typescript-virtual-container 1.2.0 → 1.2.2

package/dist/honeypot.js

@@ -1,289 +0,0 @@
-/**
- * Honeypot tracking and auditing module for virtual shell events.
- *
- * Attaches listeners to VirtualShell, VirtualFileSystem, VirtualUserManager,
- * SshMimic, and SftpMimic instances to log all activity for security auditing,
- * anomaly detection, and forensic analysis.
- *
- * @module honeypot
- */
-/**
- * HoneyPot audit and event tracking utility.
- *
- * Singleton-like helper that attaches listeners to virtual shell components
- * and maintains an audit log of all activity.
- */
-export class HoneyPot {
-    auditLog = [];
-    stats = {
-        authAttempts: 0,
-        authSuccesses: 0,
-        authFailures: 0,
-        commands: 0,
-        fileWrites: 0,
-        fileReads: 0,
-        sessionStarts: 0,
-        sessionEnds: 0,
-        userCreated: 0,
-        userDeleted: 0,
-        clientConnects: 0,
-        clientDisconnects: 0,
-    };
-    maxLogSize;
-    /**
-     * Creates a new HoneyPot instance.
-     *
-     * @param maxLogSize Maximum audit log entries to retain (default: 10000).
-     */
-    constructor(maxLogSize = 10000) {
-        this.maxLogSize = maxLogSize;
-    }
-    /**
-     * Attaches honeypot listeners to all provided event emitters.
-     *
-     * @param shell VirtualShell instance.
-     * @param vfs VirtualFileSystem instance.
-     * @param users VirtualUserManager instance.
-     * @param ssh SshMimic instance (optional).
-     * @param sftp SftpMimic instance (optional).
-     */
-    attach(shell, vfs, users, ssh, sftp) {
-        this.attachVirtualShell(shell);
-        this.attachVirtualFileSystem(vfs);
-        this.attachVirtualUserManager(users);
-        if (ssh) {
-            this.attachSshMimic(ssh);
-        }
-        if (sftp) {
-            this.attachSftpMimic(sftp);
-        }
-    }
-    /**
-     * Attaches to VirtualShell events.
-     */
-    attachVirtualShell(shell) {
-        shell.on("initialized", () => {
-            this.log("VirtualShell", "initialized", {});
-        });
-        shell.on("command", (data) => {
-            this.stats.commands++;
-            this.log("VirtualShell", "command", data);
-        });
-        shell.on("session:start", (data) => {
-            this.stats.sessionStarts++;
-            this.log("VirtualShell", "session:start", data);
-        });
-    }
-    /**
-     * Attaches to VirtualFileSystem events.
-     */
-    attachVirtualFileSystem(vfs) {
-        vfs.on("file:read", (data) => {
-            this.stats.fileReads++;
-            this.log("VirtualFileSystem", "file:read", data);
-        });
-        vfs.on("file:write", (data) => {
-            this.stats.fileWrites++;
-            this.log("VirtualFileSystem", "file:write", data);
-        });
-        vfs.on("dir:create", (data) => {
-            this.log("VirtualFileSystem", "dir:create", data);
-        });
-        vfs.on("mirror:flush", () => {
-            this.log("VirtualFileSystem", "mirror:flush", {});
-        });
-    }
-    /**
-     * Attaches to VirtualUserManager events.
-     */
-    attachVirtualUserManager(users) {
-        users.on("initialized", () => {
-            this.log("VirtualUserManager", "initialized", {});
-        });
-        users.on("user:add", (data) => {
-            this.stats.userCreated++;
-            this.log("VirtualUserManager", "user:add", data);
-        });
-        users.on("user:delete", (data) => {
-            this.stats.userDeleted++;
-            this.log("VirtualUserManager", "user:delete", data);
-        });
-        users.on("session:register", (data) => {
-            this.log("VirtualUserManager", "session:register", data);
-        });
-        users.on("session:unregister", (data) => {
-            this.stats.sessionEnds++;
-            this.log("VirtualUserManager", "session:unregister", data);
-        });
-    }
-    /**
-     * Attaches to SshMimic events.
-     */
-    attachSshMimic(ssh) {
-        ssh.on("start", (data) => {
-            this.log("SshMimic", "start", data);
-        });
-        ssh.on("stop", () => {
-            this.log("SshMimic", "stop", {});
-        });
-        ssh.on("auth:success", (data) => {
-            this.stats.authAttempts++;
-            this.stats.authSuccesses++;
-            this.log("SshMimic", "auth:success", data);
-        });
-        ssh.on("auth:failure", (data) => {
-            this.stats.authAttempts++;
-            this.stats.authFailures++;
-            this.log("SshMimic", "auth:failure", data);
-        });
-        ssh.on("client:connect", () => {
-            this.stats.clientConnects++;
-            this.log("SshMimic", "client:connect", {});
-        });
-        ssh.on("client:disconnect", (data) => {
-            this.stats.clientDisconnects++;
