typescript-virtual-container 1.1.4 → 1.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +42 -0
- package/HONEYPOT.md +358 -0
- package/README.md +471 -16
- package/dist/Honeypot/index.d.ts +132 -0
- package/dist/Honeypot/index.d.ts.map +1 -0
- package/dist/Honeypot/index.js +289 -0
- package/dist/SSHMimic/index.d.ts +2 -1
- package/dist/SSHMimic/index.d.ts.map +1 -1
- package/dist/SSHMimic/index.js +12 -1
- package/dist/SSHMimic/sftp.d.ts +3 -1
- package/dist/SSHMimic/sftp.d.ts.map +1 -1
- package/dist/SSHMimic/sftp.js +20 -1
- package/dist/VirtualFileSystem/index.d.ts +2 -1
- package/dist/VirtualFileSystem/index.d.ts.map +1 -1
- package/dist/VirtualFileSystem/index.js +8 -1
- package/dist/VirtualShell/index.d.ts +2 -1
- package/dist/VirtualShell/index.d.ts.map +1 -1
- package/dist/VirtualShell/index.js +6 -1
- package/dist/VirtualUserManager/index.d.ts +2 -1
- package/dist/VirtualUserManager/index.d.ts.map +1 -1
- package/dist/VirtualUserManager/index.js +19 -1
- package/dist/honeypot.d.ts +132 -0
- package/dist/honeypot.d.ts.map +1 -0
- package/dist/honeypot.js +289 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -1
- package/examples/README.md +210 -0
- package/examples/honeypot-audit.ts +180 -0
- package/examples/honeypot-export.ts +253 -0
- package/examples/honeypot-quickstart.ts +110 -0
- package/package.json +1 -1
- package/src/Honeypot/index.ts +422 -0
- package/src/SSHMimic/index.ts +13 -1
- package/src/SSHMimic/sftp.ts +21 -1
- package/src/VirtualFileSystem/index.ts +8 -1
- package/src/VirtualShell/index.ts +6 -1
- package/src/VirtualUserManager/index.ts +21 -3
- package/src/index.ts +6 -0
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { EventEmitter } from "node:events";
|
|
1
2
|
import * as fs from "node:fs";
|
|
2
3
|
import * as path from "node:path";
|
|
3
4
|
import { gunzipSync, gzipSync } from "node:zlib";
|
|
@@ -9,7 +10,7 @@ import { normalizePath } from "./path";
|
|
|
9
10
|
* {@link VirtualFileSystem.restoreMirror} on startup and
|
|
10
11
|
* {@link VirtualFileSystem.flushMirror} to persist pending changes.
|
|
11
12
|
*/
|
|
12
|
-
class VirtualFileSystem {
|
|
13
|
+
class VirtualFileSystem extends EventEmitter {
|
|
13
14
|
mirrorRoot;
|
|
14
15
|
ensureMirrorRoot() {
|
|
15
16
|
fs.mkdirSync(this.mirrorRoot, { recursive: true, mode: 0o755 });
|
|
@@ -75,6 +76,7 @@ class VirtualFileSystem {
|
|
|
75
76
|
* @param baseDir Base directory used to resolve mirror archive location.
|
|
76
77
|
*/
|
|
77
78
|
constructor(baseDir = process.cwd()) {
|
|
79
|
+
super();
|
|
78
80
|
this.mirrorRoot = path.resolve(baseDir, ".vfs", "mirror");
|
|
79
81
|
}
|
|
80
82
|
/**
|
|
@@ -92,6 +94,7 @@ class VirtualFileSystem {
|
|
|
92
94
|
*/
|
|
93
95
|
async flushMirror() {
|
|
94
96
|
this.ensureMirrorRoot();
|
|
97
|
+
this.emit("mirror:flush");
|
|
95
98
|
}
|
|
96
99
|
/**
|
|
97
100
|
* Creates directory and any missing parent directories.
|
|
@@ -106,6 +109,7 @@ class VirtualFileSystem {
|
|
|
106
109
|
throw new Error(`Cannot create directory '${normalizePath(targetPath)}': path is a file.`);
|
|
107
110
|
}
|
|
108
111
|
fs.mkdirSync(fsPath, { recursive: true, mode });
|
|
112
|
+
this.emit("dir:create", { path: normalizePath(targetPath), mode });
|
|
109
113
|
}
|
|
110
114
|
/**
|
|
111
115
|
* Writes UTF-8 text or binary content into file.
|
|
@@ -132,6 +136,7 @@ class VirtualFileSystem {
|
|
|
132
136
|
}
|
|
133
137
|
fs.writeFileSync(fsPath, storedContent);
|
|
134
138
|
fs.chmodSync(fsPath, options.mode ?? 0o644);
|
|
139
|
+
this.emit("file:write", { path: normalized, size: storedContent.length });
|
|
135
140
|
}
|
|
136
141
|
/**
|
|
137
142
|
* Reads file content as UTF-8 text.
|
|
@@ -149,6 +154,8 @@ class VirtualFileSystem {
|
|
|
149
154
|
}
|
|
150
155
|
const stored = fs.readFileSync(fsPath);
|
|
151
156
|
const raw = this.detectGzipFile(fsPath) ? gunzipSync(stored) : stored;
|
|
157
|
+
const normalized = normalizePath(targetPath);
|
|
158
|
+
this.emit("file:read", { path: normalized, size: raw.length });
|
|
152
159
|
return raw.toString("utf8");
|
|
153
160
|
}
|
|
154
161
|
/**
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { EventEmitter } from "node:events";
|
|
1
2
|
import type { CommandContext, CommandResult } from "../types/commands";
|
|
2
3
|
import type { ShellStream } from "../types/streams";
|
|
3
4
|
import VirtualFileSystem from "../VirtualFileSystem";
|
|
@@ -13,7 +14,7 @@ export interface ShellProperties {
|
|
|
13
14
|
* Instances are used both by the SSH server facade and by the programmatic
|
|
14
15
|
* client API.
