基于python Twisted库的Ftp简单蜜罐

0x00 前言

  最近需要写蜜罐模拟,用python的twisted库实现了一个简单的ftp蜜罐,可以用浏览器登录,收集用户名密码。

0x01具体代码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
from twisted.internet.protocol import Factory
from twisted.protocols.basic import LineReceiver
from twisted.internet import reactor
import logging
import re

WELCOME_MSG = '220 (vsFTPd 2.0.5) '
GOODBYE_MSG = '221 Goodbye.'
USER_OK_NEED_PASS = '331 Please specify the password.'
PLEASE_LOGIN = '530 Please login with USER and PASS.'
UNKNOWN_COMMAND = '500 Unknown command.'
LOGIN_WITH_USER_FIRST = '503 Login with USER first.'
LOGIN_FAIL = '530 Login incorrect.'
REQ_ACTN_NOT_TAKEN = '550 Requested action not taken: '


class Ftp(LineReceiver):
def __init__(self):
self.name = None
self.password = None
self.state = 'get_name'
# logging.basicConfig(filename='./ftp.log', level=logging.DEBUG, format='%(asctime)s %(levelname)s: %(message)s', datefmt = '%m/%d/%Y %I:%M:%S %p')
logging.basicConfig(filename='./ftp.log', level=logging.DEBUG, format='%(asctime)s %(levelname)s: %(message)s', datefmt = '%Y-%m-%d %I:%M:%S')

def connectionMade(self):
self.sendLine(WELCOME_MSG)

def connectionLost(self,line):
self.sendLine(GOODBYE_MSG)
def lineReceived(self, line):
if self.state == 'get_name':
self.name = line
self.state = 'get_pass'
self.sendLine(USER_OK_NEED_PASS)
elif self.state == 'get_pass':
self.password = line
logging.info(self.name +' ' + self.password )
self.state = 'get_name'
self.sendLine(LOGIN_FAIL)
class FtpFactory(Factory):
def buildProtocol(self, addr):
return Ftp()


reactor.listenTCP(21, FtpFactory())
reactor.run()

0x02结果截图

1.浏览器的登录界面展示
浏览器登录界面


2.Telnet连接界面
Telnet连接界面


3.记录的日志
记录的日志