micetrap 0.1.0

data/.gitignore

@@ -0,0 +1,4 @@
+pkg/*
+*.gem
+.bundle
+*.log

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format documentation

data/.rvmrc

@@ -0,0 +1 @@
+rvm --create use ruby-1.9.2@micetrap

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in micetrap.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,43 @@
+PATH
+  remote: .
+  specs:
+    micetrap (0.0.1)
+      trollop
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    configuration (1.2.0)
+    diff-lcs (1.1.2)
+    guard (0.2.2)
+      open_gem (~> 1.4.2)
+      thor (~> 0.14.3)
+    guard-rspec (0.1.9)
+      guard (>= 0.2.2)
+    launchy (0.3.7)
+      configuration (>= 0.0.5)
+      rake (>= 0.8.1)
+    open_gem (1.4.2)
+      launchy (~> 0.3.5)
+    rake (0.8.7)
+    rspec (2.3.0)
+      rspec-core (~> 2.3.0)
+      rspec-expectations (~> 2.3.0)
+      rspec-mocks (~> 2.3.0)
+    rspec-core (2.3.1)
+    rspec-expectations (2.3.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.3.0)
+    thor (0.14.6)
+    trollop (1.16.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.0.7)
+  guard
+  guard-rspec
+  micetrap!
+  rspec (~> 2.3.0)
+  trollop

data/Guardfile

@@ -0,0 +1,8 @@
+# A sample Guardfile
+# More info at http://github.com/guard/guard#readme
+
+guard 'rspec', :version => 2 do
+  watch('^spec/(.*)_spec.rb')
+  watch('^lib/(.*)\.rb')                              { |m| "spec/#{m[1]}_spec.rb" }
+  watch('^spec/spec_helper.rb')                       { "spec" }
+end

data/Rakefile

@@ -0,0 +1,10 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks
+
+require 'rspec/core'
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec) do |spec|
+  spec.pattern = FileList['spec/**/*_spec.rb']
+end
+
+task :default => :spec

data/Readme.md

@@ -0,0 +1,114 @@
+#micetrap
+            ___
+        _.-|   |          |\__/,|   (`\
+       {   |   |          |o o  |__ _) )
+        "-.|___|        _.( T   )  `  /
+         .--'-`-.     _((_ `^--' /_<  \
+       .+|______|__.-||__)`-'(((/  (((/
+
+Catch hackers on the fly with micetrap!
+
+Micetrap opens a server on either a given or random port, emulating fake
+vulnerable services. Port scanners such as Nmap, when fingerprinting ports
+to discover service names and versions, will get apparently legitimate
+responses from common services such as FTP, HTTP or MySQL servers,
+therefore misleading potential attackers with false information.
+
+Depending on the operating system you are using, micetrap will try its best
+to +look feasible+ by choosing the appropriate fake services and versions
+to emulate. Whenever possible, micetrap will provide a bit outdated versions
+which are more likely to be vulnerable, and thus making the attacker focus
+on those ports. While the attacker tries to exploit these ports, she is
+essentially sending certain packets -- which get properly captured and
+logged by micetrap. This information might be useful to discover what kind
+of attacks are being tried against your machine, therefore giving you time
+and the opportunity to defend appropriately.
+
+Running micetrap with sudo will allow it to use default, unsuspicious ports,
+which may give you advantage at tricking a smart attacker.
+
+##Install
+
+   gem install micetrap
+
+...or, if you want to be able to use it with sudo:
+
+   sudo gem install micetrap
+
+Micetrap currently runs on Ruby versions 1.8.7 and 1.9.2.
+
+##Usage
+
+Just fire up the server with some fake service, such an ftp server:
+
+   micetrap ftp --port 8765
+
+If everything is ok, you will see something like this:
+
+   (some timestamp) ::: Ftp trap listening on ::ffff:0.0.0.0:8765 :::
+
+TL;DR: Most port scanners such as _nmap_ have some kind of fingerprinting
+capabilities. This means that, in order to discover which services and
+versions run behind a specific port, they send special packets or _probes_
+which make different services and versions react differently. By capturing
+the response and matching against with a database, most of the time they
+can reliably determine what service and version is running behind that port.
+
+Port scanners usually start by sending a blank probe, since many servers
+respond with a welcome banner telling interesting stuff about them. Micetrap
+only responds to those early blank probes. Let's try to port-scan this fake
+ftp service with nmap fingerprinting:
+
+   nmap 127.0.0.1 -p 8765 -A
+
+We are scanning localhost, port 8765, and -A means service version detection
+and OS guessing. After a while, in our micetrap server terminal we see:
+
+   (timestamp) Recorded a probe coming from ::ffff:127.0.0.1:51082 containing
+   the following: (empty line)
+
+   (timestamp) ::: Responded misleadingly: let's drive those hackers nuts! :::
+
+These gets logged inside a .log file within the current directory.
+And in the nmap terminal:
+
+   Starting Nmap 5.35DC1 ( http://nmap.org ) at (timestamp)
+   Nmap scan report for localhost (127.0.0.1)
+   Host is up (0.00017s latency).
+   PORT     STATE SERVICE VERSION
+   8765/tcp open  ftp     Mac OS X Server ftpd
+
+The faked service/version is random (you can start an ftp server which looks
+like lukemftpd, Mac OS X server ftpd or PureFTPd for example), but it is
+consistent within the same server, so that every scan reports the same service
+and version.
+
+## U mad? Evil hackers
+
+Probably.
+
+##Available services
+
+For now there are a bunch of ftp, http, torrent, mysql and samba services,
+mostly Mac-ish.
+
+##Contribute!
+
+If you want to contribute with more services and versions to empower micetrap
+and be a superhero, you shall follow these steps:
+
+* Fork the project.
+* Install _nmap_ and look for a file called nmap-service-probes in your system.
+  This file contains regexes used to match responses from scanned services.
+* You only have to devise a string which fits in one of this regexes and then
+  add it in the corresponding service file (in lib/micetrap/services/ftp.rb for
+  example if it's an ftp server).
+* Commit, do not mess with rakefile, version, or history.
+  If you want to have your own version, that is fine but bump version
+  in a commit by itself I can ignore when I pull.
+* Send me a pull request. Bonus points for topic branches.
+* Profit!
+
+## Copyright
+
+Copyright (c) 2011 Josep M. Bach. See LICENSE for details.

data/bin/micetrap

@@ -0,0 +1,61 @@
+#!/usr/bin/env ruby
+$LOAD_PATH.unshift File.dirname(__FILE__) + '/../lib'
+
+require 'trollop' unless defined?(Trollop)
+require 'micetrap'
+require 'micetrap/version'
+
+SERVICES = Micetrap.services
+
+opts = Trollop::options do
+  version "micetrap #{Micetrap::VERSION} (c) 2011 Josep M. Bach"
+  banner <<-EOS
+  Micetrap opens a server on either a given or random port, emulating fake
+  vulnerable services. Port scanners such as Nmap, when fingerprinting ports
+  to discover service names and versions, will get apparently legitimate
+  responses from common services such as FTP, HTTP or MySQL servers,
+  therefore misleading potential attackers with false information.
+
+  Depending on the operating system you are using, micetrap will try its best
+  to +look feasible+ by choosing the appropriate fake services and versions
+  to emulate. Whenever possible, micetrap will provide a bit outdated versions
+  which are more likely to be vulnerable, and thus making the attacker focus
+  on those ports. While the attacker tries to exploit these ports, she is
+  essentially sending certain packets -- which get properly captured and
+  logged my micetrap. This information might be useful to discover what kind
+  of attacks are being tried against your machine, therefore giving you time
+  and the opportunity to defend appropriately.
+
+  Fire up a simple ftp micetrap like this:
+
+        sudo micetrap ftp
+
+  Running it with sudo will allow you to use default, unsuspicious ports,
+  which may give you advantage at tricking a smart attacker.
+
+  If you don't want to use system ports, you can run micetrap without having
+  root privileges like this:
+
+        micetrap ftp --port 9999   (or whatever non-system port you like)
+
+  The available services are are:
+    #{SERVICES.join(', ')}
+
+  Usage:
+        [sudo] micetrap <service> [options]
+
+  where [options] are:
+EOS
+  opt :port, "A specific port to use", :default => nil, :type => :integer
+  stop_on SERVICES
+end
+
+service = ARGV.shift.to_sym
+Trollop::die "You need to specify a service, which must be one of the following: #{SERVICES.join(', ')}\n\nMaybe you just feel a bit lost.." unless SERVICES.include?(service)
+
+# Show a nice banner
+ANSI = {:RESET=>"\e[0m", :BOLD=>"\e[1m", :UNDERLINE=>"\e[4m", :LGRAY=>"\e[0;37m", :GRAY=>"\e[1;30m", :RED=>"\e[31m", :GREEN=>"\e[32m", :YELLOW=>"\e[33m", :BLUE=>"\e[34m", :MAGENTA=>"\e[35m", :CYAN=>"\e[36m", :WHITE=>"\e[37m"}
+
+puts "Starting #{ANSI[:BOLD]}Micetrap#{ANSI[:RESET]}..."
+puts "Loading fake #{ANSI[:RED]}#{service}#{ANSI[:RESET]} server... (press Ctrl-C to exit)\n"
+Micetrap::Server.new(opts.update(:service => service)).fire!

data/lib/core_ext/array.rb

@@ -0,0 +1,5 @@
+if RUBY_VERSION =~ /1\.8/
+  class Array
+    alias :sample :choice
+  end
+end

data/lib/micetrap.rb

@@ -0,0 +1,19 @@
+require 'core_ext/array'
+
+require 'micetrap/services/exceptions'
+require 'micetrap/services/base'
+
+require 'micetrap/logger'
+require 'micetrap/server'
+
+module Micetrap
+  class << self
+    def services
+      [:ftp, :torrent, :samba, :http, :mysql]
+    end
+  end
+end
+
+Micetrap.services.each do |service|
+  require "micetrap/services/#{service}"
+end

data/lib/micetrap/logger.rb

@@ -0,0 +1,37 @@
+module Micetrap
+  class Logger
+    TIMESTAMP_FORMAT = "%Y-%m-%d__%H-%M"
+   
+    attr_reader :filename
+
+    def initialize(service_name)
+      @service_name = service_name
+      @filename = ['micetrap',
+                   service_name,
+                   Time.now.strftime(TIMESTAMP_FORMAT)
+                  ].join('_') + '.log'
+    end
+
+    def file
+      @file ||= File.new(@filename, 'a')
+    end
+
+    def log_probe(line, remote_host, remote_port)
+      content = line.strip.length > 0 ? line : '(empty line)'
+      logged = "\n#{Time.now} Recorded a probe coming from #{remote_host}:#{remote_port} containing the following: #{content}"
+      File.open(@filename, 'a') do |f|
+        f.write logged
+      end
+      puts logged
+    end
+
+    def log_message(line)
+      logged = "\n#{Time.now} ::: #{line} :::"
+      File.open(@filename, 'a') do |f|
+        f.write logged
+      end
+      puts logged
+    end
+
+  end
+end

data/lib/micetrap/server.rb

@@ -0,0 +1,22 @@
+require 'socket'
+
+module Micetrap
+  class Server
+    attr_reader :service
+    attr_reader :port
+
+    def initialize(options)
+      raise StandardError.new("Service cannot be empty!") unless options[:service]
+      @service = 
+        eval("Micetrap::Services::#{options[:service].to_s.capitalize}").new
+      @port = options[:port] # Optional
+    rescue NameError=>e
+      raise Services::UnrecognizedServiceException.new("Service #{options[:service].to_s.capitalize} is not recognized")
+    end
+
+    def fire!
+      @service.fire port
+    end
+
+  end
+end