-            this.log("SshMimic", "client:disconnect", data);
-        });
-    }
-    /**
-     * Attaches to SftpMimic events.
-     */
-    attachSftpMimic(sftp) {
-        sftp.on("start", (data) => {
-            this.log("SftpMimic", "start", data);
-        });
-        sftp.on("stop", () => {
-            this.log("SftpMimic", "stop", {});
-        });
-        sftp.on("auth:success", (data) => {
-            this.stats.authAttempts++;
-            this.stats.authSuccesses++;
-            this.log("SftpMimic", "auth:success", data);
-        });
-        sftp.on("auth:failure", (data) => {
-            this.stats.authAttempts++;
-            this.stats.authFailures++;
-            this.log("SftpMimic", "auth:failure", data);
-        });
-        sftp.on("client:connect", () => {
-            this.stats.clientConnects++;
-            this.log("SftpMimic", "client:connect", {});
-        });
-        sftp.on("client:disconnect", (data) => {
-            this.stats.clientDisconnects++;
-            this.log("SftpMimic", "client:disconnect", data);
-        });
-    }
-    /**
-     * Records an audit log entry.
-     *
-     * @param source Event source (e.g., "SshMimic", "VirtualFileSystem").
-     * @param type Event type.
-     * @param details Event-specific data.
-     */
-    log(source, type, details) {
-        const entry = {
-            timestamp: new Date().toISOString(),
-            type,
-            source,
-            details,
-        };
-        this.auditLog.push(entry);
-        // Trim log if exceeds max size
-        if (this.auditLog.length > this.maxLogSize) {
-            this.auditLog = this.auditLog.slice(-this.maxLogSize);
-        }
-        // Console output for real-time monitoring
-        console.log(`[AUDIT] ${entry.timestamp} | ${source} | ${type}`, details);
-    }
-    /**
-     * Returns audit log entries matching optional filters.
-     *
-     * @param type Optional event type filter.
-     * @param source Optional source filter.
-     * @returns Filtered audit log entries.
-     */
-    getAuditLog(type, source) {
-        return this.auditLog.filter((entry) => (!type || entry.type === type) && (!source || entry.source === source));
-    }
-    /**
-     * Returns current activity statistics.
-     *
-     * @returns Snapshot of honeypot stats.
-     */
-    getStats() {
-        return Object.freeze({ ...this.stats });
-    }
-    /**
-     * Clears audit log and resets statistics.
-     */
-    reset() {
-        this.auditLog = [];
-        this.stats = {
-            authAttempts: 0,
-            authSuccesses: 0,
-            authFailures: 0,
-            commands: 0,
-            fileWrites: 0,
-            fileReads: 0,
-            sessionStarts: 0,
-            sessionEnds: 0,
-            userCreated: 0,
-            userDeleted: 0,
-            clientConnects: 0,
-            clientDisconnects: 0,
-        };
-    }
-    /**
-     * Returns recent log entries in reverse chronological order.
-     *
-     * @param limit Number of recent entries to return (default: 100).
-     * @returns Recent audit log entries.
-     */
-    getRecent(limit = 100) {
-        return this.auditLog.slice(Math.max(0, this.auditLog.length - limit));
-    }
-    /**
-     * Detects potential security issues based on activity patterns.
-     *
-     * @returns Array of anomalies detected.
-     */
-    detectAnomalies() {
-        const anomalies = [];
-        // High auth failure rate
-        if (this.stats.authAttempts > 0 &&
-            this.stats.authFailures / this.stats.authAttempts > 0.5) {
-            anomalies.push({
-                type: "high_auth_failure_rate",
-                severity: "medium",
-                message: `Auth failure rate: ${((this.stats.authFailures / this.stats.authAttempts) * 100).toFixed(1)}%`,
-            });
-        }
-        // Excessive auth failures in short time
-        if (this.stats.authFailures > 10) {
-            anomalies.push({
-                type: "excessive_auth_failures",
-                severity: "high",
-                message: `${this.stats.authFailures} authentication failures detected`,
-            });
-        }
-        // Unusual command execution volume
-        if (this.stats.commands > 1000) {
-            anomalies.push({
-                type: "high_command_volume",
-                severity: "low",
-                message: `${this.stats.commands} commands executed`,
-            });
-        }
-        // Unusual file write volume
-        if (this.stats.fileWrites > 500) {
-            anomalies.push({
-                type: "high_write_volume",
-                severity: "medium",
-                message: `${this.stats.fileWrites} file write operations`,
-            });
-        }
-        return anomalies;
-    }
-}
-export default HoneyPot;

