Merge pull request #75 from RicYaben/gsoc_2022

Gsoc 2022

Makefile

@@ -5,27 +5,29 @@ DOCKER=build/docker/
 PLUGINS_DIR=pkg/plugin
 
 # docker cmd below
-.PHONY: riotpot-install docker-build-doc riotpot-doc riotpot-up riotpot-build riotpot-build-plugins riotpot-builder
+.PHONY: docker-build-doc docker-doc-up up down up-all build build-plugins build-all ui
 docker-build-doc:
  docker build -f $(DOCKER)Dockerfile.documentation . -t $(APPNAME)/v1
-riotpot-doc: docker-build-doc
+docker-doc-up: docker-build-doc
  docker run -p 6060:6060 -it $(APPNAME)/v1
-riotpot-up:
- docker-compose -p riotpot -f ${DEPLOY}docker-compose.yml up -d --build
-riotpot-down:
- docker-compose -p riotpot -f ${DEPLOY}docker-compose.yml down -v
-riotpot-all:
+up:
+ docker-compose -p riotpot -f ${DOCKER}docker-compose.yaml up -d --build
+down:
+ docker-compose -p riotpot -f ${DOCKER}docker-compose.yaml down -v
+up-all:
  riotpot-doc
  riotpot-up
-riotpot-build:
- go build -o ./riotpot ./cmd/riotpot/.
-riotpot-build-plugins: $(PLUGINS_DIR)/*
+build:
+ go build -gcflags='all=-N -l' -o ./bin ./cmd/riotpot/.
+build-plugins: $(PLUGINS_DIR)/*
  for folder in $^ ; do \
- go build -buildmode=plugin -o $${folder}/plugin.so $${folder}/*.go; \
+ result=$${folder%%+(/)}; \
+ result=$${result##*/}; \
+ result=$${result:-/}; \
+ go build -buildmode=plugin --mod=vendor -gcflags='all=-N -l' -o bin/plugins/$${result}.so $${folder}/*.go; \
  done
-riotpot-builder: \
- riotpot-build \
- riotpot-build-plugins
-riotpot-ui:
- @cd ui && serve -s build
-
+build-all: \
+ build \
+ build-plugins
+ui:
+ @cd ui && serve -s build

README.md

@@ -1,7 +1,7 @@
 <div align="center">
- <img src="assets/aau_logo.png" height="100">
+ <img src="docs/assets/aau_logo.png" height="100">
  <p align="center">
- <h2 align="center">RiotPot</h2>
+ <h2 align="center">RIoTPot</h2>
  </p>
  <p align="center">
  <!-- Workflow status -->
@@ -26,15 +26,34 @@ ___
 
 ## 1. Description
 
-RIoTPot is an interoperable high interaction honeypot, primarily focused on the emulation IoT and OT protocols, although, it is also capable of emulating other services. Alongside, it also supports low and hybrid interaction modes.
+RIoTPot is a hybrid interaction honeypot, primarily focused on the emulation IoT and OT protocols, although, it is also capable of emulating other services. 
+In essence, RIoTPot acts as a proxy service for other honeypots included in the system. 
+Therefore, you can run any honeypot and other services alongside RIoTPot. 
+In addition, there is an UI web-application that you can use to manage your routing.
 
-Services are loaded in the honeypot in form of plugins and containers making RIoTPot a modular, and very transportable honeypot. The services are loaded at runtime, meaning that the weight of the honeypot will vary on premises, and the services loaded e.g. HTTP, will only be used when required. As consequence, we highly recommend building your own binary customized to your own needs. Refer to the following section, Installation, for more information. Plugins are locally emulated binaries which mimic the protocol behavior. On the other hand, docker containers of a particular service acts as a sandboxed plugin.
+Moreover, riotpot comes with multiple low-interaction services ready to use. 
+Since these services are written as [plugins](https://pkg.go.dev/plugin), they are only supported on Linux, however, you can start riotpot without them.
+The following table contains the list of services included in riotpot by defaul, their internal port, and proxy port.
+
+<center>
+
+| Service | Internal Port | Proxy Port |
+|---------|---------------|------------|
+| Coap | 25683 | 5683 |
+| Echo | 20007 | 7 |
+| HTTP | 28080 | 8080 |
+| Modbus | 20502 | 502 |
+| MQTT | 21883 | 1883 |
+| SSH | 20022 | 22 |
+| Telnet | 20023 | 23 | 
+
+</center>
 
 ### 1.1 Architecture
 
 RIoTPot has a modular architecture that facilitates extensibility of the honeypot. The honeypot further offers a hybrid-interaction capability where users can choose the desired interaction levels for the protocols simulated. The image below shows the high/level architecture of RIoTPot.
 
-![alt text](assets/architecture.jpg "Architecture")
+![alt text](docs/assets/architecture.jpg "Architecture")
 
 The architecture contains 6 components.
 