data/lib/micetrap/services/base.rb

@@ -0,0 +1,83 @@
+module Micetrap
+  module Services
+    class Base
+
+      class ClientQuitError < RuntimeError; end
+
+      attr_reader :logger
+
+      def initialize
+        @logger = Logger.new self.name.downcase.to_sym
+      end
+
+      def fire port = nil
+        port = port ? port.to_i : default_ports.sample
+        begin
+          server = TCPServer.open(port || 0)
+        rescue Errno::EACCES
+          puts "Looks like you are trying to use a system port, for which you need root privileges.\nRun micetrap with another port if you don't want to sudo!\n"
+          exit(1)
+        end
+        @port = server.addr[1]
+        @addrs = server.addr[2..-1].uniq
+
+        logger.log_message "#{name} trap listening on #{@addrs.collect{|a|"#{a}:#{port}"}.join(' ')}"
+        listen(server)
+      end
+
+      def listen(server)
+        # Handle Ctrl-C to exit!
+        interrupted = false
+        trap("INT") do
+          puts "Gracefully exiting...";
+          interrupted = true;
+          Kernel.exit(0)
+        end
+
+        while not interrupted do
+          socket = server.accept
+          Thread.start do
+            read_from(socket)
+          end
+        end
+      end
+
+      def read_from(socket)
+        s = socket
+
+        port = s.peeraddr[1]
+        name = s.peeraddr[2]
+        addr = s.peeraddr[3]
+
+        begin
+          while line = s.gets # read a line at a time
+            raise ClientQuitError if line =~ /^die\r?$/
+
+            logger.log_probe line, name, port
+
+            if line.strip == ""
+              s.write response
+              logger.log_message "Responded misleadingly: let's drive those hackers nuts!"
+              s.close
+              Kernel.exit(0)
+            end
+          end
+        rescue ClientQuitError
+          logger.log_message "#{name}:#{port} disconnected"
+        ensure
+          s.close # close socket on error
+        end
+      end
+
+      protected
+
+      def default_ports; []; end;
+      def response; ""; end;
+
+      def name
+        self.class.name.split('::').last
+      end
+
+    end
+  end
+end

data/lib/micetrap/services/exceptions.rb

@@ -0,0 +1,5 @@
+module Micetrap
+  module Services
+    class UnrecognizedServiceException < StandardError; end;
+  end
+end

data/lib/micetrap/services/ftp.rb

@@ -0,0 +1,22 @@
+module Micetrap
+  module Services
+    class Ftp < Base
+
+      protected
+
+      def default_ports
+        [21]
+      end
+
+      def response
+        @response ||=
+          [
+            "220-FTP server (lukemftpd 1.1) ready.\r\n",
+            "220 Welcome to Pure-FTPd 1.8\r\n",
+            "220--------------------------------------------------------------------------------\r\n220-This is the \"Banner\" message for the Mac OS X Server's FTP server process.\r\n",
+          ].sample
+      end
+
+    end
+  end
+end

data/lib/micetrap/services/http.rb

@@ -0,0 +1,20 @@
+module Micetrap
+  module Services
+    class Http < Base
+
+      protected
+
+      def default_ports
+        [80, 8080]
+      end
+
+      def response
+        @response ||=
+          [
+            "HTTP/1\.0 200 OK\r\nContent-Type: text/html\r\n\r\n<html>\n<body>\n<ul><li>\n<i>com\.apple\.KernelEventAgent</i>\n",
+          ].sample
+      end
+
+    end
+  end
+end

data/lib/micetrap/services/mysql.rb

@@ -0,0 +1,20 @@
+module Micetrap
+  module Services
+    class Mysql < Base
+
+      protected
+
+      def default_ports
+        [3306]
+      end
+
+      def response
+        @response ||=
+          [
+            ".\0\0\0\n4.0.13\0...\0",
+          ].sample
+      end
+
+    end
+  end
+end

data/lib/micetrap/services/samba.rb

@@ -0,0 +1,20 @@
+module Micetrap
+  module Services
+    class Samba < Base
+
+      protected
+
+      def default_ports
+        [135, 139, 445]
+      end
+
+      def response
+        @response ||=
+          [
+            "smbd: error while loading shared libraries: libattr.so.1: cannot open shared object file: No such file or directory\n",
+          ].sample
+      end
+
+    end
+  end
+end

data/lib/micetrap/services/torrent.rb

@@ -0,0 +1,20 @@
+module Micetrap
+  module Services
+    class Torrent < Base
+
+      protected
+
+      def default_ports
+        []
+      end
+
+      def response
+        @response ||=
+          [
+            "\x13BitTorrent protocol\0\0\0\0\0\0\0\0",
+          ].sample
+      end
+
+    end
+  end
+end

data/lib/micetrap/version.rb

@@ -0,0 +1,3 @@
+module Micetrap
+  VERSION = "0.1.0"
+end

data/micetrap.gemspec

@@ -0,0 +1,29 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "micetrap/version"
+
+Gem::Specification.new do |s|
+  s.name        = "micetrap"
+  s.version     = Micetrap::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Josep M. Bach"]
+  s.email       = ["josep.m.bach@gmail.com"]
+  s.homepage    = "http://github.com/txus/micetrap"
+  s.summary     = %q{Catch evil hackers on the fly by placing open-port traps emulating fake vulnerable services!}
+  s.description = %q{Catch evil hackers on the fly by placing open-port traps emulating fake vulnerable services!}
+
+  s.rubyforge_project = "micetrap"
+
+  s.add_runtime_dependency 'trollop'
+  s.default_executable = "micetrap"
+
+  s.add_development_dependency 'bundler', '~> 1.0.7'
+  s.add_development_dependency 'rspec',   '~> 2.3.0'
+  s.add_development_dependency 'guard'
+  s.add_development_dependency 'guard-rspec'
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end

data/spec/micetrap/logger_spec.rb

@@ -0,0 +1,61 @@
+require 'spec_helper'
+
+module Micetrap
+
+  describe Logger do
+
+    describe "#initialize" do
+      it 'initializes the filename' do
+        Time.stub_chain('now.strftime').and_return "2011-01-03__20-30"
+        logger = Logger.new :ftp
+        logger.filename.should == "micetrap_ftp_2011-01-03__20-30.log"
+      end
+    end
+
+    describe "instance methods" do
+
+      subject { Logger.new :ftp }
+
+      describe "#file" do
+        it 'returns the log file' do
+          file = double('file')
+          File.stub(:new).and_return file
+          subject.file.should be(file)
+        end
+      end
+
+      describe "#log_probe" do
+        it 'logs a scanned service along with the scanner info' do
+          file = double('file')
+          now = Time.now
+          Time.stub(:now).and_return now
+          File.stub(:new).and_return file
+
+          expected_string = "\n#{now} Recorded a probe coming from hackerz.com:5978 containing the following: ###EVILPROBE###"
+
+          File.should_receive(:open).and_yield file
+          file.should_receive(:write).with expected_string
+                          
+          subject.log_probe "###EVILPROBE###", "hackerz.com", 5978
+        end
+      end
+
+      describe "#log_message" do
+        it 'logs a misc messagescanned service along with the scanner info' do
+          file = double('file')
+          now = Time.now
+          Time.stub(:now).and_return now
+          File.stub(:new).and_return file
+
+          expected_string = "\n#{now} ::: Warning! :::"
+
+          File.should_receive(:open).and_yield file
+          file.should_receive(:write).with expected_string
+                          
+          subject.log_message "Warning!"
+        end
+      end
+    end
+
+  end
+end

data/spec/micetrap/server_spec.rb

@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+module Micetrap
+
+  module Services
+    class Test
+    end
+  end
+
+  describe Server do
+    describe "#initialize" do
+      it 'initializes the service' do
+        server = Server.new :service => :test
+        server.service.should be_a(Services::Test)
+      end
+      it 'assigns a custom port if given' do
+        server = Server.new :service => :test,
+                            :port => 80
+        server.port.should be(80)
+      end
+
+      context 'when given an invalid service' do 
+        it 'raises' do 
+          expect { 
+            Server.new :service => :foo
+          }.to raise_error(Services::UnrecognizedServiceException)
+        end
+      end
+      context 'when service is blank' do 
+        it 'raises' do 
+          expect { 
+            Server.new :service => nil
+          }.to raise_error(StandardError, "Service cannot be empty!")
+        end
+      end
+    end
+
+    describe "#fire!" do
+      it 'fires the service' do
+        test_service = double('service')
+        Services::Test.should_receive(:new).and_return test_service
+        server = Server.new :service => :test
+        server.stub(:port).and_return 80
+        test_service.should_receive(:fire).with(80)
+
+        server.fire!
+      end
+    end
+
+  end
+end

