Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to proxy into sshd docker container. #480

Open
pumperknickle opened this issue Sep 14, 2019 · 2 comments
Open

Unable to proxy into sshd docker container. #480

pumperknickle opened this issue Sep 14, 2019 · 2 comments

Comments

@pumperknickle
Copy link

pumperknickle commented Sep 14, 2019
edited

I am using a forward director with a ssh-proxy service pointing to a docker container running an sshd. When I try to enter my the password as root, I receive a Permission Denied error. I can login to the container when I go around the proxy and ssh into the container itself. SSH auth however works fine when connecting to cowrie instead of the shhd container.
@pumperknickle
Copy link
Author

pumperknickle commented Sep 14, 2019
edited

version: '3.2'

services:

elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:5.6.10
container_name: ht-elasticsearch
ports:
- "127.0.0.1:9200:9200"
volumes:
- ./data/elasticsearch/data:/usr/share/elasticsearch/data
environment:
- "ES_JAVA_OPTS=-Xms2048m -Xmx2048m"
- xpack.security.enabled=false
restart: on-failure
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
cap_add:
- IPC_LOCK
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9200"]
networks:
- honeytrap

kibana:
image: docker.elastic.co/kibana/kibana:5.6.9
container_name: ht-kibana
ports:
- "127.0.0.1:5601:5601"
environment:
- XPACK_SECURITY_ENABLED=false
depends_on:
- elasticsearch
networks:
- honeytrap

cowrie:
image: cowrie/cowrie:latest
container_name: ht-cowrie
ports:
- "127.0.0.1:2222:2222"
networks:
- honeytrap

sshd:
image: rastasheep/ubuntu-sshd:16.04
container_name: ht-sshd
ports:
- "127.0.0.1:2223:22"
networks:
- honeytrap

honeytrap:
image: honeytrap/honeytrap:latest
container_name: honeytrap
ports:
- "8545:8545"
- "8022:8022"
- "8023:8023"
volumes:
- ./config.toml:/config/config.toml
restart: on-failure
depends_on:
- elasticsearch
- cowrie
networks:
- honeytrap

networks:
honeytrap:
external: true

@pumperknickle
Copy link
Author

[listener]
type="socket"

[director.cowrie-ssh]
type="forward"
host="cowrie:2222"

[director.sshd]
type="forward"
host="sshd:2223"

[service.sshproxy1]
type="ssh-proxy"
director="cowrie-ssh"
credentials=["*"]

[[port]]
port="tcp/8022"
services=["sshproxy1"]

[service.sshproxy2]
type="ssh-proxy"
director="sshd"
credentials=["root"]

[[port]]
port="tcp/8023"
services=["sshproxy2"]

[service.ethereum]
type="ethereum"

[[port]]
port="tcp/8545"
services=["ethereum"]

[channel.console]
type="console"

[channel.elasticsearch]
type="elasticsearch"
url="http://elasticsearch:9200/honeytrap"

[[filter]]
channel=["console", "elasticsearch"]

[[logging]]
output = "stdout"
level = "debug"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pumperknickle