Skip to content

vela-ssoc/vela-chameleon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
mysql
mysql
 
 
proxy
proxy
 
 
ssh
ssh
 
 
stream
stream
 
 
vitess
vitess
 
 
lua.go
lua.go
 
 
readme.md
readme.md
 
 

Repository files navigation

vela-chameleon

磐石内置高交互蜜罐系统

mysql

轻量内置mysql服务器, 支持数据伪造和驱动链接 支持audit event如下

  • honey_mysql_auth
  • honey_mysql_conn
  • honey_mysql_query
  • honey_mysql_raw
local mysql = chameleon.mysql
local auth = mysql.auth("root" , "123456") --设置认证


local users  = mysql.new_table("users" ,
    { name = "name", type = "text", null = false },
    { name = "mail", type = "text", null = false },
    { name = "age",  type = "int",  null = false },
    { name = "pass", type = "text", null = false })

users.insert("edunx" , "123@qq.com" , 18 , "123654")
users.insert("edunx" , "123@qq.com" , 18 , "123654")
users.insert("edunx" , "123@qq.com" , 18 , "123654")
users.insert("suncle" , "1@qq.com" , 20 , "123654")

local infos  = mysql.new_table("infos" , --新建表
    { name = "name", type = "text", null = false },
    { name = "mail", type = "text", null = false },
    { name = "age",  type = "int",  null = false },
    { name = "pass", type = "text", null = false })

--插入数据
infos.insert("edunx" , "123@qq.com" , 18 , "123654")
infos.insert("edunx" , "123@qq.com" , 18 , "123654")
infos.insert("edunx" , "123@qq.com" , 18 , "123654")
infos.insert("suncle" , "456@qq.com" , 20 , "123654")

local rock_db = mysql.new_db("rock_db") --新建database
rock_db.add_table( users , infos) --添加表结构

start(mysql.new{
    name = "mysql", 
    bind = "0.0.0.0:3308",
    database = rock_db,
    auth = auth,
}

ssh

轻量内置ssh服务器

    
local ssh_s = chameleon.ssh{
    name = "ssh_honey_pot",
    bind = "0.0.0.0:2222",
    prompt = "~$",
}
ssh_s.auth_root = "123456" --设置root账户密码
ssh_s.auth_app = "123456" --新增app账户密码
proc.start(ssh_s)

proxy

代理型蜜罐

  • userdata = chamemleon.proxy{name , bind , remote}

方法

local ud = chameleon.proxy{
    name = "mysql2",
    bind = "tcp://0.0.0.0:3310",     --对外端口
    remote = "tcp://127.0.0.1:3308", --后端地址
}

ud.ignore("d_addr re 192.168.1.*,192.168.2.*")
ud.ignore("s_port = 80,8080")

ud.pipe(function(ev) 
   --vela-audit.vela-event 
end)

ud.start()

stream

  • 二级代理 client->tunnel->remote
  • userdata = chameleon.stream{name , bind , remote}

方法

local ud = chameleon.stream{
    name = "mysql3",
    bind = "tcp://0.0.0.0:3310",     --对外端口
    remote = "tcp://127.0.0.1:3308", --后端地址
}
ud.pipe(function(ev)
    --vela-audit.vela-event 
end)

ud.start()

About

vela ssoc honey pot

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages