Skip to content

Commit

Permalink
squelching noisy log messages
Browse files Browse the repository at this point in the history
  • Loading branch information
glaslos committed Dec 29, 2024
1 parent c97ec82 commit 52e236f
Show file tree
Hide file tree
Showing 15 changed files with 84 additions and 74 deletions.
3 changes: 2 additions & 1 deletion protocols/protocols.go
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,8 @@ func MapTCPProtocolHandlers(log interfaces.Logger, h interfaces.Honeypot) map[st
if err := conn.Close(); err != nil {
log.Error("failed to close connection", producer.ErrAttr(err))
}
return err
log.Debug("failed to peek connection", producer.ErrAttr(err))
return nil
}
// poor mans check for HTTP request
httpMap := map[string]bool{"GET ": true, "POST": true, "HEAD": true, "OPTI": true, "CONN": true}
Expand Down
4 changes: 2 additions & 2 deletions protocols/tcp/adb.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ func readHexLength(r io.Reader) (int, error) {
func HandleADB(ctx context.Context, conn net.Conn, md connection.Metadata, logger interfaces.Logger, h interfaces.Honeypot) error {
defer func() {
if err := conn.Close(); err != nil {
logger.Error("failed to close ADB connection", slog.String("handler", "adb"), producer.ErrAttr(err))
logger.Error("Failed to close ADB connection", slog.String("handler", "adb"), producer.ErrAttr(err))
}
}()
length, err := readHexLength(conn)
Expand All @@ -53,7 +53,7 @@ func HandleADB(ctx context.Context, conn net.Conn, md connection.Metadata, logge
}

if err = h.ProduceTCP("adb", conn, md, data, nil); err != nil {
logger.Error("failed to produce message", producer.ErrAttr(err), slog.String("handler", "adb"))
logger.Error("Failed to produce message", producer.ErrAttr(err), slog.String("handler", "adb"))
}

logger.Info("handled adb request", slog.Int("data_read", n))
Expand Down
15 changes: 7 additions & 8 deletions protocols/tcp/bittorrent.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,24 +38,23 @@ func HandleBittorrent(ctx context.Context, conn net.Conn, md connection.Metadata
}
defer func() {
if err := h.ProduceTCP("bittorrent", conn, md, helpers.FirstOrEmpty[parsedBittorrent](server.events).Payload, server.events); err != nil {
logger.Error("failed to produce message", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
logger.Error("Failed to produce message", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
}
if err := conn.Close(); err != nil {
logger.Error("failed to close connection", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
logger.Error("Failed to close connection", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
return
}
}()

logger.Info("new bittorrent connection")

buffer := make([]byte, 1024)
for {
if err := h.UpdateConnectionTimeout(ctx, conn); err != nil {
return err
logger.Debug("Failed to set connection timeout", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
return nil
}
n, err := conn.Read(buffer)
if err != nil {
logger.Error("failed to read data", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
logger.Debug("Failed to read data", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
break
}

Expand All @@ -65,7 +64,7 @@ func HandleBittorrent(ctx context.Context, conn net.Conn, md connection.Metadata

msg := bittorrentMsg{}
if err := binary.Read(bytes.NewReader(buffer[:n]), binary.BigEndian, &msg); err != nil {
logger.Error("failed to read message", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
logger.Error("Failed to read message", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
break
}

Expand All @@ -88,7 +87,7 @@ func HandleBittorrent(ctx context.Context, conn net.Conn, md connection.Metadata
Payload: buffer[:n],
})
if err = binary.Write(conn, binary.BigEndian, msg); err != nil {
logger.Error("failed to write message", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
logger.Error("Failed to write message", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
break
}
}
Expand Down
11 changes: 7 additions & 4 deletions protocols/tcp/ftp.go
Original file line number Diff line number Diff line change
Expand Up @@ -58,10 +58,10 @@ func HandleFTP(ctx context.Context, conn net.Conn, md connection.Metadata, logge
}
defer func() {
if err := h.ProduceTCP("ftp", conn, md, helpers.FirstOrEmpty[parsedFTP](server.events).Payload, server.events); err != nil {
logger.Error("failed to produce events", producer.ErrAttr(err))
logger.Error("Failed to produce events", slog.String("protocol", "ftp"), producer.ErrAttr(err))
}
if err := conn.Close(); err != nil {
logger.Error("failed to close FTP connection", producer.ErrAttr(err))
logger.Error("Failed to close FTP connection", slog.String("protocol", "ftp"), producer.ErrAttr(err))
}
}()