|
|
15
16
|
*/
|
|
16
|
-
declare class VirtualShell {
|
|
17
|
+
declare class VirtualShell extends EventEmitter {
|
|
17
18
|
basePath: string;
|
|
18
19
|
vfs: VirtualFileSystem;
|
|
19
20
|
users: VirtualUserManager;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualShell/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualShell/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACvE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,iBAAiB,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAG3D,MAAM,WAAW,eAAe;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;CACb;AA8BD;;;;;GAKG;AACH,cAAM,YAAa,SAAQ,YAAY;IACtC,QAAQ,EAAE,MAAM,CAAO;IACvB,GAAG,EAAE,iBAAiB,CAAC;IACvB,KAAK,EAAE,kBAAkB,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,eAAe,CAAC;IAC5B,OAAO,CAAC,WAAW,CAAgB;IAEnC;;;;;;OAMG;gBAEF,QAAQ,EAAE,MAAM,EAChB,UAAU,CAAC,EAAE,eAAe,EAC5B,QAAQ,CAAC,EAAE,MAAM;IAyBlB;;;OAGG;IACU,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAI/C;;;;;;OAMG;IACH,UAAU,CACT,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EAAE,EAChB,QAAQ,EAAE,CAAC,GAAG,EAAE,cAAc,KAAK,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC,GACvE,IAAI;IASP;;;;;;OAMG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI;IAKrE;;;;;;;OAOG;IAEH,uBAAuB,CACtB,MAAM,EAAE,WAAW,EACnB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAAG,IAAI,EACxB,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,GAC1C,IAAI;IAeP;;;;OAIG;IACI,MAAM,IAAI,iBAAiB,GAAG,IAAI;IAIzC;;;;OAIG;IACI,QAAQ,IAAI,kBAAkB,GAAG,IAAI;IAI5C;;;;OAIG;IACI,WAAW,IAAI,MAAM;IAI5B;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,GAAG,MAAM,GACtB,IAAI;CAIP;AAED,OAAO,EAAE,YAAY,EAAE,CAAC"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { randomBytes } from "node:crypto";
|
|
2
|
+
import { EventEmitter } from "node:events";
|
|
2
3
|
import { createCustomCommand, registerCommand, runCommand } from "../commands";
|
|
3
4
|
import VirtualFileSystem from "../VirtualFileSystem";
|
|
4
5
|
import { VirtualUserManager } from "../VirtualUserManager";
|
|
@@ -30,7 +31,7 @@ function resolveAutoSudoForNewUsers() {
|
|
|
30
31
|
* Instances are used both by the SSH server facade and by the programmatic
|
|
31
32
|
* client API.
|
|
32
33
|
*/
|
|
33
|
-
class VirtualShell {
|
|
34
|
+
class VirtualShell extends EventEmitter {
|
|
34
35
|
basePath = ".";
|
|
35
36
|
vfs;
|
|
36
37
|
users;
|
|
@@ -45,6 +46,7 @@ class VirtualShell {
|
|
|
45
46
|
* @param basePath Optional base path for the virtual filesystem (defaults to process.cwd()).
|
|
46
47
|
*/
|
|
47
48
|
constructor(hostname, properties, basePath) {
|
|
49
|
+
super();
|
|
48
50
|
this.hostname = hostname;
|
|
49
51
|
this.properties = properties || defaultShellProperties;
|
|
50
52
|
this.basePath = basePath || ".";
|
|
@@ -57,6 +59,7 @@ class VirtualShell {
|
|
|
57
59
|
this.initialized = (async () => {
|
|
58
60
|
await vfs.restoreMirror();
|
|
59
61
|
await users.initialize();
|
|
62
|
+
this.emit("initialized");
|
|
60
63
|
})();
|
|
61
64
|
}
|
|
62
65
|
/**
|
|
@@ -89,6 +92,7 @@ class VirtualShell {
|
|
|
89
92
|
*/
|
|
90
93
|
executeCommand(rawInput, authUser, cwd) {
|
|
91
94
|
runCommand(rawInput, authUser, this.hostname, "shell", cwd, this);
|
|
95
|
+
this.emit("command", { command: rawInput, user: authUser, cwd });
|
|
92
96
|
}
|
|
93
97
|
/**
|
|
94
98
|
* Starts an interactive session with the shell.
|
|
@@ -100,6 +104,7 @@ class VirtualShell {
|
|
|
100
104
|
*/
|
|
101
105
|
startInteractiveSession(stream, authUser, sessionId, remoteAddress, terminalSize) {
|
|
102
106
|
// Interactive shell logic
|
|
107
|
+
this.emit("session:start", { user: authUser, sessionId, remoteAddress });
|
|
103
108
|
startShell(this.properties, stream, authUser, this.hostname, sessionId, remoteAddress, terminalSize, this);
|
|
104
109
|
}
|
|
105
110
|
/**
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { EventEmitter } from "node:events";
|
|
1
2
|
import type VirtualFileSystem from "../VirtualFileSystem";
|
|
2
3
|
/** Persisted virtual user credential record. */
|
|
3
4
|
export interface VirtualUserRecord {
|
|
@@ -26,7 +27,7 @@ export interface VirtualActiveSession {
|
|
|
26
27
|
*
|
|
27
28
|
* Passwords are hashed with scrypt and stored in the backing virtual filesystem.