data/spec/micetrap/services/base_spec.rb

@@ -0,0 +1,113 @@
+require 'spec_helper'
+
+module Micetrap
+  module Services
+    describe Base do
+      describe "#fire" do
+
+        before(:each) do
+          subject.stub(:listen)
+        end
+
+        context 'when given a port' do
+          it 'fires up the service on that port' do
+            server = double('server', :addr => [1,2,3])
+            TCPServer.should_receive(:open).with(5900).and_return server
+            subject.fire 5900
+          end
+        end
+        context 'when port is nil' do
+          it 'fires up the service on one of the default ports' do
+            server = double('server', :addr => [1,2,3])
+            subject.stub_chain('default_ports.sample') { 445 }
+            TCPServer.should_receive(:open).with(445).and_return server
+
+            subject.fire
+          end
+          context 'but when no default ports are specified' do
+            it 'uses the port 0' do
+              server = double('server', :addr => [1,2,3])
+              subject.stub(:default_ports) { [] }
+              TCPServer.should_receive(:open).with(0).and_return server
+
+              subject.fire
+            end
+          end
+        end
+        it 'logs a message telling the trap is listening' do
+          server = double('server', :addr => [1,2,3])
+          TCPServer.stub(:open).and_return server
+          subject.logger.should_receive(:log_message).with do |arg|
+            arg.should include('Base trap listening') 
+          end
+          subject.fire
+        end
+      end
+      describe "#listen", :blocking => true do
+        it 'calls read_from every time a connection is accepted' do
+          Kernel.stub(:exit)
+          connection = double('connection')
+          server = double('server', :addr => [1,2,3], :accept => connection)
+
+          subject.should_receive(:read_from).with(connection).any_number_of_times
+          puts "Press Ctrl-C to resume specs! Don't worry, it's all under control :)"
+          subject.listen(server)
+        end
+      end   
+      describe "#read_from" do
+        let(:peeraddr) { [ nil, 4983, 'hackerz.com', '293.13.23.32'] }
+        let(:socket) do
+          double :socket, :peeraddr => peeraddr
+        end
+        before(:each) do
+          socket.should_receive(:close).any_number_of_times
+        end
+
+        context 'when the socket contains a line with die' do
+          it 'dies' do
+            socket.should_receive(:gets).and_return 'die'
+            subject.logger.should_not_receive(:log_probe)
+            subject.logger.should_receive(:log_message).with("hackerz.com:4983 disconnected")
+
+            subject.read_from(socket)
+          end
+        end
+
+        context 'otherwise' do
+          it 'logs the probe' do
+            socket.should_receive(:gets).and_return 'some probe', nil
+            subject.logger.should_receive(:log_probe).with 'some probe', 'hackerz.com', 4983
+
+            subject.read_from(socket)
+          end
+          context 'when the line is blank' do
+            it 'does respond with the appropriate response' do
+              Kernel.stub(:exit)
+              socket.should_receive(:gets).and_return '', nil
+              subject.logger.stub(:log_probe)
+              appropriate_response = double :response
+              subject.should_receive(:response).and_return appropriate_response
+
+              socket.should_receive(:write).with(appropriate_response)
+              subject.logger.should_receive(:log_message)
+
+              subject.read_from(socket)
+            end
+          end
+          context 'when the line contains any other thing' do
+            it 'does not respond' do
+              socket.should_receive(:gets).and_return 'some evil probe', nil
+              subject.logger.stub(:log_probe)
+
+              subject.should_not_receive(:response)
+              socket.should_not_receive(:write)
+
+              subject.read_from(socket)
+            end
+          end
+        end
+
+      end   
+    end
+  end
+end

data/spec/micetrap/services/ftp_spec.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+
+module Micetrap
+  module Services
+    describe Ftp do
+
+      describe "#default_ports" do
+        it 'returns the default ports' do
+          Ftp.new.send(:default_ports).should include(21)
+        end
+      end
+      describe "#response" do
+        it 'returns a response' do
+          Ftp.new.send(:response).should be_a(String)
+        end
+        it 'caches the response for cohesion' do
+          service = Ftp.new
+          response = service.send(:response)
+          service.instance_variable_get(:@response).should == response
+        end
+      end
+    end
+  end
+end

data/spec/micetrap/services/http_spec.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+
+module Micetrap
+  module Services
+    describe Http do
+
+      describe "#default_ports" do
+        it 'returns the default ports' do
+          Http.new.send(:default_ports).should =~ [80, 8080]
+        end
+      end
+      describe "#response" do
+        it 'returns a response' do
+          Http.new.send(:response).should be_a(String)
+        end
+        it 'caches the response for cohesion' do
+          service = Http.new
+          response = service.send(:response)
+          service.instance_variable_get(:@response).should == response
+        end
+      end
+    end
+  end
+end