Expand All @@ -75,11 +75,13 @@ func HandleFTP(ctx context.Context, conn net.Conn, md connection.Metadata, logge
}
for {
if err := h.UpdateConnectionTimeout(ctx, conn); err != nil {
return err
logger.Debug("Failed to set connection timeout", slog.String("protocol", "ftp"), producer.ErrAttr(err))
return nil
}
msg, err := server.read(logger, h)
if err != nil || err != io.EOF {
return err
logger.Debug("Failed to read data", slog.String("protocol", "ftp"), producer.ErrAttr(err))
break
}
if len(msg) < 4 {
continue
Expand Down Expand Up @@ -108,4 +110,5 @@ func HandleFTP(ctx context.Context, conn net.Conn, md connection.Metadata, logge
return err
}
}
return nil
}
6 changes: 3 additions & 3 deletions protocols/tcp/http.go
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,7 @@ func HandleHTTP(ctx context.Context, conn net.Conn, md connection.Metadata, logg
defer func() {
err := conn.Close()
if err != nil {
logger.Error("failed to close the HTTP connection", producer.ErrAttr(err))
logger.Error("Failed to close the HTTP connection", producer.ErrAttr(err))
}
}()

Expand Down Expand Up @@ -162,7 +162,7 @@ func HandleHTTP(ctx context.Context, conn net.Conn, md connection.Metadata, logg
Path: req.URL.EscapedPath(),
Query: req.URL.Query().Encode(),
}); err != nil {
logger.Error("failed to produce message", slog.String("protocol", "http"), producer.ErrAttr(err))
logger.Error("Failed to produce message", slog.String("protocol", "http"), producer.ErrAttr(err))
}

switch req.Method {
Expand Down Expand Up @@ -203,7 +203,7 @@ func HandleHTTP(ctx context.Context, conn net.Conn, md connection.Metadata, logg
}
go func() {
if err := HandleTCP(ctx, conn, md, logger, h); err != nil {
logger.Error("failed to handle vmware attack", producer.ErrAttr(err))
logger.Error("Failed to handle vmware attack", producer.ErrAttr(err))
}
}()
}
Expand Down
14 changes: 5 additions & 9 deletions protocols/tcp/jabber.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,17 +41,16 @@ type JabberClient struct {
func parseJabberClient(conn net.Conn, md connection.Metadata, dataClient []byte, logger interfaces.Logger, h interfaces.Honeypot) error {
v := JabberClient{STo: "none", Version: "none"}
if err := xml.Unmarshal(dataClient, &v); err != nil {
logger.Error(fmt.Sprintf("error: %s", err.Error()), slog.String("handler", "jabber"))
return err
}

host, port, err := net.SplitHostPort(conn.RemoteAddr().String())
if err != nil {
logger.Error(fmt.Sprintf("[jabber ] error: %v", err))
return err
}

if err = h.ProduceTCP("jabber", conn, md, dataClient, v); err != nil {
logger.Error("failed to produce message", producer.ErrAttr(err), slog.String("handler", "jabber"))
logger.Error("Failed to produce message", producer.ErrAttr(err), slog.String("handler", "jabber"))
}

logger.Info(
Expand All @@ -69,8 +68,8 @@ func readMsgJabber(conn net.Conn, md connection.Metadata, logger interfaces.Logg
r := bufio.NewReader(conn)
line, _, err := r.ReadLine()
if err != nil {
logger.Error(fmt.Sprintf("error: %s", err.Error()), slog.String("handler", "jabber"))
return err
logger.Debug("Failed to read line", slog.String("handler", "jabber"), producer.ErrAttr(err))
return nil
}
return parseJabberClient(conn, md, line[:1024], logger, h)
}
Expand All @@ -79,7 +78,7 @@ func readMsgJabber(conn net.Conn, md connection.Metadata, logger interfaces.Logg
func HandleJabber(ctx context.Context, conn net.Conn, md connection.Metadata, logger interfaces.Logger, h interfaces.Honeypot) error {
defer func() {
if err := conn.Close(); err != nil {
logger.Error(fmt.Sprintf("error: %s", err.Error()), slog.String("handler", "jabber"))
logger.Error("Failed to close connection", slog.String("handler", "jabber"), producer.ErrAttr(err))
}
}()