|
|
28
29
|
*/
|
|
29
|
-
export declare class VirtualUserManager {
|
|
30
|
+
export declare class VirtualUserManager extends EventEmitter {
|
|
30
31
|
private readonly vfs;
|
|
31
32
|
private readonly defaultRootPassword;
|
|
32
33
|
private readonly autoSudoForNewUsers;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualUserManager/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/VirtualUserManager/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAE3C,OAAO,KAAK,iBAAiB,MAAM,sBAAsB,CAAC;AAE1D,gDAAgD;AAChD,MAAM,WAAW,iBAAiB;IACjC,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,sDAAsD;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,oDAAoD;IACpD,YAAY,EAAE,MAAM,CAAC;CACrB;AAED,2DAA2D;AAC3D,MAAM,WAAW,oBAAoB;IACpC,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC;IACX,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,2CAA2C;IAC3C,GAAG,EAAE,MAAM,CAAC;IACZ,sCAAsC;IACtC,aAAa,EAAE,MAAM,CAAC;IACtB,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;CAClB;AAED;;;;GAIG;AACH,qBAAa,kBAAmB,SAAQ,YAAY;IAmBlD,OAAO,CAAC,QAAQ,CAAC,GAAG;IACpB,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IApBrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAoC;IAC9D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAmC;IAC/D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAkC;IAC7D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA2B;IACvD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAwC;IAC9D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA2C;IAC1E,OAAO,CAAC,OAAO,CAAK;IAEpB;;;;;;OAMG;gBAEe,GAAG,EAAE,iBAAiB,EACtB,mBAAmB,GAAE,MAAe,EACpC,mBAAmB,GAAE,OAAc;IAKrD;;;OAGG;IACU,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAgCxC;;;;;OAKG;IACU,aAAa,CACzB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC;IAchB;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMxD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAIrD;;;;;OAKG;IACI,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAS9C;;;;;;;;OAQG;IACI,sBAAsB,CAC5B,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,GAAG,MAAM,GAC1B,IAAI;IAmCP;;;;;;OAMG;IACI,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IASlE;;;;;OAKG;IACU,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAwBvE;;;;;OAKG;IACU,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAY3E;;;;OAIG;IACU,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAiBxD;;;;;OAKG;IACI,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAI1C;;;;OAIG;IACU,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAUvD;;;;OAIG;IACU,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAU1D;;;;;;OAMG;IACI,eAAe,CACrB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,oBAAoB;IAiBvB;;;;OAIG;IACI,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,IAAI;IAgBpE;;;;;;OAMG;IACI,aAAa,CACnB,SAAS,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACpC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACnB,IAAI;IAiBP;;;;OAIG;IACI,kBAAkB,IAAI,oBAAoB,EAAE;IAMnD,OAAO,CAAC,WAAW;IA4BnB,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,iBAAiB;YAwBX,OAAO;IAmCrB,OAAO,CAAC,YAAY;IASpB,OAAO,CAAC,YAAY;IAIpB,OAAO,CAAC,gBAAgB;IAUxB,OAAO,CAAC,gBAAgB;CAKxB"}
|
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
import { randomBytes, randomUUID, scryptSync } from "node:crypto";
|
|
2
|
+
import { EventEmitter } from "node:events";
|
|
2
3
|
import * as path from "node:path";
|
|
3
4
|
/**
|
|
4
5
|
* Persistent user, sudoers, and active-session manager for the shell runtime.
|
|
5
6
|
*
|
|
6
7
|
* Passwords are hashed with scrypt and stored in the backing virtual filesystem.
|
|
7
8
|
*/
|
|
8
|
-
export class VirtualUserManager {
|
|
9
|
+
export class VirtualUserManager extends EventEmitter {
|
|
9
10
|
vfs;
|
|
10
11
|
defaultRootPassword;
|
|
11
12
|
autoSudoForNewUsers;
|
|
@@ -26,6 +27,7 @@ export class VirtualUserManager {
|
|
|
26
27
|
* @param autoSudoForNewUsers Whether newly created users are added to sudoers.
|
|
27
28
|
*/
|
|
28
29
|
constructor(vfs, defaultRootPassword = "root", autoSudoForNewUsers = true) {
|
|
30
|
+
super();
|
|
29
31
|
this.vfs = vfs;
|
|
30
32
|
this.defaultRootPassword = defaultRootPassword;
|
|
31
33
|
this.autoSudoForNewUsers = autoSudoForNewUsers;
|
|
@@ -55,6 +57,7 @@ export class VirtualUserManager {
|
|
|
55
57
|
}
|
|
56
58
|
}
|
|
57
59
|
await this.persist();
|
|
60
|
+
this.emit("initialized");
|
|
58
61
|
}
|
|
59
62
|
/**
|
|
60
63
|
* Sets max allowed bytes under /home/<username>.
|
|
@@ -177,6 +180,7 @@ export class VirtualUserManager {
|
|
|
177
180
|
this.vfs.writeFile(`${homePath}/README.txt`, `Welcome to the virtual environment, ${username}`);
|
|
178
181
|
}
|
|
179
182
|
await this.persist();
|
|
183
|
+
this.emit("user:add", { username });
|
|
180
184
|
}
|
|
181
185
|
/**
|
|
182
186
|
* Updates password for an existing user account.
