1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
package main
import (
"fmt"
"net/http"
"log"
//"net"
"io/ioutil"
"encoding/json"
"strings"
"github.com/gliderlabs/ssh"
)
var (
metrics_num_passwords int
metrics_country_num map[string]int
)
type geoipresult struct {
Query string `json:"query"`
Status string `json:"status"`
Country string `json:"country"`
CountryCode string `json:"countryCode"`
Region string `json:"region"`
RegionName string `json:"regionName"`
City string `json:"city"`
Zip string `json:"zip"`
Lat float64 `json:"lat"`
Lon float64 `json:"lon"`
Timezone string `json:"timezone"`
Isp string `json:"isp"`
Org string `json:"org"`
As string `json:"as"`
}
func main() {
metrics_country_num = make(map[string]int)
// start the ssh server
log.Println("Starting SSH listener")
go func() {
listenErr := ssh.ListenAndServe(":22", nil, ssh.PasswordAuth(handlePass))
if listenErr != nil {
log.Fatalln(listenErr.Error())
}
}()
// start the http server logging the metrics
log.Println("Starting HTTP metrics listener")
http.HandleFunc("/", indexHandler)
http.HandleFunc("/metrics", metricsHandler)
listenErr := http.ListenAndServe(":8080", nil)
if listenErr != nil {
log.Fatalln(listenErr.Error())
}
}
// Handling incoming SSH connections
func handlePass(ctx ssh.Context, pass string) bool {
metrics_num_passwords++
log.Printf("%s@%s: '%s'", ctx.User(), ctx.RemoteAddr().String(), pass)
log.Printf("Parsing ip address...")
//ip := net.ParseIP(ctx.RemoteAddr().String())
stringip := strings.Split(ctx.RemoteAddr().String(), ":")[0]
log.Printf("Remote ip: %s", stringip)
log.Printf("Done")
// Define the request string
requestString := fmt.Sprintf("%s%s", "http://ip-api.com/json/", stringip)
fmt.Println(requestString)
// Send the GET request
resp, err := http.Get(requestString)
if err != nil {
log.Fatal(err)
}
if resp.StatusCode != 200 {
return false
}
// Read the response
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
log.Fatal(err)
}
// Unmarshal the response to json
var result geoipresult
err = json.Unmarshal(body, &result)
if err != nil {
fmt.Println("JSON ERROR, abort mission!")
log.Fatal(err)
}
log.Printf("country: %s", result.CountryCode)
if metrics_country_num[result.CountryCode] == 0 {
log.Println("Map is empty, initializing...")
metrics_country_num[result.CountryCode] = 1
log.Println("Done")
} else {
log.Println("Map is initialized, incrementing...")
metrics_country_num[result.CountryCode] += 1
log.Println("Done")
}
log.Printf("Done")
return false
}
// Handle HTTP /metrics requests
func metricsHandler(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "num_passwords %d\n", metrics_num_passwords)
for k, v := range metrics_country_num {
fmt.Fprintf(w, "a_metric{country=\"%s\"} %d\n", k, v)
}
}
func indexHandler(w http.ResponseWriter, req *http.Request) {
_, _ = fmt.Fprintf(w, "<a href='/metrics'>metrics</a>")
}
|