data/spec/micetrap/services/mysql_spec.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+
+module Micetrap
+  module Services
+    describe Mysql do
+
+      describe "#default_ports" do
+        it 'returns the default ports' do
+          Mysql.new.send(:default_ports).should include(3306)
+        end
+      end
+      describe "#response" do
+        it 'returns a response' do
+          Mysql.new.send(:response).should be_a(String)
+        end
+        it 'caches the response for cohesion' do
+          service = Mysql.new
+          response = service.send(:response)
+          service.instance_variable_get(:@response).should == response
+        end
+      end
+    end
+  end
+end

data/spec/micetrap/services/samba_spec.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+
+module Micetrap
+  module Services
+    describe Samba do
+
+      describe "#default_ports" do
+        it 'returns the default ports' do
+          Samba.new.send(:default_ports).should =~ [135, 139, 445]
+        end
+      end
+      describe "#response" do
+        it 'returns a response' do
+          Samba.new.send(:response).should be_a(String)
+        end
+        it 'caches the response for cohesion' do
+          service = Samba.new
+          response = service.send(:response)
+          service.instance_variable_get(:@response).should == response
+        end
+      end
+    end
+  end
+end

data/spec/micetrap/services/torrent_spec.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+
+module Micetrap
+  module Services
+    describe Torrent do
+
+      describe "#default_ports" do
+        it 'returns the default ports' do
+          Torrent.new.send(:default_ports).should == []
+        end
+      end
+      describe "#response" do
+        it 'returns a response' do
+          Torrent.new.send(:response).should be_a(String)
+        end
+        it 'caches the response for cohesion' do
+          service = Torrent.new
+          response = service.send(:response)
+          service.instance_variable_get(:@response).should == response
+        end
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,17 @@
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+
+require 'micetrap'
+require 'rspec'
+
+# Requires supporting files with custom matchers and macros, etc,
+# in ./support/ and its subdirectories.
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}

metadata

@@ -0,0 +1,171 @@
+--- !ruby/object:Gem::Specification 
+name: micetrap
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- Josep M. Bach
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-01-06 00:00:00 +01:00
+default_executable: micetrap
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: trollop
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: bundler
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 0
+        - 7
+        version: 1.0.7
+  type: :development
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 2
+        - 3
+        - 0
+        version: 2.3.0
+  type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: guard
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: guard-rspec
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id005
+description: Catch evil hackers on the fly by placing open-port traps emulating fake vulnerable services!
+email: 
+- josep.m.bach@gmail.com
+executables: 
+- micetrap
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- .rspec
+- .rvmrc
+- Gemfile
+- Gemfile.lock
+- Guardfile
+- Rakefile
+- Readme.md
+- bin/micetrap
+- lib/core_ext/array.rb
+- lib/micetrap.rb
+- lib/micetrap/logger.rb
+- lib/micetrap/server.rb
+- lib/micetrap/services/base.rb
+- lib/micetrap/services/exceptions.rb
+- lib/micetrap/services/ftp.rb
+- lib/micetrap/services/http.rb
+- lib/micetrap/services/mysql.rb
+- lib/micetrap/services/samba.rb
+- lib/micetrap/services/torrent.rb
+- lib/micetrap/version.rb
+- micetrap.gemspec
+- spec/micetrap/logger_spec.rb
+- spec/micetrap/server_spec.rb
+- spec/micetrap/services/base_spec.rb
+- spec/micetrap/services/ftp_spec.rb
+- spec/micetrap/services/http_spec.rb
+- spec/micetrap/services/mysql_spec.rb
+- spec/micetrap/services/samba_spec.rb
+- spec/micetrap/services/torrent_spec.rb
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: http://github.com/txus/micetrap
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: micetrap
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: Catch evil hackers on the fly by placing open-port traps emulating fake vulnerable services!
+test_files: 
+- spec/micetrap/logger_spec.rb
+- spec/micetrap/server_spec.rb
+- spec/micetrap/services/base_spec.rb
+- spec/micetrap/services/ftp_spec.rb
+- spec/micetrap/services/http_spec.rb
+- spec/micetrap/services/mysql_spec.rb
+- spec/micetrap/services/samba_spec.rb
+- spec/micetrap/services/torrent_spec.rb
+- spec/spec_helper.rb