5h^ ddlZddlZejjejjejj eZeejvrejjdeddlZddl Z ddl Z ddl m Z m Z mZddlmZmZmZmZddlmZe j,e j.de j0eZddlmZddlmZdd lm Z dd l!m"Z"dd l#m$Z$e eZ%e$e%d Z&ejNe&d e&e%jPd<hdZ)dZ*ee%dddddZ+eddZ,eddZ-eddZ.edd Z/e+jae,d!"e+jae-d!"e+jae.d!"e+jae/d#"e+jcd$ejdd%d&d'(ejdd%d)d*(ejdd%d+d,(ejfd%d-d.(ejdd%d/d0(ejhd%d1d2d3d4(ejjejdd%d5d6d7g(d8Z6e+jcd9ejdd:ejdd;d<Z7e+jcd=ejdd:ejdd>ejhd?d@Z8e+jcdAejdd:ejdd>ejhd?ejddBdCZ9e+jcdDdEejddFiZ:e+jcdGdHejdd;iZ;e+jcdIejjejdd%dJdKdLg(ejjejhd%dMNdOZddWZ?e?Z@e"ZAee@dXdYDcgc]}ejje| c}e@dXdZDcgc]}ejje| c}zZCeCje e@d[d\ZEee@d]d^ZFeCjjD](ZIeCjeIZKeKseFjeIeK*eEjZNeFjeNe,jd_Gd`d=eZQe,jdae,jdbd:GdcddeZSe-jdee-jdbd:GdfdgeZTe-jdhe-jdbd:GdidjeZUe.jdke.jdbd:GdldmeZVe.jdnGdodpeZWe/jdqGdrdseZXe%jd_d\dtigduve%jdwgduxdyZYedzk(r!e%je@d{d|e@d{d}d%~yycc}wcc}w)N)Flaskrequestabort)ApiResource Namespacefields)secure_filename4%(asctime)s - %(name)s - %(levelname)s - %(message)s)levelformat) PluginManager) RuleEngine) RuleManager)get_db_manager)CORSzuploads/certificatesT)exist_ok UPLOAD_FOLDER>crtkeypemcertc`d|vxr)|jdddjtvS)u$检查文件扩展名是否被允许.)rsplitlowerALLOWED_EXTENSIONS)filenames D:\code\IVE2\IVE\api\server.py allowed_filer!+s7 (? D ??3 "1 % + + -1C CDz1.0zIVE Honeypot APIuC蜜罐系统 API,用于管理蜜罐环境和配置反制规则。z/docs/z/redoc/)versiontitle descriptiondoc redoc_url environmentsu 环境管理)r%controlu 环境控制countermeasuresu反制能力管理filesu 文件管理z/api/v1/environments)pathz /api/v1/filesEnvironmentInputFu 蜜罐类型http)requiredr%exampleu 蜜罐名称 MyHoneypotu监听主机地址0.0.0.0u 监听端口Pu 服务 Bannerz Apache/2.4.1uSSL 配置 (如果需要HTTPS)z/path/to/cert.pemz/path/to/key.pem)certfilekeyfileu绑定的域名列表z example.comzwww.example.com)typenamehostportbannerssldomainsEnvironmentOutputu 环境 IDu操作结果信息idmessageEnvironmentListu使用的驱动u 环境配置)r?driverconfigEnvironmentDetailu 环境状态)r?rBrCstatusErrorerroru 错误信息Messager@ConfigureCountermeasuresInputu#要关联到环境的规则ID列表inject_fake_flag_on_adminrandom_delay_on_loginuH要关联到环境的完整规则对象列表 (优先级高于 rule_ids))r/r%)rule_idsrulesCountermeasureDescriptionu反制动作名称u反制动作描述r7r% FileUploadu上传文件的存储路径r@filepathc4 t|dd5}tj|}dddtj d|S#1swY#xYw#t $r:}tj d|d|dd d d d id gdgddddddcYd}~Sd}~wwxYw)u加载系统配置rzutf-8)encodingNz!Loaded system configuration from z)Failed to load system configuration from z: r2i)r8r9r,zdata/honeypot.dbz ./driversz./countermeasures) driver_dirscountermeasure_dirsINFOr z./logs/countermeasure_audit.log)r r audit_log_file)serverdatabasepluginslogging)openjsonloadloggerinfo ExceptionrG) config_filefrCes r load_system_configrgs +sW 5YYq\F6 7 }EF 6 5   @ RPQsST )$7!34 +}(;'<  P"C   s3AA!AA A B/B BBr\rVrWr[r,r]rY/c leZdZej dej edZej deje deje dejdd e ejd d e ejd d e dZy)rAlist_environmentsc.tj}|S)u列出所有环境) rule_managerrj)selfdb_environmentss r getzEnvironmentList.gets'88:r"create_environmentTvalidatecode Invalid JSONzEnvironment already existsz'Driver not available or creation failedctj}|stjdd|jdd}|dk7r|dnd}tj |}|s1tj d}|stjdd|d |j |}tj |||}|stjd d |d |d ddfS)u创建新环境rvrwr6r. _honeypot http_honeypotryzDriver for type 'z' not availablerxzEnvironment with ID 'z' already existszEnvironment createdr>rs)apipayloadrroplugin_manager get_driverrprl)rmdataenv_type driver_namerBenv_idsuccesss r postzEnvironmentList.posts{{ IIc> *88FF+08F0B ),  **;7#..?F #!28*OLM **4011&+tL IIc26(:JK L )>?DDr"N)__name__ __module__ __qualname__ns_envr&marshal_list_withenvironment_list_modelroexpectenvironment_input_model marshal_withenvironment_output_modelresponse error_modelrr"r rArAs ZZ#$ 456% ZZ$% ]]*T]: 1< __S.+6 __S6 D __SC[Q!ERE7=;& !Er"z/rc>eZdZej dej eejddedZ ej dejddejddeejdd ed Z y ) Environmentget_environmentEnvironment not foundctj|}|stjdd|d}tj |}|r|j ||d<|Sd|d<|S)u获取环境详情r!Environment not found in databaserBrEunknown)rlrr}rrrget_environment_status)rmrenvrrBs r rozEnvironment.getso **62 IIc> ?(m **;7 "99&ACM &CM r"delete_environmentzEnvironment deletedryz'Driver not available or deletion failedcltj|}|stjdd|d}tj |}|st jd|d|dd}t|dr|j|}tj|}|r|ry tjd d y ) u 删除环境rrrBDriver z not available for environment z during deletionTr)rryzFailed to delete environmentN) rlrr}rrrrawarninghasattrr)rmrrrrBdriver_delete_successdb_delete_successs r deletezEnvironment.deletes**62 IIc> ?