package/src/VirtualFileSystem/archive.ts

@@ -1,74 +0,0 @@
-import { promises as fs } from "node:fs";
-import * as tarStream from "tar-stream";
-import type { VfsSnapshot } from "../types/vfs";
-
-export async function archiveExists(archivePath: string): Promise<boolean> {
-	try {
-		await fs.access(archivePath);
-		return true;
-	} catch {
-		return false;
-	}
-}
-
-export async function createTarBuffer(snapshotJson: string): Promise<Buffer> {
-	const pack = tarStream.pack();
-	const chunks: Buffer[] = [];
-
-	const finished = new Promise<Buffer>((resolve, reject) => {
-		pack.on("data", (chunk: Buffer) => chunks.push(Buffer.from(chunk)));
-		pack.on("error", reject);
-		pack.on("end", () => resolve(Buffer.concat(chunks)));
-	});
-
-	pack.entry(
-		{ name: "snapshot.json", mode: 0o600 },
-		snapshotJson,
-		(error?: Error | null) => {
-			if (error) {
-				return;
-			}
-
-			pack.finalize();
-		},
-	);
-
-	return finished;
-}
-
-export async function readSnapshotFromTar(
-	tarBuffer: Buffer,
-): Promise<VfsSnapshot> {
-	return new Promise<VfsSnapshot>((resolve, reject) => {
-		const extract = tarStream.extract();
-		let snapshotText = "";
-		let found = false;
-
-		extract.on("entry", (header, stream, next) => {
-			if (header.name === "snapshot.json") {
-				found = true;
-				stream.on("data", (chunk: Buffer) => {
-					snapshotText += chunk.toString("utf8");
-				});
-				stream.on("end", next);
-				stream.resume();
-				return;
-			}
-
-			stream.resume();
-			stream.on("end", next);
-		});
-
-		extract.on("finish", () => {
-			if (!found) {
-				reject(new Error("snapshot.json missing from archive"));
-				return;
-			}
-
-			resolve(JSON.parse(snapshotText) as VfsSnapshot);
-		});
-
-		extract.on("error", reject);
-		extract.end(tarBuffer);
-	});
-}

