|
@@ -3,11 +3,16 @@ package de.tudarmstadt.informatik.hostage.sync.tracing;
|
|
|
import java.io.BufferedReader;
|
|
|
import java.io.IOException;
|
|
|
import java.io.InputStreamReader;
|
|
|
+import java.io.OutputStream;
|
|
|
import java.io.OutputStreamWriter;
|
|
|
+import java.io.StringWriter;
|
|
|
+import java.io.Writer;
|
|
|
import java.net.HttpURLConnection;
|
|
|
import java.net.URL;
|
|
|
import java.security.KeyStore;
|
|
|
import java.util.ArrayList;
|
|
|
+import java.util.HashMap;
|
|
|
+import java.util.Map;
|
|
|
|
|
|
import org.apache.http.HttpResponse;
|
|
|
import org.apache.http.HttpVersion;
|
|
@@ -37,9 +42,11 @@ import android.os.ResultReceiver;
|
|
|
import android.preference.PreferenceManager;
|
|
|
import android.util.Log;
|
|
|
import de.tudarmstadt.informatik.hostage.logging.NetworkRecord;
|
|
|
+import de.tudarmstadt.informatik.hostage.logging.Record;
|
|
|
import de.tudarmstadt.informatik.hostage.logging.SyncInfoRecord;
|
|
|
import de.tudarmstadt.informatik.hostage.net.MySSLSocketFactory;
|
|
|
import de.tudarmstadt.informatik.hostage.persistence.HostageDBOpenHelper;
|
|
|
+import de.tudarmstadt.informatik.hostage.ui.model.LogFilter;
|
|
|
|
|
|
/**
|
|
|
* Service that synchronizes with a specified remote server.
|
|
@@ -59,6 +66,8 @@ public class TracingSyncService extends IntentService {
|
|
|
public static final int RECORD_UPLOADED = 0x00;
|
|
|
public static final int SYNC_COMPLETE = 0x01;
|
|
|
|
|
|
+ public static Map<String, Integer> protocolsTypeMap;
|
|
|
+
|
|
|
private HttpClient httpClient;
|
|
|
private ResultReceiver receiver;
|
|
|
|
|
@@ -67,6 +76,19 @@ public class TracingSyncService extends IntentService {
|
|
|
SharedPreferences pref;
|
|
|
Editor editor;
|
|
|
|
|
|
+ static {
|
|
|
+ protocolsTypeMap = new HashMap<String, Integer>();
|
|
|
+ protocolsTypeMap.put("ECHO", 10);
|
|
|
+ protocolsTypeMap.put("FTP", 0);
|
|
|
+ protocolsTypeMap.put("GHOST", 0);
|
|
|
+ protocolsTypeMap.put("HTTP", 0);
|
|
|
+ protocolsTypeMap.put("HTTPS", 0);
|
|
|
+ protocolsTypeMap.put("MySQL", 31);
|
|
|
+ protocolsTypeMap.put("SIP", 50);
|
|
|
+ protocolsTypeMap.put("SMB", 40);
|
|
|
+ protocolsTypeMap.put("TELNET", 0);
|
|
|
+ }
|
|
|
+
|
|
|
public TracingSyncService() {
|
|
|
super(TracingSyncService.class.getName());
|
|
|
|
|
@@ -105,65 +127,91 @@ public class TracingSyncService extends IntentService {
|
|
|
* Uploads all new Records to a server, specified in the settings.
|
|
|
*/
|
|
|
private void syncNewRecords() {
|
|
|
- int lastUploadedAttackId = pref.getInt("LAST_UPLOADED_ATTACK_ID", -1);
|
|
|
- // String serverAddress = pref.getString("pref_upload",
|
|
|
- // "https://ssi.cased.de");
|
|
|
- String serverAddress = "http://87.230.23.240/hostage/push.php";
|
|
|
- ArrayList<NetworkRecord> recordList = dbh.getNetworkInformation();
|
|
|
+ long lastSyncTime = pref.getLong("LAST_SYNC_TIME", 0);
|
|
|
+
|
|
|
+ String serverAddress = pref.getString("pref_upload", "https://ssi.cased.de"); //"https://192.168.1.118:9999"
|
|
|
+
|
|
|
+ LogFilter filter = new LogFilter();
|
|
|
+ filter.setAboveTimestamp(lastSyncTime);
|
|
|
+
|
|
|
+ ArrayList<Record> records = dbh.getRecordsForFilter(filter);
|
|
|
+ StringWriter writer = new StringWriter();
|
|
|
|
|
|
- int size = recordList.size();
|
|
|
+ int size = records.size();
|
|
|
int offset = 1;
|
|
|
- for (NetworkRecord record : recordList) {
|
|
|
- boolean success = uploadSingleRecord(record, serverAddress);
|
|
|
- Log.i("Tracing upload", "Upload of record: " + offset + "/" + size + ((success) ? " successful." : " failed."));
|
|
|
- if (receiver != null) {
|
|
|
- Bundle data = new Bundle();
|
|
|
- data.putInt(UPLOAD_SIZE, size);
|
|
|
- data.putInt(UPLOAD_PROGRESS, offset);
|
|
|
- receiver.send(RECORD_UPLOADED, data);
|
|
|
- }
|
|
|
- offset++;
|
|
|
+ int currOffset = 1;
|
|
|
+ for (Record record : records) {
|
|
|
+ appendRecordToStringWriter(record, writer);
|
|
|
|
|
|
- // TODO pull
|
|
|
- // getRemoteData(record.getBssid(), record.getTimestamp());
|
|
|
- }
|
|
|
- }
|
|
|
+ if(currOffset == 5 || offset == size){
|
|
|
+ boolean success = uploadRecordsToServer(writer.toString(), serverAddress);
|
|
|
+ Log.i("Tracing upload", "Upload of record: " + offset + "/" + size + ((success) ? " successful." : " failed."));
|
|
|
+ if (receiver != null) {
|
|
|
+ Bundle data = new Bundle();
|
|
|
+ data.putInt(UPLOAD_SIZE, size);
|
|
|
+ data.putInt(UPLOAD_PROGRESS, offset);
|
|
|
+ receiver.send(RECORD_UPLOADED, data);
|
|
|
+ }
|
|
|
|
|
|
- /**
|
|
|
- * Uploads a single Record to a server, specified in the settings.