|
|
@@ -207,6 +211,7 @@ export class VirtualUserManager {
|
|
|
207
211
|
throw new Error(`deluser: user '${username}' does not exist`);
|
|
208
212
|
}
|
|
209
213
|
this.sudoers.delete(username);
|
|
214
|
+
this.emit("user:delete", { username });
|
|
210
215
|
await this.persist();
|
|
211
216
|
}
|
|
212
217
|
/**
|
|
@@ -260,6 +265,11 @@ export class VirtualUserManager {
|
|
|
260
265
|
startedAt: new Date().toISOString(),
|
|
261
266
|
};
|
|
262
267
|
this.activeSessions.set(session.id, session);
|
|
268
|
+
this.emit("session:register", {
|
|
269
|
+
sessionId: session.id,
|
|
270
|
+
username,
|
|
271
|
+
remoteAddress,
|
|
272
|
+
});
|
|
263
273
|
return session;
|
|
264
274
|
}
|
|
265
275
|
/**
|
|
@@ -271,6 +281,14 @@ export class VirtualUserManager {
|
|
|
271
281
|
if (!sessionId) {
|
|
272
282
|
return;
|
|
273
283
|
}
|
|
284
|
+
const session = this.activeSessions.get(sessionId);
|
|
285
|
+
this.activeSessions.delete(sessionId);
|
|
286
|
+
if (session) {
|
|
287
|
+
this.emit("session:unregister", {
|
|
288
|
+
sessionId,
|
|
289
|
+
username: session.username,
|
|
290
|
+
});
|
|
291
|
+
}
|
|
274
292
|
this.activeSessions.delete(sessionId);
|
|
275
293
|
}
|
|
276
294
|
/**
|
|
@@ -0,0 +1,132 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Honeypot tracking and auditing module for virtual shell events.
|
|
3
|
+
*
|
|
4
|
+
* Attaches listeners to VirtualShell, VirtualFileSystem, VirtualUserManager,
|
|
5
|
+
* SshMimic, and SftpMimic instances to log all activity for security auditing,
|
|
6
|
+
* anomaly detection, and forensic analysis.
|
|
7
|
+
*
|
|
8
|
+
* @module honeypot
|
|
9
|
+
*/
|
|
10
|
+
import type { VirtualShell } from "./VirtualShell";
|
|
11
|
+
import type VirtualFileSystem from "./VirtualFileSystem";
|
|
12
|
+
import type { VirtualUserManager } from "./VirtualUserManager";
|
|
13
|
+
import type { SshMimic } from "./SSHMimic";
|
|
14
|
+
import type { SftpMimic } from "./SSHMimic/sftp";
|
|
15
|
+
/**
|
|
16
|
+
* Audit log entry recorded for each event.
|
|
17
|
+
*/
|
|
18
|
+
export interface AuditLogEntry {
|
|
19
|
+
timestamp: string;
|
|
20
|
+
type: string;
|
|
21
|
+
source: string;
|
|
22
|
+
details: Record<string, unknown>;
|
|
23
|
+
}
|
|
24
|
+
/**
|
|
25
|
+
* Statistics tracker for honeypot activity.
|
|
26
|
+
*/
|
|
27
|
+
export interface HoneyPotStats {
|
|
28
|
+
authAttempts: number;
|
|
29
|
+
authSuccesses: number;
|
|
30
|
+
authFailures: number;
|
|
31
|
+
commands: number;
|
|
32
|
+
fileWrites: number;
|
|
33
|
+
fileReads: number;
|
|
34
|
+
sessionStarts: number;
|
|
35
|
+
sessionEnds: number;
|
|
36
|
+
userCreated: number;
|
|
37
|
+
userDeleted: number;
|
|
38
|
+
clientConnects: number;
|
|
39
|
+
clientDisconnects: number;
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* HoneyPot audit and event tracking utility.
|
|
43
|
+
*
|
|
44
|
+
* Singleton-like helper that attaches listeners to virtual shell components
|
|
45
|
+
* and maintains an audit log of all activity.
|
|
46
|
+
*/
|
|
47
|
+
export declare class HoneyPot {
|
|
48
|
+
private auditLog;
|
|
49
|
+
private stats;
|
|
50
|
+
private maxLogSize;
|
|
51
|
+
/**
|
|
52
|
+
* Creates a new HoneyPot instance.
|
|
53
|
+
*
|
|
54
|
+
* @param maxLogSize Maximum audit log entries to retain (default: 10000).
|
|
55
|
+
*/
|
|
56
|
+
constructor(maxLogSize?: number);
|
|
57
|
+
/**
|
|
58
|
+
* Attaches honeypot listeners to all provided event emitters.
|
|
59
|
+
*
|
|
60
|
+
* @param shell VirtualShell instance.
|
|
61
|
+
* @param vfs VirtualFileSystem instance.
|
|
62
|
+
* @param users VirtualUserManager instance.
|
|
63
|
+
* @param ssh SshMimic instance (optional).
|
|
64
|
+
* @param sftp SftpMimic instance (optional).
|
|
65
|
+
*/
|
|
66
|
+
attach(shell: VirtualShell, vfs: VirtualFileSystem, users: VirtualUserManager, ssh?: SshMimic, sftp?: SftpMimic): void;
|
|
67
|
+
/**
|
|
68
|
+
* Attaches to VirtualShell events.
|
|
69
|
+
*/
|
|
70
|
+
private attachVirtualShell;
|
|
71
|
+
/**
|
|
72
|
+
* Attaches to VirtualFileSystem events.
|
|
73
|
+
*/
|
|
74
|
+
private attachVirtualFileSystem;
|
|
75
|
+
/**
|
|
76
|
+
* Attaches to VirtualUserManager events.
|
|
77
|
+
*/
|
|
78
|
+
private attachVirtualUserManager;
|
|
79
|
+
/**
|
|
80
|
+
* Attaches to SshMimic events.
|
|
81
|
+
*/
|
|
82
|
+
private attachSshMimic;
|
|
83
|
+
/**
|
|
84
|
+
* Attaches to SftpMimic events.
|
|
85
|
+
*/
|
|
86
|
+
private attachSftpMimic;
|
|
87
|
+
/**
|
|
88
|
+
* Records an audit log entry.
|
|
89
|
+
*
|
|
90
|
+
* @param source Event source (e.g., "SshMimic", "VirtualFileSystem").
|
|
91
|
+
* @param type Event type.
|
|
92
|
+
* @param details Event-specific data.
