search

honeynet / riotpot

the IoT and OT (Operational Technology) Honeypot
MIT License
18 stars 4 forks source link

Added low-level support for HTTPS and UPnP #17

Closed eltsai closed 1 year ago

eltsai commented 1 year ago

Added two new low-level emulation: HTTPS and UPnP: new1

HTTPS service (using the same template as HTTP): https

Because we are using a self-signed certicate, major browsers will mark the connection as insecure (ERR_CERT_AUTHORITY_INVALID): insecure_cert

Future users can register their own domain and use services like Let's Encrypt or Cloudflare to get a certificate trusted by most root stores.

For UPnP, I implemented it to respond to a M-POST request:

$ curl -i -X M-POST -H "SOAPAction: GetExternalIPAddress" http://localhost:1900/
HTTP/1.1 200 OK
Content-Type: text/xml
Date: Wed, 28 Jun 2023 05:32:40 GMT
Content-Length: 339

            <?xml version="1.0"?>
            <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
                <s:Body>
                    <u:GetExternalIPAddressResponse xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1">
                        <NewExternalIPAddress>192.168.1.100</NewExternalIPAddress>
                    </u:GetExternalIPAddressResponse>
                </s:Body>
            </s:Envelope>
eltsai commented 1 year ago

Added test cases for low-level HTTPS and UPNP server emulation:

  1. HTTPS: testing status code, HTTP content and TLS content
  2. UPNP: testing status code and response to M-POST 
    
~/riotpot/test/internal/plugins$ go test upnpd_test.go 
ok      command-line-arguments  0.012s
~/riotpot/test/internal/plugins$ go test httpsd_test.go 
ok      command-line-arguments  0.023s