diff options
-rw-r--r-- | Dockerfile | 19 | ||||
-rw-r--r-- | README.md | 7 | ||||
-rw-r--r-- | main.go | 42 |
3 files changed, 68 insertions, 0 deletions
diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..416da85 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,19 @@ +FROM golang:1.10-alpine + +# Setup +COPY main.go . + +# Install libs +RUN apk add git +RUN go get github.com/gliderlabs/ssh + +# Build +RUN go build -o ssh-grab-passwords + +# Drop privs +RUN adduser -u 1337 -D jail +RUN chmod 000 /home/jail + +EXPOSE 2222 + +CMD su -c ./ssh-grab-passwords jail diff --git a/README.md b/README.md new file mode 100644 index 0000000..7f2f42e --- /dev/null +++ b/README.md @@ -0,0 +1,7 @@ +# ssh-grab-passwords + +Try to grab username/passwords. As simple as it sounds. + +## Usage + +Simply run it. The executable takes no command line arguments diff --git a/main.go b/main.go new file mode 100644 index 0000000..1517c79 --- /dev/null +++ b/main.go @@ -0,0 +1,42 @@ +package main + +import ( + "fmt" + "github.com/gliderlabs/ssh" + "net/http" + "log" +) + +var( + metrics_num_passwords int +) + +func main() { + log.Println("Starting SSH listener") + go func() { + listenErr := ssh.ListenAndServe(":2222", nil, ssh.PasswordAuth(handlePass)) + if listenErr != nil { + log.Fatalln(listenErr.Error()) + } + }() + + log.Println("Starting HTTP metrics listener") + http.HandleFunc("/metrics", metricsHandler) + listenErr := http.ListenAndServe(":8080", nil) + if listenErr != nil { + log.Fatalln(listenErr.Error()) + } +} + +// Handling incoming SSH connections +func handlePass(ctx ssh.Context, pass string) bool { + metrics_num_passwords++ + log.Printf("%s@%s: '%s'", ctx.User(), ctx.RemoteAddr().String(), pass) + return false +} + +// Handle HTTP /metrics requests +func metricsHandler(w http.ResponseWriter, req *http.Request) { + fmt.Fprintf(w, "num_passwords %d\n", metrics_num_passwords) +} + |