|
|
93
|
+
*/
|
|
94
|
+
private log;
|
|
95
|
+
/**
|
|
96
|
+
* Returns audit log entries matching optional filters.
|
|
97
|
+
*
|
|
98
|
+
* @param type Optional event type filter.
|
|
99
|
+
* @param source Optional source filter.
|
|
100
|
+
* @returns Filtered audit log entries.
|
|
101
|
+
*/
|
|
102
|
+
getAuditLog(type?: string, source?: string): AuditLogEntry[];
|
|
103
|
+
/**
|
|
104
|
+
* Returns current activity statistics.
|
|
105
|
+
*
|
|
106
|
+
* @returns Snapshot of honeypot stats.
|
|
107
|
+
*/
|
|
108
|
+
getStats(): Readonly<HoneyPotStats>;
|
|
109
|
+
/**
|
|
110
|
+
* Clears audit log and resets statistics.
|
|
111
|
+
*/
|
|
112
|
+
reset(): void;
|
|
113
|
+
/**
|
|
114
|
+
* Returns recent log entries in reverse chronological order.
|
|
115
|
+
*
|
|
116
|
+
* @param limit Number of recent entries to return (default: 100).
|
|
117
|
+
* @returns Recent audit log entries.
|
|
118
|
+
*/
|
|
119
|
+
getRecent(limit?: number): AuditLogEntry[];
|
|
120
|
+
/**
|
|
121
|
+
* Detects potential security issues based on activity patterns.
|
|
122
|
+
*
|
|
123
|
+
* @returns Array of anomalies detected.
|
|
124
|
+
*/
|
|
125
|
+
detectAnomalies(): Array<{
|
|
126
|
+
type: string;
|
|
127
|
+
severity: "low" | "medium" | "high";
|
|
128
|
+
message: string;
|
|
129
|
+
}>;
|
|
130
|
+
}
|
|
131
|
+
export default HoneyPot;
|
|
132
|
+
//# sourceMappingURL=honeypot.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"honeypot.d.ts","sourceRoot":"","sources":["../src/honeypot.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AACnD,OAAO,KAAK,iBAAiB,MAAM,qBAAqB,CAAC;AACzD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC/D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAC3C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAEjD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,EAAE,MAAM,CAAC;CAC1B;AAED;;;;;GAKG;AACH,qBAAa,QAAQ;IACpB,OAAO,CAAC,QAAQ,CAAuB;IACvC,OAAO,CAAC,KAAK,CAaX;IAEF,OAAO,CAAC,UAAU,CAAS;IAE3B;;;;OAIG;gBACS,UAAU,GAAE,MAAc;IAItC;;;;;;;;OAQG;IACI,MAAM,CACZ,KAAK,EAAE,YAAY,EACnB,GAAG,EAAE,iBAAiB,EACtB,KAAK,EAAE,kBAAkB,EACzB,GAAG,CAAC,EAAE,QAAQ,EACd,IAAI,CAAC,EAAE,SAAS,GACd,IAAI;IAYP;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAmB1B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAoB/B;;OAEG;IACH,OAAO,CAAC,wBAAwB;IAkChC;;OAEG;IACH,OAAO,CAAC,cAAc;IAyCtB;;OAEG;IACH,OAAO,CAAC,eAAe;IAyCvB;;;;;;OAMG;IACH,OAAO,CAAC,GAAG;IAuBX;;;;;;OAMG;IACI,WAAW,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,aAAa,EAAE;IAOnE;;;;OAIG;IACI,QAAQ,IAAI,QAAQ,CAAC,aAAa,CAAC;IAI1C;;OAEG;IACI,KAAK,IAAI,IAAI;IAkBpB;;;;;OAKG;IACI,SAAS,CAAC,KAAK,GAAE,MAAY,GAAG,aAAa,EAAE;IAItD;;;;OAIG;IACI,eAAe,IAAI,KAAK,CAAC;QAC/B,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;QACpC,OAAO,EAAE,MAAM,CAAC;KAChB,CAAC;CAkDF;AAED,eAAe,QAAQ,CAAC"}
|
package/dist/honeypot.js
ADDED
|
@@ -0,0 +1,289 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Honeypot tracking and auditing module for virtual shell events.
|
|
3
|
+
*
|
|
4
|
+
* Attaches listeners to VirtualShell, VirtualFileSystem, VirtualUserManager,
|
|
5
|
+
* SshMimic, and SftpMimic instances to log all activity for security auditing,
|
|
6
|
+
* anomaly detection, and forensic analysis.
|
|
7
|
+
*
|
|
8
|
+
* @module honeypot
|
|
9
|
+
*/
|
|
10
|
+
/**
|
|
11
|
+
* HoneyPot audit and event tracking utility.
|
|
12
|
+
*
|
|
13
|
+
* Singleton-like helper that attaches listeners to virtual shell components
|
|
14
|
+
* and maintains an audit log of all activity.
|
|
15
|
+
*/
|
|
16
|
+
export class HoneyPot {
|
|
17
|
+
auditLog = [];
|
|
18
|
+
stats = {
|
|
19
|
+
authAttempts: 0,
|
|
20
|
+
authSuccesses: 0,
|
|
21
|
+
authFailures: 0,
|
|
22
|
+
commands: 0,
|
|
23
|
+
fileWrites: 0,
|
|
24
|
+
fileReads: 0,
|
|
25
|
+
sessionStarts: 0,
|
|
26
|
+
sessionEnds: 0,
|
|
27
|
+
userCreated: 0,
|
|
28
|
+
userDeleted: 0,
|
|
29
|
+
clientConnects: 0,
|
|
30
|
+
clientDisconnects: 0,
|
|
31
|
+
};
|
|
32
|
+
maxLogSize;
|
|
33
|
+
/**
|
|
34
|
+
* Creates a new HoneyPot instance.