Expand All @@ -88,15 +87,12 @@ func HandleJabber(ctx context.Context, conn net.Conn, md connection.Metadata, lo

output, err := xml.MarshalIndent(v, " ", " ")
if err != nil {
logger.Error(fmt.Sprintf("error: %s", err.Error()), slog.String("handler", "jabber"))
return err
}
if _, err := conn.Write(output); err != nil {
logger.Error(fmt.Sprintf("error: %s", err.Error()), slog.String("handler", "jabber"))
return err
}
if err := readMsgJabber(conn, md, logger, h); err != nil {
logger.Error(fmt.Sprintf("error: %s", err.Error()), slog.String("handler", "jabber"))
return err
}
return nil
Expand Down
2 changes: 1 addition & 1 deletion protocols/tcp/memcache.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ func HandleMemcache(ctx context.Context, conn net.Conn, md connection.Metadata,
}

if err = h.ProduceTCP("memcache", conn, md, buffer, nil); err != nil {
logger.Error("failed to produce message", producer.ErrAttr(err), slog.String("handler", "memcache"))
logger.Error("Failed to produce message", producer.ErrAttr(err), slog.String("handler", "memcache"))
}

parts := strings.Split(string(buffer[:]), " ")
Expand Down
6 changes: 3 additions & 3 deletions protocols/tcp/mqtt.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ func HandleMQTT(ctx context.Context, conn net.Conn, md connection.Metadata, logg
}

if err = h.ProduceTCP("mqtt", conn, md, buffer, msg); err != nil {
logger.Error("failed to produce message", producer.ErrAttr(err), slog.String("handler", "mqtt"))
logger.Error("Failed to produce message", producer.ErrAttr(err), slog.String("handler", "mqtt"))
}

logger.Info(fmt.Sprintf("new mqqt packet with header flag: %d", msg.HeaderFlag), slog.String("handler", "mqtt"))
Expand All @@ -72,11 +72,11 @@ func HandleMQTT(ctx context.Context, conn net.Conn, md connection.Metadata, logg
}
var buf bytes.Buffer
if err = binary.Write(&buf, binary.LittleEndian, res); err != nil {
logger.Error("failed to write buffer", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
logger.Error("Failed to write buffer", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
break
}
if _, err = conn.Write(buf.Bytes()); err != nil {
logger.Error("failed to write message", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
logger.Error("Failed to write message", producer.ErrAttr(err), slog.String("handler", "bittorrent"))
break
}
} else {
Expand Down
19 changes: 10 additions & 9 deletions protocols/tcp/rdp.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,25 +43,26 @@ func HandleRDP(ctx context.Context, conn net.Conn, md connection.Metadata, logge
}
defer func() {
if err := h.ProduceTCP("rdp", conn, md, helpers.FirstOrEmpty[parsedRDP](server.events).Payload, server.events); err != nil {
logger.Error("failed to produce message", slog.String("protocol", "rdp"), producer.ErrAttr(err))
logger.Error("Failed to produce message", slog.String("protocol", "rdp"), producer.ErrAttr(err))
}
if err := conn.Close(); err != nil {
logger.Error(fmt.Sprintf("[rdp ] error: %v", err))
logger.Debug("Failed to close RDP connection", slog.String("protocol", "rdp"), producer.ErrAttr(err))
}
}()

buffer := make([]byte, 1024)
for {
if err := h.UpdateConnectionTimeout(ctx, conn); err != nil {
return err
logger.Debug("Failed to set connection timeout", slog.String("protocol", "rdp"), producer.ErrAttr(err))
return nil
}
n, err := conn.Read(buffer)
if err != nil && n <= 0 {
logger.Error(fmt.Sprintf("rdp error: %v", err))
return err
logger.Debug("Failed to read from connection", slog.String("protocol", "rdp"), producer.ErrAttr(err))
return nil
}
if n > 0 && n < 1024 {
logger.Info(fmt.Sprintf("rdp \n%s", hex.Dump(buffer[0:n])))
logger.Debug(fmt.Sprintf("rdp \n%s", hex.Dump(buffer[0:n])))
pdu, err := rdp.ParseCRPDU(buffer[0:n])
if err != nil {
return err
Expand All @@ -71,15 +72,15 @@ func HandleRDP(ctx context.Context, conn net.Conn, md connection.Metadata, logge
Header: pdu.Header,
Payload: buffer[0:n],
})
logger.Info(fmt.Sprintf("rdp req pdu: %+v", pdu))
logger.Debug(fmt.Sprintf("rdp req pdu: %+v", pdu))
if len(pdu.Data) > 0 {
logger.Info(fmt.Sprintf("rdp data: %s", string(pdu.Data)))
logger.Debug(fmt.Sprintf("rdp data: %s", string(pdu.Data)))
}
header, resp, err := rdp.ConnectionConfirm(pdu.TPDU)
if err != nil {
return err
}
logger.Info(fmt.Sprintf("rdp resp pdu: %+v", resp))
logger.Debug(fmt.Sprintf("rdp resp pdu: %+v", resp))
if err := server.write(header, resp); err != nil {
return err
}
Expand Down
11 changes: 6 additions & 5 deletions protocols/tcp/rfb.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,20 +5,20 @@ import (
"bytes"
"context"
"encoding/binary"
"fmt"
"log/slog"
"net"

