honeytrap

- fixed a bug in configure.ac that caused libnebula detection to fail
- removed some unused variables that caused compiler warnings
- unified plugin interface that requires plugin_config() and plugin_init() to be exported by each plugin
- bumped all plugins to the next major release as the interface has changed
- all plugins now complete initialization first before they register their hooks

configure.ac

@@ -569,7 +569,7 @@ if test "$with_submit_nebula" = "yes"; then
 		LDFLAGS="${LDFLAGS}  -L${with_nebula_libraries}"
 	fi
 	LNEBULA="yes"
-	AC_CHECK_LIB(nebula, compress, LNEBULA="yes", LNEBULA="no")
+	AC_CHECK_LIB(nebula, nebula_new, LNEBULA="yes", LNEBULA="no")
 	if test "$LNEBULA" = "no"; then
 		echo
 		bold "   %BError%b - nebula library not found. Install it or use the following options:"

src/modules/htm_ClamAV.c

@@ -1,5 +1,5 @@
 /* htm_ClamAV.c
- * Copyright (C) 2007 Tillmann Werner <tillmann.werner@gmx.de>
+ * Copyright (C) 2007-2015 Tillmann Werner <tillmann.werner@gmx.de>
  *
  * This file is free software; as a special exception the author gives
  * unlimited permission to copy and/or distribute it, with or without
@@ -43,7 +43,7 @@
 
 
 const char module_name[]="ClamAV";
-const char module_version[]="0.1.1";
+const char module_version[]="1.0.0";
 
 static const char *config_keywords[] = {
 	"clamdb_path",
@@ -59,15 +59,18 @@ struct cl_engine *engine;
 struct cl_limits limits;
 #endif
 
-
-void plugin_init(void) {
-	plugin_register_hooks();
+void plugin_config(void) {
 	register_plugin_confopts(module_name, config_keywords, sizeof(config_keywords)/sizeof(char *));
 	if (process_conftree(config_tree, config_tree, plugin_process_confopts, NULL) == NULL) {
 		fprintf(stderr, "  Error - Unable to process configuration tree for plugin %s.\n", module_name);
 		exit(EXIT_FAILURE);
 	}
+	return;
+}
+
+void plugin_init(void) {
 	load_clamdb();
+	plugin_register_hooks();
 	return;
 }
 

src/modules/htm_SaveFile.c

@@ -1,5 +1,5 @@
 /* htm_SaveFile.c
- * Copyright (C) 2006-2008 Tillmann Werner <tillmann.werner@gmx.de>
+ * Copyright (C) 2006-2015 Tillmann Werner <tillmann.werner@gmx.de>
  *
  * This file is free software; as a special exception the author gives
  * unlimited permission to copy and/or distribute it, with or without
@@ -41,7 +41,7 @@
 #include "htm_SaveFile.h"
 
 const char module_name[]="SaveFile";
-const char module_version[]="0.2.1";
+const char module_version[]="1.0.0";
 
 static const char *config_keywords[] = {
 	"attacks_dir",
@@ -52,8 +52,7 @@ const char *attacks_dir;
 const char *downloads_dir;
 
 
-void plugin_init(void) {
-	plugin_register_hooks();
+void plugin_config(void) {
 	register_plugin_confopts(module_name, config_keywords, sizeof(config_keywords)/sizeof(char *));
 	if (process_conftree(config_tree, config_tree, plugin_process_confopts, NULL) == NULL) {
 		fprintf(stderr, "  Error - Unable to process configuration tree for plugin %s.\n", module_name);
@@ -62,6 +61,11 @@ void plugin_init(void) {
 	return;
 }
 
+void plugin_init(void) {
+	plugin_register_hooks();
+	return;
+}
+
 void plugin_unload(void) {
 	unhook(PPRIO_SAVEDATA, module_name, "save_to_file");
 	return;

src/modules/htm_SpamSum.c

@@ -1,5 +1,5 @@
 /* htm_SpamSum.c
- * Copyright (C) 2006-2007 Tillmann Werner <tillmann.werner@gmx.de>
+ * Copyright (C) 2006-2015 Tillmann Werner <tillmann.werner@gmx.de>
  *
  * This file is free software; as a special exception the author gives
  * unlimited permission to copy and/or distribute it, with or without
@@ -66,8 +66,8 @@ static struct {
 	u_int32_t n;
 } roll_state;
 
-void plugin_init(void) {
-	plugin_register_hooks();
+
+void plugin_config(void) {
 	register_plugin_confopts(module_name, config_keywords, sizeof(config_keywords)/sizeof(char *));
 	if (process_conftree(config_tree, config_tree, plugin_process_confopts, NULL) == NULL) {
 		fprintf(stderr, "  Error - Unable to process configuration tree for plugin %s.\n", module_name);
@@ -76,6 +76,11 @@ void plugin_init(void) {
 	return;
 }
 