|
|
35
|
+
*
|
|
36
|
+
* @param maxLogSize Maximum audit log entries to retain (default: 10000).
|
|
37
|
+
*/
|
|
38
|
+
constructor(maxLogSize = 10000) {
|
|
39
|
+
this.maxLogSize = maxLogSize;
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Attaches honeypot listeners to all provided event emitters.
|
|
43
|
+
*
|
|
44
|
+
* @param shell VirtualShell instance.
|
|
45
|
+
* @param vfs VirtualFileSystem instance.
|
|
46
|
+
* @param users VirtualUserManager instance.
|
|
47
|
+
* @param ssh SshMimic instance (optional).
|
|
48
|
+
* @param sftp SftpMimic instance (optional).
|
|
49
|
+
*/
|
|
50
|
+
attach(shell, vfs, users, ssh, sftp) {
|
|
51
|
+
this.attachVirtualShell(shell);
|
|
52
|
+
this.attachVirtualFileSystem(vfs);
|
|
53
|
+
this.attachVirtualUserManager(users);
|
|
54
|
+
if (ssh) {
|
|
55
|
+
this.attachSshMimic(ssh);
|
|
56
|
+
}
|
|
57
|
+
if (sftp) {
|
|
58
|
+
this.attachSftpMimic(sftp);
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
/**
|
|
62
|
+
* Attaches to VirtualShell events.
|
|
63
|
+
*/
|
|
64
|
+
attachVirtualShell(shell) {
|
|
65
|
+
shell.on("initialized", () => {
|
|
66
|
+
this.log("VirtualShell", "initialized", {});
|
|
67
|
+
});
|
|
68
|
+
shell.on("command", (data) => {
|
|
69
|
+
this.stats.commands++;
|
|
70
|
+
this.log("VirtualShell", "command", data);
|
|
71
|
+
});
|
|
72
|
+
shell.on("session:start", (data) => {
|
|
73
|
+
this.stats.sessionStarts++;
|
|
74
|
+
this.log("VirtualShell", "session:start", data);
|
|
75
|
+
});
|
|
76
|
+
}
|
|
77
|
+
/**
|
|
78
|
+
* Attaches to VirtualFileSystem events.
|
|
79
|
+
*/
|
|
80
|
+
attachVirtualFileSystem(vfs) {
|
|
81
|
+
vfs.on("file:read", (data) => {
|
|
82
|
+
this.stats.fileReads++;
|
|
83
|
+
this.log("VirtualFileSystem", "file:read", data);
|
|
84
|
+
});
|
|
85
|
+
vfs.on("file:write", (data) => {
|
|
86
|
+
this.stats.fileWrites++;
|
|
87
|
+
this.log("VirtualFileSystem", "file:write", data);
|
|
88
|
+
});
|
|
89
|
+
vfs.on("dir:create", (data) => {
|
|
90
|
+
this.log("VirtualFileSystem", "dir:create", data);
|
|
91
|
+
});
|
|
92
|
+
vfs.on("mirror:flush", () => {
|
|
93
|
+
this.log("VirtualFileSystem", "mirror:flush", {});
|
|
94
|
+
});
|
|
95
|
+
}
|
|
96
|
+
/**
|
|
97
|
+
* Attaches to VirtualUserManager events.
|
|
98
|
+
*/
|
|
99
|
+
attachVirtualUserManager(users) {
|
|
100
|
+
users.on("initialized", () => {
|
|
101
|
+
this.log("VirtualUserManager", "initialized", {});
|
|
102
|
+
});
|
|
103
|
+
users.on("user:add", (data) => {
|
|
104
|
+
this.stats.userCreated++;
|
|
105
|
+
this.log("VirtualUserManager", "user:add", data);
|
|
106
|
+
});
|
|
107
|
+
users.on("user:delete", (data) => {
|
|
108
|
+
this.stats.userDeleted++;
|
|
109
|
+
this.log("VirtualUserManager", "user:delete", data);
|
|
110
|
+
});
|
|
111
|
+
users.on("session:register", (data) => {
|
|
112
|
+
this.log("VirtualUserManager", "session:register", data);
|
|
113
|
+
});
|
|
114
|
+
users.on("session:unregister", (data) => {
|
|
115
|
+
this.stats.sessionEnds++;
|
|
116
|
+
this.log("VirtualUserManager", "session:unregister", data);
|
|
117
|
+
});
|
|
118
|
+
}
|
|
119
|
+
/**
|
|
120
|
+
* Attaches to SshMimic events.
|
|
121
|
+
*/
|
|
122
|
+
attachSshMimic(ssh) {
|
|
123
|
+
ssh.on("start", (data) => {
|
|
124
|
+
this.log("SshMimic", "start", data);
|
|
125
|
+
});
|
|
126
|
+
ssh.on("stop", () => {
|
|
127
|
+
this.log("SshMimic", "stop", {});
|
|
128
|
+
});
|
|
129
|
+
ssh.on("auth:success", (data) => {
|
|
130
|
+
this.stats.authAttempts++;
|
|
131
|
+
this.stats.authSuccesses++;
|
|
132
|
+
this.log("SshMimic", "auth:success", data);
|
|
133
|
+
});
|
|
134
|
+
ssh.on("auth:failure", (data) => {
|
|
135
|
+
this.stats.authAttempts++;
|
|
136
|
+
this.stats.authFailures++;
|
|
137
|
+
this.log("SshMimic", "auth:failure", data);
|
|
138
|
+
});
|
|
139
|
+
ssh.on("client:connect", () => {
|
|
140
|
+
this.stats.clientConnects++;
|
|
141
|
+
this.log("SshMimic", "client:connect", {});
|
|
142
|
+
});
|
|
143
|
+
ssh.on("client:disconnect", (data) => {
|
|
144
|
+
this.stats.clientDisconnects++;
|
|
145
|
+
this.log("SshMimic", "client:disconnect", data);
|
|
146
|
+
});
|
|
147
|
+
}
|
|
148
|
+
/**
|
|
149
|
+
* Attaches to SftpMimic events.