(m **;7 NNW[M1PQWPXXhi j!% 6/ 0$*$=$=f$E !);;FC %6 IIc9 :r"N) rrrrr&renvironment_detail_modelrrrorrr"r rrs ZZ!" 12 __S1;?@3#" ZZ$% __S/0 __S1;? __SC[Q#;R@1&#;r"rz//startceZdZej dej ddeej ddeej ddedZy ) EnvironmentStartstart_environmentEnvironment startedrrryz$Driver not available or start failedcTtj|}|stjdd|d}tj |}|stjdd|dt ||j|}t ||rddid fStjdd y ) u 启动环境rrrBryr not availabler@rrzFailed to start environmentN)rlrr}rrrprintrrmrrrrBrs r rzEnvironmentStart.post.s**62 IIc> ?(m **;7 IIcW[M@ A f **62 g 45s: : IIc8 9r"N rrrns_ctrlr&r message_modelrrrr"r rr+sk [[$% c0-@ c2K@ cA;O:PAA&:r"rz//stopceZdZej dej ddeej ddeej ddedZy ) EnvironmentStopstop_environmentrEnvironment stoppedrrryz#Driver not available or stop failedc(tj|}|stjdd|d}tj |}|stjdd|d|j |}|rddid fStjdd y ) u 停止环境rrrBryrrr@rrzFailed to stop environmentN)rlrr}rrrrrs r rzEnvironmentStop.postIs**62 IIc> ?(m **;7 IIcW[M@ A))&1 45s: : IIc7 8r"Nrrr"r rrFsk [[#$ c0-@ c2K@ c@+N9OAA%9r"rz //countermeasuresc eZdZej dej edejddeejdde ejdd e ejd d e d Z y )ConfigureCountermeasuresconfigure_countermeasuresTrqrszCountermeasures configuredrvz)Invalid payload or rule validation failedrrryz#Failed to configure countermeasuresctj|}|stjddtj}|j dg}|j dg}g}|r;t |trtd|Dstjdd|}nq|rntj}|Dcic]}|j d|} }|D]5} | | vr|j| | tjdd | d 7n tj||} | r d d |id fStjddycc}w)u为环境配置反制措施rrrLrMc3<K|]}t|tyw)N) isinstancedict).0rTs r z0ConfigureCountermeasures.post..zs5YSXajD6ISXsrvz:Invalid rules format: rules must be a list of rule objectsr?z Rule ID 'z' not found in global rulesr@z+Countermeasures configured for environment rsryz/Failed to configure countermeasures in databaseN) rlrr}rr~rorlistall get_all_rulesappendset_environment_rules) rmrrrrLrMenvironment_rulesall_global_rulesruleglobal_rule_dictrule_idrs r rzConfigureCountermeasures.postbsM**62 IIc> ?{{88J+"% eT*#5YSX5Y2Y #[\ %  +99; AQRAQ 4AQ R#..%,,-=g-FGIIcZy8T#UV $ 44V=NO !LVHUVX[[ [ IIcL M- Ss;E N) rrrns_cmr&r%configure_countermeasures_input_modelrrrrrr"r rr_s YY*+ \\7$\G ^^C5}E ^^CDkR ^^C0+> ^^C> L/NM?SFH, /Nr"rz /descriptionscbeZdZej dej edZy)CountermeasureDescriptions list_countermeasure_descriptionsc8g}tjjD]1\}} |}|j}|j ||d3|S#t $r9}t jd|d||j |ddYd}~sd}~wwxYw)u'列出所有可用反制动作的描述rOz.Failed to get description for countermeasure 'z': zDescription unavailableN)rr*itemsget_descriptionrrcrarG)rm descriptionsr7cm_class cm_instancer%rfs r rozCountermeasureDescriptions.gets ,<<BBDND( ^&j )99; ##T+$NO E ^ MdVSVWXVYZ[##TB[$\]] ^s+A B /BBN)rrrrr&r countermeasure_description_modelrorr"r rrs2 YY12 => ?3 r"rz /certificatesc eZdZej dej ej jdddddeje dejd d e d Z y ) CertificateUploadupload_certificatefiler+Tu 证书文件)locationr6r/helprsrtrvz%No file selected or invalid file typecdtjvrtjddtjd}|jdk(rtjdd|rt |jrt |j}tjjd|}tjjtjd|} |j|t j#d|d |d d fStjddy#t$$r8}t j'd |tjd dYd}~yd}~wwxYw)u上传SSL证书文件rrvz No file partrzNo selected file_rz(Certificate file uploaded successfully: zFile uploaded successfullyrQrszFailed to save uploaded file: ryzFailed to save fileNz5Invalid file type. Allowed types: pem, crt, key, cert)rr+r}rrr!r uuiduuid4hexosr,joinapprCsaverarbrcrG)rmrrunique_filenamerRrfs r rzCertificateUpload.posts)  & IIc> *}}V$ ==B  IIc- . L/&t}}5H!%!1!1 2!H:>Oww||CJJ$?QH 6 (# FxjQR; ( IIcR S  6 =aSAB #455 6s"/D)) E*2.E%%E*N) rrrns_filesr&rparser add_argumentrfile_upload_modelrrrrr"r rrs \\&' __X__&33FWSYdho}3~ ,37 sC[QTR8@(Tr"rr)GETPOSTPUTDELETE)defaultsmethodsz /)rc dtjtjttjtj tj jtjjtjdd}tj}|r|ddnd}|dk(rtj}n-tj|}|r|ntj}tj|||}d}|D]N}|j!dd k(s|j!d ij!d s:|d j!d }nd j#|} | } |rc|d} |d} | dk(r| j%d| dd} n=| dk(r| j%d| dd} n!| dk(r| j%dd| d} n| | z } t&j)| dd} | S)Nr.T)as_text)protocolmethodr,headersipargsformrrr?defaultactioninject_contentresultr inject_infoa8 IVE Honeypot

