services: add CWMP/TR-069#281
Conversation
sammynx
left a comment
sammynx
left a comment
There was a problem hiding this comment.
When I use a payload with invalid xml there is no logging of the attempt. Maybe we should also log those ?
Also when I run this with the xml payload where I deleted the body it panics.
|
Thank you, I added some code for error handling. |
| c pushers.Channel | ||
| } | ||
|
|
||
| func (s *cwmpService) CanHandle(payload []byte) bool { |
There was a problem hiding this comment.
Can we add here some more unique features to distinguish normal http, ethereum and this protocol. Check for the paths eg.
There was a problem hiding this comment.
Not much can be done for checking the paths, I'm afraid - GET requests might be indistinguishable from plain HTTP stuff. However, I improved the POST checking so that it checks for < (hinting at XML), SOAP/soap and xml.
There was a problem hiding this comment.
Not that familiair with the specifics, but there isn't a specific targetted path?
There was a problem hiding this comment.
I'm not familiar with the protocol either, but it seems that it doesn't have a specific path.
Quick example: the linked Wireshark capture uses /UD/act?1, this article uses /cwmpWeb/CPEMgt, this guide uses /acs.
| "github.com/honeytrap/honeytrap/event" | ||
| "github.com/honeytrap/honeytrap/pushers" | ||
| ) | ||
|
|
There was a problem hiding this comment.
Could you add a configuration example? One that we can include (generate eventually) to the Honeytrap docs?
There was a problem hiding this comment.
This service currently doesn't use configuration options, so a configuration example would be trivial - something like
[service.cwmp]
type="cwmp"
port="tcp/3890"Should I add it anyway?
There was a problem hiding this comment.
yeah, that would be great. This will be use latter to use generate docs.
There was a problem hiding this comment.
Okay, I added it.
3 participants
Fixes #196.
I tested the service with this payload (from this article).