|
|
150
|
+
*/
|
|
151
|
+
attachSftpMimic(sftp) {
|
|
152
|
+
sftp.on("start", (data) => {
|
|
153
|
+
this.log("SftpMimic", "start", data);
|
|
154
|
+
});
|
|
155
|
+
sftp.on("stop", () => {
|
|
156
|
+
this.log("SftpMimic", "stop", {});
|
|
157
|
+
});
|
|
158
|
+
sftp.on("auth:success", (data) => {
|
|
159
|
+
this.stats.authAttempts++;
|
|
160
|
+
this.stats.authSuccesses++;
|
|
161
|
+
this.log("SftpMimic", "auth:success", data);
|
|
162
|
+
});
|
|
163
|
+
sftp.on("auth:failure", (data) => {
|
|
164
|
+
this.stats.authAttempts++;
|
|
165
|
+
this.stats.authFailures++;
|
|
166
|
+
this.log("SftpMimic", "auth:failure", data);
|
|
167
|
+
});
|
|
168
|
+
sftp.on("client:connect", () => {
|
|
169
|
+
this.stats.clientConnects++;
|
|
170
|
+
this.log("SftpMimic", "client:connect", {});
|
|
171
|
+
});
|
|
172
|
+
sftp.on("client:disconnect", (data) => {
|
|
173
|
+
this.stats.clientDisconnects++;
|
|
174
|
+
this.log("SftpMimic", "client:disconnect", data);
|
|
175
|
+
});
|
|
176
|
+
}
|
|
177
|
+
/**
|
|
178
|
+
* Records an audit log entry.
|
|
179
|
+
*
|
|
180
|
+
* @param source Event source (e.g., "SshMimic", "VirtualFileSystem").
|
|
181
|
+
* @param type Event type.
|
|
182
|
+
* @param details Event-specific data.
|
|
183
|
+
*/
|
|
184
|
+
log(source, type, details) {
|
|
185
|
+
const entry = {
|
|
186
|
+
timestamp: new Date().toISOString(),
|
|
187
|
+
type,
|
|
188
|
+
source,
|
|
189
|
+
details,
|
|
190
|
+
};
|
|
191
|
+
this.auditLog.push(entry);
|
|
192
|
+
// Trim log if exceeds max size
|
|
193
|
+
if (this.auditLog.length > this.maxLogSize) {
|
|
194
|
+
this.auditLog = this.auditLog.slice(-this.maxLogSize);
|
|
195
|
+
}
|
|
196
|
+
// Console output for real-time monitoring
|
|
197
|
+
console.log(`[AUDIT] ${entry.timestamp} | ${source} | ${type}`, details);
|
|
198
|
+
}
|
|
199
|
+
/**
|
|
200
|
+
* Returns audit log entries matching optional filters.
|
|
201
|
+
*
|
|
202
|
+
* @param type Optional event type filter.
|
|
203
|
+
* @param source Optional source filter.
|
|
204
|
+
* @returns Filtered audit log entries.
|
|
205
|
+
*/
|
|
206
|
+
getAuditLog(type, source) {
|
|
207
|
+
return this.auditLog.filter((entry) => (!type || entry.type === type) && (!source || entry.source === source));
|
|
208
|
+
}
|
|
209
|
+
/**
|
|
210
|
+
* Returns current activity statistics.
|
|
211
|
+
*
|
|
212
|
+
* @returns Snapshot of honeypot stats.
|
|
213
|
+
*/
|
|
214
|
+
getStats() {
|
|
215
|
+
return Object.freeze({ ...this.stats });
|
|
216
|
+
}
|
|
217
|
+
/**
|
|
218
|
+
* Clears audit log and resets statistics.
|
|
219
|
+
*/
|
|
220
|
+
reset() {
|
|
221
|
+
this.auditLog = [];
|
|
222
|
+
this.stats = {
|
|
223
|
+
authAttempts: 0,
|
|
224
|
+
authSuccesses: 0,
|
|
225
|
+
authFailures: 0,
|
|
226
|
+
commands: 0,
|
|
227
|
+
fileWrites: 0,
|
|
228
|
+
fileReads: 0,
|
|
229
|
+
sessionStarts: 0,
|
|
230
|
+
sessionEnds: 0,
|
|
231
|
+
userCreated: 0,
|
|
232
|
+
userDeleted: 0,
|
|
233
|
+
clientConnects: 0,
|
|
234
|
+
clientDisconnects: 0,
|
|
235
|
+
};
|
|
236
|
+
}
|
|
237
|
+
/**
|
|
238
|
+
* Returns recent log entries in reverse chronological order.
|
|
239
|
+
*
|
|
240
|
+
* @param limit Number of recent entries to return (default: 100).
|
|
241
|
+
* @returns Recent audit log entries.
|
|
242
|
+
*/
|
|
243
|
+
getRecent(limit = 100) {
|
|
244
|
+
return this.auditLog.slice(Math.max(0, this.auditLog.length - limit));
|
|
245
|
+
}
|
|
246
|
+
/**
|
|
247
|
+
* Detects potential security issues based on activity patterns.
|
|
248
|
+
*
|
|
249
|
+
* @returns Array of anomalies detected.
