anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
65d585569be3ff61359aaa7df7bdf58add976159
DECNET/templates/cowrie/cowrie.cfg.j2
anti cf1e00af28 Add per-service customization, stealth hardening, and BYOS support 
- HTTP: configurable server_header, response_code, fake_app presets
  (apache/nginx/wordpress/phpmyadmin/iis), extra_headers, custom_body,
  static files directory mount
- SSH/Cowrie: configurable kernel_version, hardware_platform, ssh_banner,
  and users/passwords via COWRIE_USERDB_ENTRIES; switched to build mode
  so cowrie.cfg.j2 persona fields and userdb.txt generation work
- SMTP: configurable banner and MTA hostname
- MySQL: configurable version string in protocol greeting
- Redis: configurable redis_version and os string in INFO response
- BYOS: [custom-*] INI sections define bring-your-own Docker services
- Stealth: rename all *_honeypot.py → server.py; replace HONEYPOT_NAME
  env var with NODE_NAME across all 22+ service templates and plugins;
  strip "honeypot" from all in-container file content
- Config: DeckyConfig.service_config dict; INI [decky-N.svc] subsections;
  composer passes service_cfg to compose_fragment
- 350 tests passing (100%)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-04 04:08:27 -03:00

31 lines
923 B
Django/Jinja
Raw Blame History

[honeypot]
hostname = {{ COWRIE_HOSTNAME | default('svr01') }}
listen_endpoints = tcp:2222:interface=0.0.0.0
kernel_version = {{ COWRIE_HONEYPOT_KERNEL_VERSION | default('5.15.0-76-generic') }}
kernel_build_string = {{ COWRIE_HONEYPOT_KERNEL_BUILD_STRING | default('#83-Ubuntu SMP Thu Jun 15 19:16:32 UTC 2023') }}
hardware_platform = {{ COWRIE_HONEYPOT_HARDWARE_PLATFORM | default('x86_64') }}
[ssh]
enabled = true
listen_endpoints = tcp:2222:interface=0.0.0.0
version = {{ COWRIE_SSH_VERSION | default('SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.5') }}
{% if COWRIE_LOG_HOST is defined and COWRIE_LOG_HOST %}
[output_jsonlog]
enabled = true
logfile = cowrie.json
[output_localsocket]
enabled = false
# Forward JSON events to SIEM/aggregator
[output_tcp]
enabled = true
host = {{ COWRIE_LOG_HOST }}
port = {{ COWRIE_LOG_PORT | default('5140') }}
{% else %}
[output_jsonlog]
enabled = true
logfile = cowrie.json
{% endif %}
Reference in New Issue View Git Blame Copy Permalink