@@ -184,7 +203,7 @@ $ docker ps
 
 One can also setup the Containerized RIoTPot through config file located at, `config/samples/configuration.yml`
 
-![Config file](assets/configuration_file.png)
+![Config file](docs/assets/configuration_file.png)
 
 By editing the `boot_plugins` tag, services to run as binaries inside can be provided, see `emulators` tag in the same configuration file to input allowed service plugins only
 

cmd/riotpot/flags.go

@@ -17,6 +17,7 @@ import (
  "github.com/riotpot/api/service"
  "github.com/riotpot/internal/globals"
  "github.com/riotpot/internal/logger"
+ "github.com/riotpot/pkg"
  "github.com/rs/zerolog"
 
  _ "github.com/riotpot/statik"
@@ -35,8 +36,9 @@ var (
 )
 
 var (
- debug = flag.Bool("debug", true, "Set log level to debug")
- runApi = flag.Bool("api", true, "Whether to start the API")
+ debug = flag.Bool("debug", true, "Set log level to debug")
+ runApi = flag.Bool("api", true, "Whether to start the API")
+ plugins = flag.Bool("plugins", true, "Whether to load the low-interaction honeypot plugins")
 )
 
 func setupApi() *gin.Engine {
@@ -81,6 +83,11 @@ func ParseFlags() {
  zerolog.SetGlobalLevel(zerolog.DebugLevel)
  }
 
+ // Load the plugins
+ if *plugins {
+ pkg.LoadPlugins()
+ }
+
  // Starts the API
  if *runApi {
  // Serve the API

docs/README.md

@@ -0,0 +1 @@
+This package contains extra documentation relevant to RIoTPot

go.mod

@@ -6,11 +6,11 @@ require (
  github.com/gin-contrib/cors v1.4.0
  github.com/google/uuid v1.3.0
  github.com/plgd-dev/go-coap/v2 v2.6.0
- github.com/stretchr/testify v1.8.0
+ github.com/stretchr/testify v1.8.1
  github.com/traetox/pty v0.0.0-20141209045113-df6c8cd2e0e6
- github.com/xiegeo/modbusone v0.2.4-0.20200428173500-797d647e237d
- go.mongodb.org/mongo-driver v1.10.1
- golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90
+ github.com/xiegeo/modbusone v1.0.1
+ go.mongodb.org/mongo-driver v1.11.0
+ golang.org/x/crypto v0.1.0
  gopkg.in/yaml.v3 v3.0.1
 )
 
@@ -20,7 +20,7 @@ require (
  github.com/gin-contrib/sse v0.1.0 // indirect
  github.com/go-playground/locales v0.14.0 // indirect
  github.com/go-playground/universal-translator v0.18.0 // indirect
- github.com/go-playground/validator/v10 v10.11.0 // indirect
+ github.com/go-playground/validator/v10 v10.11.1 // indirect
  github.com/goccy/go-json v0.9.11 // indirect
  github.com/json-iterator/go v1.1.12 // indirect
  github.com/leodido/go-urn v1.2.1 // indirect
@@ -39,23 +39,23 @@ require (
  github.com/xdg-go/pbkdf2 v1.0.0 // indirect
  github.com/xdg-go/scram v1.1.1 // indirect
  github.com/xdg-go/stringprep v1.0.3 // indirect
- golang.org/x/text v0.3.7 // indirect
+ golang.org/x/text v0.4.0 // indirect
  google.golang.org/protobuf v1.28.1 // indirect
  gopkg.in/yaml.v2 v2.4.0 // indirect
 )
 
 require (
  github.com/gin-gonic/gin v1.8.1
  github.com/golang/snappy v0.0.4 // indirect
- github.com/klauspost/compress v1.15.9 // indirect
+ github.com/klauspost/compress v1.15.12 // indirect
  github.com/mattn/go-colorable v0.1.13 // indirect
  github.com/pion/transport v0.13.1 // indirect
  github.com/rakyll/statik v0.1.7
  github.com/rs/zerolog v1.28.0
  github.com/youmark/pkcs8 v0.0.0-20201027041543-1326539a0a0a // indirect
  go.uber.org/atomic v1.10.0 // indirect
- golang.org/x/exp v0.0.0-20220827204233-334a2380cb91
- golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b // indirect
- golang.org/x/sync v0.0.0-20220819030929-7fc1605a5dde // indirect
- golang.org/x/sys v0.0.0-20220829200755-d48e67d00261 // indirect
+ golang.org/x/exp v0.0.0-20221106115401-f9659909a136
+ golang.org/x/net v0.1.0 // indirect
+ golang.org/x/sync v0.1.0 // indirect
+ golang.org/x/sys v0.2.0 // indirect
 )