|
|
250
|
+
*/
|
|
251
|
+
detectAnomalies() {
|
|
252
|
+
const anomalies = [];
|
|
253
|
+
// High auth failure rate
|
|
254
|
+
if (this.stats.authAttempts > 0 &&
|
|
255
|
+
this.stats.authFailures / this.stats.authAttempts > 0.5) {
|
|
256
|
+
anomalies.push({
|
|
257
|
+
type: "high_auth_failure_rate",
|
|
258
|
+
severity: "medium",
|
|
259
|
+
message: `Auth failure rate: ${((this.stats.authFailures / this.stats.authAttempts) * 100).toFixed(1)}%`,
|
|
260
|
+
});
|
|
261
|
+
}
|
|
262
|
+
// Excessive auth failures in short time
|
|
263
|
+
if (this.stats.authFailures > 10) {
|
|
264
|
+
anomalies.push({
|
|
265
|
+
type: "excessive_auth_failures",
|
|
266
|
+
severity: "high",
|
|
267
|
+
message: `${this.stats.authFailures} authentication failures detected`,
|
|
268
|
+
});
|
|
269
|
+
}
|
|
270
|
+
// Unusual command execution volume
|
|
271
|
+
if (this.stats.commands > 1000) {
|
|
272
|
+
anomalies.push({
|
|
273
|
+
type: "high_command_volume",
|
|
274
|
+
severity: "low",
|
|
275
|
+
message: `${this.stats.commands} commands executed`,
|
|
276
|
+
});
|
|
277
|
+
}
|
|
278
|
+
// Unusual file write volume
|
|
279
|
+
if (this.stats.fileWrites > 500) {
|
|
280
|
+
anomalies.push({
|
|
281
|
+
type: "high_write_volume",
|
|
282
|
+
severity: "medium",
|
|
283
|
+
message: `${this.stats.fileWrites} file write operations`,
|
|
284
|
+
});
|
|
285
|
+
}
|
|
286
|
+
return anomalies;
|
|
287
|
+
}
|
|
288
|
+
}
|
|
289
|
+
export default HoneyPot;
|
package/dist/index.d.ts
CHANGED
|
@@ -1,11 +1,13 @@
|
|
|
1
|
+
import { HoneyPot } from "./Honeypot";
|
|
1
2
|
import { SshClient } from "./SSHClient";
|
|
2
3
|
import { SftpMimic, SshMimic } from "./SSHMimic/index";
|
|
3
4
|
import VirtualFileSystem from "./VirtualFileSystem";
|
|
4
5
|
import { VirtualShell } from "./VirtualShell";
|
|
5
6
|
import { VirtualUserManager } from "./VirtualUserManager";
|
|
7
|
+
export type { AuditLogEntry, HoneyPotStats, } from "./Honeypot";
|
|
6
8
|
export type { CommandContext, CommandMode, CommandOutcome, CommandResult, NanoEditorSession, ShellModule, SudoChallenge, } from "./types/commands";
|
|
7
9
|
export type { ExecStream, ShellStream } from "./types/streams";
|
|
8
10
|
export type { RemoveOptions, VfsBaseNode, VfsDirectoryNode, VfsFileNode, VfsNodeStats, VfsNodeType, VfsSnapshot, VfsSnapshotBaseNode, VfsSnapshotDirectoryNode, VfsSnapshotFileNode, VfsSnapshotNode, WriteFileOptions, } from "./types/vfs";
|
|
9
|
-
export { SshClient, VirtualFileSystem, SftpMimic as VirtualSftpServer, VirtualShell, SshMimic as VirtualSshServer, VirtualUserManager, };
|
|
11
|
+
export { HoneyPot, SshClient, VirtualFileSystem, SftpMimic as VirtualSftpServer, VirtualShell, SshMimic as VirtualSshServer, VirtualUserManager, };
|
|
10
12
|
export { getArg, getFlag, ifFlag, } from "./commands/command-helpers";
|
|
11
13
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,iBAAiB,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAE1D,YAAY,EACX,cAAc,EACd,WAAW,EACX,cAAc,EACd,aAAa,EACb,iBAAiB,EACjB,WAAW,EACX,aAAa,GACb,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC/D,YAAY,EACX,aAAa,EACb,WAAW,EACX,gBAAgB,EAChB,WAAW,EACX,YAAY,EACZ,WAAW,EACX,WAAW,EACX,mBAAmB,EACnB,wBAAwB,EACxB,mBAAmB,EACnB,eAAe,EACf,gBAAgB,GAChB,MAAM,aAAa,CAAC;AAErB,OAAO,EACN,SAAS,EACT,iBAAiB,EACjB,SAAS,IAAI,iBAAiB,EAC9B,YAAY,EACZ,QAAQ,IAAI,gBAAgB,EAC5B,kBAAkB,GAClB,CAAC;AAEF,OAAO,EACN,MAAM,EACN,OAAO,EACP,MAAM,GACN,MAAM,4BAA4B,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,iBAAiB,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAE1D,YAAY,EACX,aAAa,EACb,aAAa,GACb,MAAM,YAAY,CAAC;AACpB,YAAY,EACX,cAAc,EACd,WAAW,EACX,cAAc,EACd,aAAa,EACb,iBAAiB,EACjB,WAAW,EACX,aAAa,GACb,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC/D,YAAY,EACX,aAAa,EACb,WAAW,EACX,gBAAgB,EAChB,WAAW,EACX,YAAY,EACZ,WAAW,EACX,WAAW,EACX,mBAAmB,EACnB,wBAAwB,EACxB,mBAAmB,EACnB,eAAe,EACf,gBAAgB,GAChB,MAAM,aAAa,CAAC;AAErB,OAAO,EACN,QAAQ,EACR,SAAS,EACT,iBAAiB,EACjB,SAAS,IAAI,iBAAiB,EAC9B,YAAY,EACZ,QAAQ,IAAI,gBAAgB,EAC5B,kBAAkB,GAClB,CAAC;AAEF,OAAO,EACN,MAAM,EACN,OAAO,EACP,MAAM,GACN,MAAM,4BAA4B,CAAC"}
|