"github.com/mushorg/glutton/connection"
"github.com/mushorg/glutton/producer"
"github.com/mushorg/glutton/protocols/interfaces"
)

func readRFB(conn net.Conn, logger interfaces.Logger) error {
msg, err := bufio.NewReader(conn).ReadString('\n')
if err != nil {
logger.Error(fmt.Sprintf("[rfb ] error: %v", err))
return err
}
logger.Info(fmt.Sprintf("[rfb ] message %q", msg))
logger.Debug("RFB message", slog.String("msg", msg), slog.String("protocol", "rfb"))
return nil
}

Expand All @@ -37,15 +37,16 @@ type PixelFormat struct {
func HandleRFB(ctx context.Context, conn net.Conn, md connection.Metadata, logger interfaces.Logger, h interfaces.Honeypot) error {
defer func() {
if err := conn.Close(); err != nil {
logger.Error(fmt.Sprintf("[rfb ] error: %v", err))
logger.Debug("Failed to close RFB connection", slog.String("protocol", "rfb"), producer.ErrAttr(err))
}
}()

if _, err := conn.Write([]byte("RFB 003.008\n")); err != nil {
return err
}
if err := readRFB(conn, logger); err != nil {
return err
logger.Debug("Failed to read RFB", slog.String("protocol", "rfb"), producer.ErrAttr(err))
return nil
}
var authNone uint32 = 1
bs := make([]byte, 4)
Expand Down
19 changes: 11 additions & 8 deletions protocols/tcp/sip.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,18 +2,18 @@ package tcp

import (
"context"
"fmt"
"log/slog"
"net"
"net/http"

"github.com/ghettovoice/gosip/log"
"github.com/ghettovoice/gosip/sip"
"github.com/ghettovoice/gosip/sip/parser"
"github.com/mushorg/glutton/connection"
"github.com/mushorg/glutton/producer"
"github.com/mushorg/glutton/protocols/helpers"
"github.com/mushorg/glutton/protocols/interfaces"

"github.com/ghettovoice/gosip/log"
"github.com/ghettovoice/gosip/sip"
"github.com/ghettovoice/gosip/sip/parser"
)

const maxBufferSize = 1024
Expand All @@ -35,10 +35,10 @@ func HandleSIP(ctx context.Context, conn net.Conn, md connection.Metadata, logge
}
defer func() {
if err := h.ProduceTCP("sip", conn, md, helpers.FirstOrEmpty[parsedSIP](server.events).Payload, server.events); err != nil {
logger.Error("failed to produce message", slog.String("protocol", "sip"), producer.ErrAttr(err))
logger.Error("Failed to produce message", slog.String("protocol", "sip"), producer.ErrAttr(err))
}
if err := conn.Close(); err != nil {
logger.Error(fmt.Errorf("failed to close SIP connection: %w", err).Error())
logger.Debug("Failed to close SIP connection", slog.String("protocol", "sip"), producer.ErrAttr(err))
}
}()

Expand All @@ -48,11 +48,13 @@ func HandleSIP(ctx context.Context, conn net.Conn, md connection.Metadata, logge

for {
if err := h.UpdateConnectionTimeout(ctx, conn); err != nil {
return err
logger.Debug("Failed to set connection timeout", slog.String("protocol", "sip"), producer.ErrAttr(err))
return nil
}
n, err := conn.Read(buffer)
if err != nil {
return err
logger.Debug("Failed to read data", slog.String("protocol", "sip"), producer.ErrAttr(err))
break
}

msg, err := pp.ParseMessage(buffer[:n])
Expand Down Expand Up @@ -93,4 +95,5 @@ func HandleSIP(ctx context.Context, conn net.Conn, md connection.Metadata, logge
}
}
}
return nil
}
Loading

0 comments on commit 52e236f

Please sign in to comment.