+void plugin_init(void) {
+	plugin_register_hooks();
+	return;
+}
+
 void plugin_unload(void) {
 	unhook(PPRIO_POSTPROC, module_name, "calc_spamsum");
 	return;

src/modules/htm_b64Decode.c

@@ -1,5 +1,5 @@
 /* htm_b64Decode.c
- * Copyright (C) 2006 Tillmann Werner <tillmann.werner@gmx.de>
+ * Copyright (C) 2006-2015 Tillmann Werner <tillmann.werner@gmx.de>
  *
  * This file is free software; as a special exception the author gives
  * unlimited permission to copy and/or distribute it, with or without
@@ -35,9 +35,13 @@
 #include "htm_b64Decode.h"
 
 const char module_name[]="b64Decode";
-const char module_version[]="0.3.1";
+const char module_version[]="1.0.0";
 
 
+void plugin_config(void) {
+	return;
+}
+
 void plugin_init(void) {
 	plugin_register_hooks();
 	return;

src/modules/htm_cpuEmu.c

@@ -1,5 +1,5 @@
 /* htm_cpuEmu.c
- * Copyright (C) 2007-2008 Tillmann Werner <tillmann.werner@gmx.de>
+ * Copyright (C) 2007-2015 Tillmann Werner <tillmann.werner@gmx.de>
  *
  * This file is free software; as a special exception the author gives
  * unlimited permission to copy and/or distribute it, with or without
@@ -157,9 +157,7 @@ conf_node *plugin_process_confopts(conf_node *tree, conf_node *node, void *opt_d
 	return(node);
 }
 
-void plugin_init(void) {
-	plugin_register_hooks();
-
+void plugin_config(void) {
 	execute_shellcode	= 0;
 	createprocess_cmd	= NULL;
 
@@ -169,12 +167,18 @@ void plugin_init(void) {
 		exit(EXIT_FAILURE);
 	}
 
+	return;
+}
+
+void plugin_init(void) {
 	if ((elog = emu_log_new()) == NULL){
 		logmsg(LOG_ERR, 1, "CPU Emulation Error - Unable to initialize logging.\n");
 		exit(EXIT_FAILURE);
 	}
 	emu_log_set_logcb(elog, logmsg_emu);
 
+	plugin_register_hooks();
+
 	return;
 }
 
@@ -289,7 +293,6 @@ int find_shellcode(Attack *attack) {
 // run detected asm code on emulated CPU
 int run(struct emu *e, int interactive) {
 	int 			j, ret;
-	uint32_t		eipsave = 0;
 	struct emu_cpu		*cpu = emu_cpu_get(e);
 	struct emu_env		*env = emu_env_new(e);
 	struct emu_hashtable	*eh = NULL;
@@ -347,8 +350,6 @@ int run(struct emu *e, int interactive) {
 		logmsg(LOG_NOISY, 1, "CPU Emulation - Running code...\n");
 
 	for (j=0;j<opts.steps;j++) {
-		if ( cpu->repeat_current_instr == false ) eipsave = emu_cpu_eip_get(emu_cpu_get(e));
-
 		struct emu_env_hook *hook	= NULL;
 		ret				= 0;
 
@@ -471,14 +472,13 @@ uint32_t user_hook_bind_regport(struct emu_env *env, struct emu_env_hook *hook,
 	va_list			vl;
 	int			s, type;
 	struct sockaddr		*saddr;
-	socklen_t		saddrlen, optsize;
+	socklen_t		optsize;
 	portinfo		pinfo;
 
 	va_start(vl, hook);
 
 	s		= va_arg(vl, int);
 	saddr		= va_arg(vl, struct sockaddr *);
-	saddrlen	= va_arg(vl, socklen_t);
 
 	va_end(vl);
 

src/modules/htm_cpuEmu.h

@@ -18,7 +18,7 @@
 #endif
 
 const char module_name[]="htm_cpuEmu";
-const char module_version[]="0.1";
+const char module_version[]="1.0.0";
 
 static const char *config_keywords[] = {
 	"execute_shellcode",

src/modules/htm_deUnicode.c

@@ -1,5 +1,5 @@
 /* htm_deUnicode.c
- * Copyright (C) 2009 Tillmann Werner <tillmann.werner@gmx.de>
+ * Copyright (C) 2009-2015 Tillmann Werner <tillmann.werner@gmx.de>
  *
  * This file is free software; as a special exception the author gives
  * unlimited permission to copy and/or distribute it, with or without
@@ -29,7 +29,11 @@
 #include "htm_deUnicode.h"
 
 const char module_name[]="deUnicode";
-const char module_version[]="0.1";
+const char module_version[]="1.0.0";
+
+void plugin_config(void) {
+	return;
+}
 
 void plugin_init(void) {
 	plugin_register_hooks();

src/modules/htm_ftpDownload.c

@@ -1,5 +1,5 @@
 /* htm_ftpDownload.c
- * Copyright (C) 2006-2008 Tillmann Werner <tillmann.werner@gmx.de>
+ * Copyright (C) 2006-2015 Tillmann Werner <tillmann.werner@gmx.de>
  *
  * This file is free software; as a special exception the author gives
  * unlimited permission to copy and/or distribute it, with or without
@@ -41,7 +41,7 @@
 #include "htm_ftpDownload.h"
 
 const char module_name[]="ftpDownload";
-const char module_version[]="0.5.3";
+const char module_version[]="1.0.0";
 
 char *ftp_host = NULL;
 
