr@rŠrrrr‹.s     zEnvironmentStart.postN© rŒrrŽÚns_ctrlr$r–Ú message_modelr—r‹rrrrr«+ó    r«z//stopc@rª) ÚEnvironmentStopÚstop_environmentr­úEnvironment stoppedršr›rz#Driver not available or stop failedcCsnt |¡}|s t dd¡|d}t |¡}|s"t dd|›d¡| |¡}|r/ddid fSt dd ¡d S) u åœæ­¢çŽ¯å¢ƒršrœr@rr¢r¯r>r¸r­zFailed to stop environmentN)rrr™r‚rr„r…r·r±rrrr‹Is     zEnvironmentStop.postNr²rrrrr¶Frµr¶z //countermeasuresc @sdeZdZe d¡ejedde dde¡e dde ¡e dd e ¡e d d e ¡d d „ƒƒƒƒƒƒZ dS)ÚConfigureCountermeasuresÚconfigure_countermeasuresTrwryzCountermeasures configuredr|z)Invalid payload or rule validation failedršr›rz#Failed to configure countermeasuresc Csôt |¡}|s t dd¡tj}| dg¡}| dg¡}g}|r7t|tƒr.tdd„|Dƒƒs4t dd¡|}n*|r`t  ¡}d d „|Dƒ}|D]} | |vrT|  || ¡qFt dd | ›d ¡qFn t  ||¡} | rrd d|›idfSt dd¡dS)u为环境é…ç½®å制措施ršrœrJrKcss|]}t|tƒVqdS)N)Ú isinstanceÚdict)rlrRrrrÚ zs€z0ConfigureCountermeasures.post..r|z:Invalid rules format: rules must be a list of rule objectscSsi|]}| d¡|“qS)r=)ru)rlÚrulerrrÚ sz1ConfigureCountermeasures.post..z Rule ID 'z' not found in global rulesr>z+Countermeasures configured for environment ryrz/Failed to configure countermeasures in databaseN) rrr™r‚rrƒrur»ÚlistÚallÚ get_all_rulesÚappendÚset_environment_rules) rsr‰rŸr†rJrKÚenvironment_rulesÚall_global_rulesÚglobal_rule_dictÚrule_idrŠrrrr‹bs0     ú zConfigureCountermeasures.postN) rŒrrŽÚns_cmr$r’Ú%configure_countermeasures_input_modelr–r´r—r‹rrrrr¹_s     r¹z /descriptionsc@s(eZdZe d¡e e¡dd„ƒƒZdS)ÚCountermeasureDescriptionsÚ list_countermeasure_descriptionsc Csˆg}tj ¡D]:\}}z|ƒ}| ¡}| ||dœ¡WqtyA}zt d|›d|›¡| |ddœ¡WYd}~qd}~ww|S)u'列出所有å¯ç”¨å制动作的æè¿°rMz.Failed to get description for countermeasure 'z': zDescription unavailableN)r„r(ÚitemsÚget_descriptionrÃrar_rE)rsÚ descriptionsr5Úcm_classÚ cm_instancer#rdrrrruœs€þzCountermeasureDescriptions.getN)rŒrrŽrÉr$rÚ countermeasure_description_modelrurrrrrËšsrËz /certificatesc @sXeZdZe d¡e e ¡jdddddd¡eje dde  d d e ¡d d „ƒƒƒƒZ d S)ÚCertificateUploadÚupload_certificateÚfiler)Tu è¯ä¹¦æ–‡ä»¶)Úlocationr4r-Úhelpryrzr|z%No file selected or invalid file typec Csôdtjvr t dd¡tjd}|jdkrt dd¡|rrt|jƒrrt|jƒ}t ¡j ›d|›}t j   t jd|¡}z| |¡t d|›¡d |d œd fWStyq}zt d |›¡t d d¡WYd}~dSd}~wwt dd¡dS)u上传SSLè¯ä¹¦æ–‡ä»¶rÕr|z No file partr£zNo selected fileÚ_rz(Certificate file uploaded successfully: zFile uploaded successfullyrOryzFailed to save uploaded file: rzFailed to save fileNz5Invalid file type. Allowed types: pem, crt, key, cert)rr)r‚rrr r ÚuuidÚuuid4Úhexrhr*riÚapprAÚsaver_r`rarE)rsrÕrÚunique_filenamerPrdrrrr‹¯s.       þý€þzCertificateUpload.postN) rŒrrŽÚns_filesr$r’ÚparserÚ add_argumentr”Úfile_upload_modelr–r—r‹rrrrrÓ­s   rÓr£)ÚGETÚPOSTÚPUTÚDELETE)ÚdefaultsÚmethodsz /)rèc Cs^dtjtjttjƒtjtj ¡tj ¡tj dddœ}t   ¡}|r'|ddnd}|dkr2t   ¡}n t   |¡}|r;|nt   ¡}t |||¡}d}|D]}| d¡d kre| d i¡ d ¡re|d  d ¡}nqJd } | } |r¥|d} |d} | dkrƒ|  d| ›dd¡} n"| dkr’|  d| ›dd¡} n| dkr¡|  dd| ›d¡} n| | 7} tj| ddd} | S)Nr,T)Úas_text)ÚprotocolÚmethodr*ÚheadersÚipÚargsÚformr†rr=ÚdefaultÚactionÚinject_contentÚresultrŠÚ inject_infor£ÚcontentrÖÚbefore_body_endzz rÚheadzz Ú body_startzz r­z text/html)r–rCÚmimetype)rrër*r¼rìÚ remote_addrrîÚto_dictrïÚget_datarrrqrÂÚget_environment_rulesÚ rule_engineÚ$evaluate_and_execute_for_environmentruÚreplacerÜÚresponse_class)r*Úrequest_contextrtÚenvironment_idÚ rules_to_userÅÚresultsrôróÚdefault_html_contentÚresponse_contentÚcontent_to_injectrÖr–rrrÚhoneypot_serviceÛsP ø   €ýr Ú__main__rXr6r7)r6r7Údebug)rQ)ZÚsysrhr*ÚdirnameÚabspathÚ__file__rjÚinsertr]rÙr[ÚflaskrrrÚ flask_restxrrrrÚwerkzeug.utilsr Ú basicConfigrVÚ getLoggerrŒr_Úcore.plugin_managerr Úcore.rule_enginerÚcore.rule_managerrÚ core.databaserÚ flask_corsrrÜrÚmakedirsrArr r‚rr³rÉrßÚ add_namespaceÚmodelÚStringÚIntegerÚRawÚListr“r•r‘r©r—r´rÊrÒrâreÚ system_configÚ db_managerr„Ú load_pluginsrrrþr(Úkeysr5Úget_countermeasureÚ cm_pluginÚregister_countermeasurerÂrKÚ load_rulesÚrouter?Úparamr˜r«r¶r¹rËrÓr ÚrunrrrrÚsü         ý    ù  þ   ý    ü ÿ ÿþ  þ  þ ÿÿ  € 4 >   9-  J   ýÿ