package/src/VirtualFileSystem/snapshot.ts

@@ -1,84 +0,0 @@
-import type {
-	VfsSnapshot,
-	VfsSnapshotDirectoryNode,
-	VfsSnapshotNode,
-} from "../types/vfs";
-import type { InternalDirectoryNode, InternalNode } from "./internalTypes";
-
-function serializeNode(node: InternalNode): VfsSnapshotNode {
-	if (node.type === "file") {
-		return {
-			type: "file",
-			name: node.name,
-			mode: node.mode,
-			createdAt: node.createdAt.toISOString(),
-			updatedAt: node.updatedAt.toISOString(),
-			compressed: node.compressed,
-			contentBase64: node.content.toString("base64"),
-		};
-	}
-
-	return serializeDirectory(node);
-}
-
-function serializeDirectory(
-	node: InternalDirectoryNode,
-): VfsSnapshotDirectoryNode {
-	return {
-		type: "directory",
-		name: node.name,
-		mode: node.mode,
-		createdAt: node.createdAt.toISOString(),
-		updatedAt: node.updatedAt.toISOString(),
-		children: Array.from(node.children.values()).map((child) =>
-			serializeNode(child),
-		),
-	};
-}
-
-function deserializeNode(node: VfsSnapshotNode): InternalNode {
-	if (node.type === "file") {
-		return {
-			type: "file",
-			name: node.name,
-			mode: node.mode,
-			createdAt: new Date(node.createdAt),
-			updatedAt: new Date(node.updatedAt),
-			content: Buffer.from(node.contentBase64, "base64"),
-			compressed: node.compressed,
-		};
-	}
-
-	return deserializeDirectory(node);
-}
-
-function deserializeDirectory(
-	node: VfsSnapshotDirectoryNode,
-): InternalDirectoryNode {
-	return {
-		type: "directory",
-		name: node.name,
-		mode: node.mode,
-		createdAt: new Date(node.createdAt),
-		updatedAt: new Date(node.updatedAt),
-		children: new Map<string, InternalNode>(
-			node.children.map((child) => [child.name, deserializeNode(child)]),
-		),
-	};
-}
-
-export function createSnapshot(root: InternalDirectoryNode): VfsSnapshot {
-	return { root: serializeDirectory(root) };
-}
-
-export function applySnapshot(
-	rootTarget: InternalDirectoryNode,
-	snapshot: VfsSnapshot,
-): void {
-	const root = deserializeDirectory(snapshot.root);
-	rootTarget.name = root.name;
-	rootTarget.mode = root.mode;
-	rootTarget.createdAt = root.createdAt;
-	rootTarget.updatedAt = root.updatedAt;
-	rootTarget.children = root.children;
-}

package/src/VirtualFileSystem/tree.ts

@@ -1,34 +0,0 @@
-import type { InternalDirectoryNode } from "./internalTypes";
-
-function walkTree(
-	node: InternalDirectoryNode,
-	indent: string,
-	lines: string[],
-): void {
-	const entries = Array.from(node.children.entries()).sort(([a], [b]) =>
-		a.localeCompare(b),
-	);
-
-	entries.forEach(([name, child], index) => {
-		const isLast = index === entries.length - 1;
-		const branch = isLast ? "`-- " : "|-- ";
-		const nextIndent = indent + (isLast ? "    " : "|   ");
-
-		if (child.type === "file") {
-			lines.push(`${indent}${branch}${name}${child.compressed ? " [gz]" : ""}`);
-			return;
-		}
-
-		lines.push(`${indent}${branch}${name}/`);
-		walkTree(child, nextIndent, lines);
-	});
-}
-
-export function renderTree(
-	node: InternalDirectoryNode,
-	rootLabel: string,
-): string {
-	const lines: string[] = [rootLabel];
-	walkTree(node, "", lines);
-	return lines.join("\n");
-}