123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297 |
- package de.tudarmstadt.informatik.hostage.sync.tracing;
- import java.io.BufferedReader;
- import java.io.IOException;
- import java.io.InputStreamReader;
- import java.io.OutputStream;
- import java.io.OutputStreamWriter;
- import java.io.StringWriter;
- import java.io.Writer;
- import java.net.HttpURLConnection;
- import java.net.URL;
- import java.security.KeyStore;
- import java.util.ArrayList;
- import java.util.HashMap;
- import java.util.Map;
- import org.apache.http.HttpResponse;
- import org.apache.http.HttpVersion;
- import org.apache.http.client.HttpClient;
- import org.apache.http.client.methods.HttpPost;
- import org.apache.http.conn.ClientConnectionManager;
- import org.apache.http.conn.scheme.PlainSocketFactory;
- import org.apache.http.conn.scheme.Scheme;
- import org.apache.http.conn.scheme.SchemeRegistry;
- import org.apache.http.conn.ssl.SSLSocketFactory;
- import org.apache.http.entity.StringEntity;
- import org.apache.http.impl.client.DefaultHttpClient;
- import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
- import org.apache.http.params.BasicHttpParams;
- import org.apache.http.params.HttpParams;
- import org.apache.http.params.HttpProtocolParams;
- import org.apache.http.protocol.HTTP;
- import org.json.JSONException;
- import org.json.JSONObject;
- import android.app.IntentService;
- import android.content.Intent;
- import android.content.SharedPreferences;
- import android.content.SharedPreferences.Editor;
- import android.os.Bundle;
- import android.os.ResultReceiver;
- import android.preference.PreferenceManager;
- import android.util.Log;
- import de.tudarmstadt.informatik.hostage.logging.NetworkRecord;
- import de.tudarmstadt.informatik.hostage.logging.Record;
- import de.tudarmstadt.informatik.hostage.logging.SyncInfoRecord;
- import de.tudarmstadt.informatik.hostage.net.MySSLSocketFactory;
- import de.tudarmstadt.informatik.hostage.persistence.HostageDBOpenHelper;
- import de.tudarmstadt.informatik.hostage.ui.model.LogFilter;
- /**
- * Service that synchronizes with a specified remote server.
- *
- * @author Lars Pandikow
- */
- public class TracingSyncService extends IntentService {
- public static final String REMOTE_DEVICE = "de.tudarmstadt.informatik.hostage.REMOTE_DEVICE";
- public static final String ACTION_START_SYNC = "de.tudarmstadt.informatik.hostage.ACTION_START_SYNC";
- public static final String EXTRA_RECEIVER = "de.tudarmstadt.informatik.hostage.EXTRA_HANDLER";
- public static final String UPLOAD_SIZE = "de.tudarmstadt.informatik.hostage.UPLOAD_SIZE";
- public static final String UPLOAD_PROGRESS = "de.tudarmstadt.informatik.hostage.UPLOAD_PROGRESS";
- public static final int RECORD_UPLOADED = 0x00;
- public static final int SYNC_COMPLETE = 0x01;
- public static Map<String, Integer> protocolsTypeMap;
- private HttpClient httpClient;
- private ResultReceiver receiver;
- HostageDBOpenHelper dbh;
- SharedPreferences pref;
- Editor editor;
- static {
- protocolsTypeMap = new HashMap<String, Integer>();
- protocolsTypeMap.put("ECHO", 10);
- protocolsTypeMap.put("FTP", 0);
- protocolsTypeMap.put("GHOST", 0);
- protocolsTypeMap.put("HTTP", 0);
- protocolsTypeMap.put("HTTPS", 0);
- protocolsTypeMap.put("MySQL", 31);
- protocolsTypeMap.put("SIP", 50);
- protocolsTypeMap.put("SMB", 40);
- protocolsTypeMap.put("TELNET", 0);
- }
- public TracingSyncService() {
- super(TracingSyncService.class.getName());
- }
- @Override
- public void onCreate() {
- super.onCreate();
- pref = PreferenceManager.getDefaultSharedPreferences(this);
- editor = pref.edit();
- dbh = new HostageDBOpenHelper(this);
- }
- /**
- * The IntentService calls this method from the default worker thread with
- * the intent that started the service. When this method returns,
- * IntentService stops the service, as appropriate.
- */
- @Override
- protected void onHandleIntent(Intent intent) {
- if (intent != null) {
- final String action = intent.getAction();
- if (ACTION_START_SYNC.equals(action)) {
- receiver = intent.getParcelableExtra(EXTRA_RECEIVER);
- syncNewRecords();
- dbh.clearSyncInfos();
- if (receiver != null) {
- receiver.send(SYNC_COMPLETE, null);
- }
- }
- }
- }
- /**
- * Uploads all new Records to a server, specified in the settings.
