about summary refs log tree commit diff
path: root/src/ssh.go
blob: 71dc12aabed9eb5e6e5c54db4a438d5736693718 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
package main

import (
	"encoding/json"
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
	"strings"

	"github.com/gliderlabs/ssh"
)

// Handling incoming SSH connections
func handlePass(ctx ssh.Context, pass string) bool {

	// increase the counter tracking the amount of passwords catched
	metrics_num_passwords++
	log.Printf("%s@%s: '%s'", ctx.User(), ctx.RemoteAddr().String(), pass)

	// get the ip of the remote user
	stringip := strings.Split(ctx.RemoteAddr().String(), ":")[0]

	// Define the request string for the geoip service
	requestString := fmt.Sprintf("%s%s", "http://ip-api.com/json/", stringip)

	// Send the GET request
	resp, err := http.Get(requestString)
	if err != nil {
		log.Fatal(err)
	}

	// if the response status code from the geoip service is not a 200 code, return false
	if resp.StatusCode != 200 {
		return false
	}

	// Read the response
	body, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}

	// Unmarshal the response to json
	var result geoipresult
	err = json.Unmarshal(body, &result)
	if err != nil {
		fmt.Println("JSON ERROR, abort mission!")
		log.Fatal(err)
	}

	// if an entry for the city does not exists yet, create the city
	// if the city does allready exist, increase it's value by one
	if metrics_city_num[result.City] == 0 {
		metrics_city_num[result.City] = 1
	} else {
		metrics_city_num[result.City] += 1
	}

	// if the actual city is not known, create the city
	// this is used for the grafana worldmap plugin
	if (cities[result.City] == location{}) {
		newCity := location{
			key:       strings.ToLower(result.City),
			latitude:  result.Lat,
			longitude: result.Lon,
			name:      result.City,
		}

		cities[result.City] = newCity
	}

	return false
}