thinkst / opencanary

Modular and decentralised honeypot
http://opencanary.org
BSD 3-Clause "New" or "Revised" License
2.31k stars 360 forks source link

Omit password from logs #185

Closed cdurl closed 1 year ago

cdurl commented 2 years ago

Hello, i'm trying to md5 passwords from the logs or at least omit them. I tried to alter the ssh.py auth_password function by casting the password value as an empty string but did not work. Any ideas?

def auth_password(self, packet): """ Password authentication. Payload:: string password

    Make a UsernamePassword credential and verify it with our portal.
    """
    password = getNS(packet[1:])[0]
    c = credentials.UsernamePassword(self.user, password)

    us = self.transport.getHost()
    peer = self.transport.getPeer()

    logdata = {'USERNAME': self.user, 'PASSWORD': "password", 'LOCALVERSION': self.transport.ourVersionString, 'REMOTEVERSION': self.transport.otherVersionString}
    logtype =  self.transport.factory.canaryserv
jayjb commented 2 years ago

Hi @cdurl,

Its a valid request. I think you are on the right track there though. You could even remove the getNS(packet[1:])[0] part entirely and just add some string "PASSWORD" to replace it.