Welcome to the IVE Honeypot!

This is a simulated service for security research and deception.

Countermeasures triggered: 

{}

contentrbefore_body_endzz rheadzz body_startzz rz text/html)rrEmimetype)rrr,rr remote_addrrto_dictrget_datarlrjrget_environment_rules rule_engine$evaluate_and_execute_for_environmentror replacerresponse_class)r,request_contextrnenvironment_id rules_to_userresultsrrdefault_html_contentresponse_contentcontent_to_injectrrs r honeypot_servicers .. (!! $$& $$&  . O#446O1@_Q'-iN"#113 )>>~N->(>P\^lmGK ::h #3 3 8R8P8T8TU^8_ *..}=K   w,' 2z* ( (3;;IJ[I\\eGfhij   3;;IJ[I\\eGfhij   %3;;HQbPcFdfgh   1 1 !!!"H Or"__main__rZr8r9)r8r9debug)zconfig/config.json)[sysrr,dirnameabspath__file__ project_rootinsertr_rr]flaskrrr flask_restxrrrr werkzeug.utilsr basicConfigrX getLoggerrracore.plugin_managerrcore.rule_enginercore.rule_managerr core.databaser flask_corsrrrmakedirsrCrr!r}rrrr add_namespacemodelStringIntegerRawListrrrrrrrrrrg system_config db_managerrr load_pluginsrlr r*keysr7get_countermeasure cm_pluginregister_countermeasurerrM load_rulesrouterAparamrrrrrrrrun)dir_paths0r r:s@ wwrwwrwwx/HIJ sxxHHOOA|$ ''88*',,/ef   8 $.')( HoS '  MD)+ ?2D  #u$6[  >~ > I> :#1EF W. 9&56' 67%45(1))$6 FMM5nf U FMM5nl [ FMM56JT] ^ FNNE~r RfmmUQ_` 6::u2Ri|J\]] ^v{{6==5F]huxIhJK999%8 &--K 0v}})=>; #4 &--K 0fmm(9:fjj^4799%8 &--K 0fmm(9:fjj^4fmm7 ;ii ]V]]~ 6"  ) }v}})=>& ), 2Q FMMEGlxSUlwmn V[[eBLMT)% $'99-H FMM&: ; 6==-ABK$ IIlv}})=> *GH-  2#$   :G :RS`:ab:ahRWW\\,):ab:G :RSh:ij:ihRWW\\,):ijk=4V<= y12BCD   * * / / 1D11$7I++D)< 2 ""$ uc2Eh2E2Eh !h $<;(<;%"<;| '(x%:x:&):2 &'x%9h9&(9. /0X{#6Nx6N$16Nr_$  $T$T!$TZ3&"/OP>#CDUEQUn zGG 8 $V , 8 $V , e cjs &#[#["