Skip to content

Instantly share code, notes, and snippets.

@Airbus5717

Airbus5717/main.py

Last active December 11, 2024 03:11
Show Gist options
  • Save Airbus5717/66f66ba39c3e6d07f295b750e370ca78 to your computer and use it in GitHub Desktop.
Save Airbus5717/66f66ba39c3e6d07f295b750e370ca78 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
main.py
#!/usr/bin/python3
import datetime
from http.server import HTTPServer, BaseHTTPRequestHandler
LINK = 'http://msn.com/'
MITRE_MAPPING = {
"T1190": "Exploit Public-Facing Application",
"T1040": "Network Sniffing",
"T1071": "Application Layer Protocol",
"T1119": "Automated Collection",
"T1001": "Data Obfuscation"
}
def log_request(s, hverb):
"""Logs HTTP request details into log.txt following SIEM standards."""
print("[DEBUG] log_request: Logging HTTP request...")
now = datetime.datetime.now()
logtime = now.strftime("%m-%d-%Y %H:%M")
print(f"[DEBUG] log_request: Current time - {logtime}")
user_agent = str(s.headers.get('User-Agent', 'Unknown'))
print(f"[DEBUG] log_request: User-Agent - {user_agent}")
# Get the POST data if applicable
post_info = ""
if hverb == "POST":
content_len = int(s.headers.get('Content-Length', 0))
print(f"[DEBUG] log_request: Content-Length - {content_len}")
body = s.rfile.read(content_len)
post_info = body.decode("utf-8")
print(f"[DEBUG] log_request: POST body - {post_info}")
# Construct the log entry
log = (
f"{logtime} SrcIP:{s.client_address[0]} HTTPCode:200 HTTPVerb:{hverb} "
f"URI:{s.path} UserAgent:{user_agent} Headers("
)
for header, value in s.headers.items():
if header != "User-Agent":
log += f"{header}:{value},"
log = log.rstrip(',') + ")"
if hverb == "POST":
log += f" POST:{post_info}"
# Add MITRE technique mappings
log += f" TechniquesObserved: [{', '.join(MITRE_MAPPING.keys())}]"
log += "\n"
print(f"[DEBUG] log_request: Final log entry - {log}")
# Write the log to log.txt
with open('log.txt', 'a') as log_file:
log_file.write(log)
print("[DEBUG] log_request: Log written to log.txt")
def serve_page(s, hverb):
"""Handles the response and logs the request."""
print(f"[DEBUG] serve_page: Received {hverb} request for {s.path}")
log_request(s, hverb)
# Set up response headers and redirect
s.protocol_version = 'HTTP/1.1'
s.server_version = 'Microsoft-IIS/8.5'
s.sys_version = ''
s.send_response(301)
print(f"[DEBUG] serve_page: Sending response 301 with redirect to {LINK}")
s.send_header('Location', LINK)
s.send_header('X-Powered-By', 'ASP.NET')
s.send_header('Content-type', 'text/html')
s.end_headers()
s.wfile.write(b"")
print("[DEBUG] serve_page: Response headers sent")
class StaticServer(BaseHTTPRequestHandler):
def do_GET(self):
print("[DEBUG] StaticServer: Handling GET request")
serve_page(self, "GET")
def do_POST(self):
print("[DEBUG] StaticServer: Handling POST request")
serve_page(self, "POST")
def do_PUT(self):
print("[DEBUG] StaticServer: Handling PUT request")
serve_page(self, "PUT")
def do_DELETE(self):
print("[DEBUG] StaticServer: Handling DELETE request")
serve_page(self, "DELETE")
def do_OPTIONS(self):
print("[DEBUG] StaticServer: Handling OPTIONS request")
serve_page(self, "OPTIONS")
def main(server_class=HTTPServer, handler_class=StaticServer, port=8005):
"""Starts the HTTP server on the specified port."""
print("[DEBUG] main: Starting HTTP server")
server_address = ('', port)
httpd = server_class(server_address, handler_class)
print(f"[DEBUG] main: HTTP server running on http://localhost:{port}")
httpd.serve_forever()
if __name__ == "__main__":
print("[DEBUG] __main__: Initializing HTTP Server Honeypot")
main()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment