/* Write interesting information about a connection attempt to LOGFILE. * Returns -1 on error. */ static int log_attempt(struct connection *c) { FILE *f; int r; if ((f = fopen(LOGFILE, "a+")) == NULL) { fprintf(stderr, "Unable to open %s\n", LOGFILE); return -1; } if (get_utc(c) <= 0) { fprintf(stderr, "Error getting time\n"); return -1; } if (get_client_ip(c) < 0) { fprintf(stderr, "Error getting client ip\n"); return -1; } c->user = ssh_message_auth_user(c->message); c->pass = ssh_message_auth_password(c->message); if (DEBUG) { printf("%s %s %s %s\n", c->con_time, c->client_ip, c->user, c->pass); } r = fprintf(f, "%s\t%s\t%s\t%s\t\n", c->con_time, c->client_ip, c->user, c->pass); fclose(f); return r; }
int get_noon_meridian(void) { int meridian; struct pulse_time_tm utc; get_utc(&utc); meridian = (12 - utc.tm_hour) * 15; meridian -= utc.tm_min / 4; return meridian; }
int log_attempt_mysql(struct connection *c, const char *username, const char* password){ // connect to the mysql server //open the mysql connection MYSQL *mysql_con; if (mysql_start(&mysql_con) != 0){ return 1; } // get the current time if (get_utc(c) <= 0) { fprintf(stderr, "Error getting time\n"); return -1; } // increment the number of attempts or commands c->number = c->number +1; // escape char *con_time_escaped; escape(c->con_time, &con_time_escaped, mysql_con); char *username_escaped; escape(username, &username_escaped, mysql_con); char *password_escaped; escape(password, &password_escaped, mysql_con); char *mysql_query_string; mysql_query_string = malloc(sizeof(char) * (300 + strlen(con_time_escaped) + strlen(username_escaped) + strlen(password_escaped))); sprintf(mysql_query_string, "INSERT INTO `honeyssh`.`login` (`session-id`, `number`, `time`, `user`, `password`, `action`, `id`) VALUES ('%llu', '%d', '%s', '%s', '%s', '0', NULL);", c->session_id, c->number, con_time_escaped, username_escaped, password_escaped); // execute the query if (mysql_query(mysql_con, mysql_query_string)) { fprintf(stderr, "%s\n", mysql_error(mysql_con)); } free(mysql_query_string); free(con_time_escaped); free(username_escaped); free(password_escaped); mysql_close(mysql_con); return 0; }
int log_con_end_mysql(struct connection *c) { //open the mysql connection MYSQL *mysql_con; if (mysql_start(&mysql_con) != 0){ return 1; } // get the current time if (get_utc(c) <= 0) { fprintf(stderr, "Error getting time\n"); return -1; } char *con_time_escaped; escape(c->con_time, &con_time_escaped, mysql_con); char *mysql_query_string; mysql_query_string = malloc(sizeof(char) * (300 + strlen(con_time_escaped))); sprintf(mysql_query_string, "UPDATE `honeyssh`.`connection` SET `end-time` = '%s', `action` = '0' WHERE `connection`.`session-id` = %llu;", con_time_escaped, c->session_id); // execute the query if (mysql_query(mysql_con, mysql_query_string)) { fprintf(stderr, "%s\n", mysql_error(mysql_con)); } free(mysql_query_string); free(con_time_escaped); mysql_close(mysql_con); return 0; }
static int TOTP(unsigned char *secret, size_t sec_len, uint64_t step, int digits) { uint64_t tm = get_utc() / step; return HOTP(secret, sec_len, tm, digits); }
// log_con_mysql int log_con1_mysql(struct connection *c){ // get the time if (get_utc(c) <= 0) { fprintf(stderr, "Error getting time\n"); return -1; } // get the client ip if (get_client_ip(c) < 0) { fprintf(stderr, "Error getting client ip\n"); return -1; } //open the mysql connection MYSQL *mysql_con; if (mysql_start(&mysql_con) != 0){ return 1; } char *con_time_escaped; escape(c->con_time, &con_time_escaped, mysql_con); char *client_ip_escaped; escape(c->client_ip, &client_ip_escaped, mysql_con); char *protocol_version_escaped; char protocol_version_string[10] = ""; sprintf(protocol_version_string, "%d", c->protocol_version); escape(protocol_version_string, &protocol_version_escaped, mysql_con); char *openssh_version_escaped; char openssh_version_string[10] =""; sprintf(openssh_version_string, "%d", c->openssh_version); escape(openssh_version_string, &openssh_version_escaped, mysql_con); // declare and reserve memory for the query string char *mysql_query_string; mysql_query_string = malloc(sizeof(char) * (400 + strlen(con_time_escaped) + strlen(client_ip_escaped) + strlen(protocol_version_escaped) + strlen(openssh_version_escaped))); // build the query string sprintf(mysql_query_string, "INSERT INTO `honeyssh`.`connection` (`session-id`, `ip`, `start-time`, `end-time`, `banner`, `cipher-in`, `cipher-out`, `protocol-version`, `openssh-version`, `action`, `potmode`, `id`, `sensor-id`) VALUES ('%llu', '%s', '%s', '1970-01-01 00:00:00', 'none', 'none', 'none', '%s', '%s', '-1', '%d', 'NULL', '%s');", c->session_id, client_ip_escaped, con_time_escaped, protocol_version_escaped, openssh_version_escaped, AUTHENTICATION, SENSOR_ID); // execute the query if (mysql_query(mysql_con, mysql_query_string)) { fprintf(stderr, "%s\n", mysql_error(mysql_con)); } free(mysql_query_string); free(con_time_escaped); free(protocol_version_escaped); free(openssh_version_escaped); free(client_ip_escaped); mysql_close(mysql_con); return 0; }