- */
- private void syncNewRecords() {
- long lastSyncTime = pref.getLong("LAST_SYNC_TIME", 0);
- String serverAddress = pref.getString("pref_upload", "https://ssi.cased.de"); //"https://192.168.1.118:9999"
- LogFilter filter = new LogFilter();
- filter.setAboveTimestamp(lastSyncTime);
- ArrayList<Record> records = dbh.getRecordsForFilter(filter);
- StringWriter writer = new StringWriter();
- int size = records.size();
- int offset = 1;
- int currOffset = 1;
- for (Record record : records) {
- appendRecordToStringWriter(record, writer);
- if(currOffset == 5 || offset == size){
- boolean success = uploadRecordsToServer(writer.toString(), serverAddress);
- Log.i("Tracing upload", "Upload of record: " + offset + "/" + size + ((success) ? " successful." : " failed."));
- if (receiver != null) {
- Bundle data = new Bundle();
- data.putInt(UPLOAD_SIZE, size);
- data.putInt(UPLOAD_PROGRESS, offset);
- receiver.send(RECORD_UPLOADED, data);
- }
- writer.getBuffer().setLength(0);
- currOffset = 0;
- }
- offset++;
- currOffset++;
- }
- pref.edit().putLong("LAST_SYNC_TIME", System.currentTimeMillis()).apply();
- }
- private void appendRecordToStringWriter(Record record, Writer stream){
- try {
- stream.append(
- "{" +
- "\"sensor\":{" +
- "\"name\":\"HosTaGe\"," +
- "\"type\":\"Honeypot\"" +
- "}," +
- "\"src\":{" +
- "\"ip\":\"" + record.getRemoteIP() + "\"," +
- "\"port\":" + record.getRemotePort() +
- "}," +
- "\"dst\":{" +
- "\"ip\":\"" + record.getExternalIP() /*record.getLocalIP()*/ + "\"," +
- "\"port\":" + record.getLocalPort() +
- "}," +
- "\"type\":" + (protocolsTypeMap.containsKey(record.getProtocol()) ? protocolsTypeMap.get(record.getProtocol()) : 0) + "," +
- "\"log\":\"" + record.getProtocol() + "\"," +
- "\"md5sum\":\"\"," +
- "\"date\":" + (int)(record.getTimestamp() / 1000) +
- "}\n"
- );
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
- private boolean uploadRecordsToServer(String entity, String serverAddress){
- HttpPost httppost;
- try {
- httpClient = createHttpClient();
- // Create HttpPost
- httppost = new HttpPost(serverAddress);
- StringEntity se = new StringEntity(entity);
- httppost.addHeader("content-type", "application/json+newline");
- httppost.setEntity(se);
- // Execute HttpPost
- HttpResponse response = httpClient.execute(httppost);
- Log.i("TracingSyncService", "Status Code: " + response.getStatusLine().getStatusCode());
- } catch (Exception e) {
- e.printStackTrace();
- return false;
- }
- return true;
- }
- /**
- * Gets the data from the server and updates the database.
- */
- private void getRemoteData(String bssid, long timestamp) {
- HttpURLConnection connection;
- OutputStreamWriter request = null;
- URL url = null;
- String response = null;
- String parameters = "bssid=" + bssid;
- try {
- url = new URL("http://87.230.23.240/hostage/pull.php");
- connection = (HttpURLConnection) url.openConnection();
- connection.setDoOutput(true);
- connection.setRequestProperty("content-type", "application/x-www-form-urlencoded");
- connection.setRequestMethod("POST");
- request = new OutputStreamWriter(connection.getOutputStream());
- request.write(parameters);
- request.flush();
- request.close();
- String line = "";
- InputStreamReader isr = new InputStreamReader(connection.getInputStream());
- BufferedReader reader = new BufferedReader(isr);
- StringBuilder sb = new StringBuilder();
- while ((line = reader.readLine()) != null) {
- sb.append(line);
- }
- response = sb.toString();
- JSONObject jsonObj = new JSONObject(response);
- NetworkRecord net = new NetworkRecord();
- net.setBssid(jsonObj.getString("bssid"));
- net.setSsid(jsonObj.getString("ssid"));
- net.setLatitude(jsonObj.getDouble("latitude"));
- net.setLongitude(jsonObj.getDouble("longitude"));
- net.setTimestampLocation(jsonObj.getLong("timestamp"));
- SyncInfoRecord sync = new SyncInfoRecord();
- sync.setBSSID(jsonObj.getString("bssid"));
- sync.setDeviceID("-1");
- sync.setNumber_of_attacks(jsonObj.getLong("attacks"));
- sync.setNumber_of_portscans(jsonObj.getLong("portscans"));
- dbh.updateNetworkInformation(net);
- isr.close();
- reader.close();
- } catch (IOException e) {
- Log.i("NetworkTest", "Network Error: " + e);
- } catch (JSONException e) {
- e.printStackTrace();
- }
- }
- /**
- * Creates a HttpClient with an own SSL Socket.
- *
- * @return HttpsClient who accepts accepts all certificates.
- * @see MySSLSocketFactory
- */
- private HttpClient createHttpClient() {
- try {
- KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
- trustStore.load(null, null);
- SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
- sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
- HttpParams params = new BasicHttpParams();
- HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
- HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
- SchemeRegistry registry = new SchemeRegistry();
- registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
- registry.register(new Scheme("https", sf, 443));
- ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
- return new DefaultHttpClient(ccm, params);
- } catch (Exception e) {
- e.printStackTrace();
- return new DefaultHttpClient();
- }
- }
- }
|