|
|
|
- *
|
|
|
- * @param record
|
|
|
- * The Record to upload.
|
|
|
- * @serverAddress Address of the target server
|
|
|
- * @return True if the upload was successful, else false.
|
|
|
- */
|
|
|
- private boolean uploadSingleRecord(NetworkRecord record, String serverAddress) {
|
|
|
- // Create a https client. Uses MySSLSocketFactory to accept all
|
|
|
- // certificates
|
|
|
- HttpPost httppost;
|
|
|
- try {
|
|
|
- httpClient = createHttpClient();
|
|
|
- // Create HttpPost
|
|
|
- httppost = new HttpPost(serverAddress);
|
|
|
- // Create JSON String of Record
|
|
|
- // TODO StringEntity se = new
|
|
|
- // StringEntity(record.toString(TraCINgFormatter.getInstance()));
|
|
|
- String s = record.toJSON();
|
|
|
- StringEntity se = new StringEntity("record=" + record.toJSON());
|
|
|
- httppost.addHeader("content-type", "application/x-www-form-urlencoded");
|
|
|
- httppost.setEntity(se);
|
|
|
- // Execute HttpPost
|
|
|
- HttpResponse response = httpClient.execute(httppost);
|
|
|
- // TODO Does it make sense to update the network record after a commit?
|
|
|
- getRemoteData(record.getBssid(), record.getTimestampLocation());
|
|
|
- Log.i("TracingSyncService", "Status Code: " + response.getStatusLine().getStatusCode());
|
|
|
- } catch (Exception e) {
|
|
|
- e.printStackTrace();
|
|
|
- return false;
|
|
|
+ writer.getBuffer().setLength(0);
|
|
|
+ currOffset = 0;
|
|
|
+ }
|
|
|
+
|
|
|
+ offset++;
|
|
|
+ currOffset++;
|
|
|
}
|
|
|
- return true;
|
|
|
+
|
|
|
+ pref.edit().putLong("LAST_SYNC_TIME", System.currentTimeMillis()).apply();
|
|
|
}
|
|
|
|
|
|
+ private void appendRecordToStringWriter(Record record, Writer stream){
|
|
|
+ try {
|
|
|
+ stream.append(
|
|
|
+ "{" +
|
|
|
+ "\"sensor\":{" +
|
|
|
+ "\"name\":\"HosTaGe\"," +
|
|
|
+ "\"type\":\"Honeypot\"" +
|
|
|
+ "}," +
|
|
|
+ "\"src\":{" +
|
|
|
+ "\"ip\":\"" + record.getRemoteIP() + "\"," +
|
|
|
+ "\"port\":" + record.getRemotePort() +
|
|
|
+ "}," +
|
|
|
+ "\"dst\":{" +
|
|
|
+ "\"ip\":\"" + record.getExternalIP() /*record.getLocalIP()*/ + "\"," +
|
|
|
+ "\"port\":" + record.getLocalPort() +
|
|
|
+ "}," +
|
|
|
+ "\"type\":" + (protocolsTypeMap.containsKey(record.getProtocol()) ? protocolsTypeMap.get(record.getProtocol()) : 0) + "," +
|
|
|
+ "\"log\":\"" + record.getProtocol() + "\"," +
|
|
|
+ "\"md5sum\":\"\"," +
|
|
|
+ "\"date\":" + (int)(record.getTimestamp() / 1000) +
|
|
|
+ "}\n"
|
|
|
+ );
|
|
|
+ } catch (IOException e) {
|
|
|
+ e.printStackTrace();
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ private boolean uploadRecordsToServer(String entity, String serverAddress){
|
|
|
+ HttpPost httppost;
|
|
|
+ try {
|
|
|
+ httpClient = createHttpClient();
|
|
|
+ // Create HttpPost
|
|
|
+ httppost = new HttpPost(serverAddress);
|
|
|
+
|
|
|
+ StringEntity se = new StringEntity(entity);
|
|
|
+ httppost.addHeader("content-type", "application/json+newline");
|
|
|
+ httppost.setEntity(se);
|
|
|
+
|
|
|
+ // Execute HttpPost
|
|
|
+ HttpResponse response = httpClient.execute(httppost);
|
|
|
+ Log.i("TracingSyncService", "Status Code: " + response.getStatusLine().getStatusCode());
|
|
|
+ } catch (Exception e) {
|
|
|
+ e.printStackTrace();
|
|
|
+ return false;
|
|
|
+ }
|
|
|
+ return true;
|
|
|
+ }
|
|
|
+
|
|
|
/**
|
|
|
* Gets the data from the server and updates the database.
|
|
|
*/
|