@@ -50,12 +50,15 @@ static const char *plugin_config_keywords[] = {
 };
 
 
-void plugin_init(void) {
-	plugin_register_hooks();
+void plugin_config(void) {
 	plugin_register_confopts();
 	return;
 }
 
+void plugin_init(void) {
+	plugin_register_hooks();
+	return;
+}
 
 void plugin_unload(void) {
 	unhook(PPRIO_ANALYZE, module_name, "cmd_parse_for_ftp");

src/modules/htm_httpDownload.c

@@ -1,5 +1,5 @@
 /* htm_httpDownload.c
- * Copyright (C) 2007-2008 Tillmann Werner <tillmann.werner@gmx.de>
+ * Copyright (C) 2007-2015 Tillmann Werner <tillmann.werner@gmx.de>
  *
  * This file is free software; as a special exception the author gives
  * unlimited permission to copy and/or distribute it, with or without
@@ -41,7 +41,7 @@
 #include "htm_httpDownload.h"
 
 const char module_name[]="httpDownload";
-const char module_version[]="0.1.0";
+const char module_version[]="1.0.0";
 
 static const char *config_keywords[] = {
 	"http_program",
@@ -52,8 +52,7 @@ const char *http_program;
 const char *http_options;
 
 
-void plugin_init(void) {
-	plugin_register_hooks();
+void plugin_config(void) {
 	plugin_register_confopts();
 	if (process_conftree(config_tree, config_tree, plugin_process_confopts, NULL) == NULL) {
 		fprintf(stderr, "  Error - Unable to process configuration tree for plugin %s.\n", module_name);
@@ -62,6 +61,10 @@ void plugin_init(void) {
 	return;
 }
 
+void plugin_init(void) {
+	plugin_register_hooks();
+	return;
+}
 
 void plugin_unload(void) {
 	unhook(PPRIO_ANALYZE, module_name, "cmd_parse_for_http_url");

src/modules/htm_logAttacker.c

@@ -1,5 +1,5 @@
 /* htm_logAttacker.c
- * Copyright (C) 2011 Tillmann Werner <tillmann.werner@gmx.de>
+ * Copyright (C) 2011-2015 Tillmann Werner <tillmann.werner@gmx.de>
  *
  * This file is free software; as a special exception the author gives
  * unlimited permission to copy and/or distribute it, with or without
@@ -38,7 +38,7 @@
 
 
 const char module_name[]="logattacker";
-const char module_version[]="0.0.1";
+const char module_version[]="1.0.0";
 
 static const char *config_keywords[] = {
 	"logfile",
@@ -134,8 +134,6 @@ void plugin_config(void) {
 }
 
 void plugin_init(void) {
-	plugin_register_hooks();
-
 	// open log file
 	DEBUG_FPRINTF(stdout, "    Plugin %s: Opening log file %s.\n", module_name, logfile);
 
@@ -144,6 +142,8 @@ void plugin_init(void) {
 		exit(EXIT_FAILURE);
 	}
 
+	plugin_register_hooks();
+
 	return;
 }
 

src/modules/htm_magicPE.c

@@ -1,5 +1,5 @@
 /* htm_magicPE.c
- * Copyright (C) 2008 Tillmann Werner <tillmann.werner@gmx.de>
+ * Copyright (C) 2008-2015 Tillmann Werner <tillmann.werner@gmx.de>
  *
  * This file is free software; as a special exception the author gives
  * unlimited permission to copy and/or distribute it, with or without
@@ -30,12 +30,16 @@
 #include "htm_magicPE.h"
 
 const char module_name[]="magicPE";
-const char module_version[]="0.0.1";
+const char module_version[]="1.0.0";
 
 magic_t		magicdb;
 
+
+void plugin_config(void) {
+	return;
+}
+
 void plugin_init(void) {
-	plugin_register_hooks();
 	if (((magicdb = magic_open( MAGIC_NO_CHECK_APPTYPE |
 				    MAGIC_NO_CHECK_ASCII |
 				    MAGIC_NO_CHECK_ELF |
@@ -46,6 +50,8 @@ void plugin_init(void) {
 		exit(EXIT_FAILURE);
 	}
 
+	plugin_register_hooks();
+
 	return;
 }