HoneyService.java 19 KB

  1. package de.tudarmstadt.informatik.hostage;
  2. import java.io.BufferedReader;
  3. import java.io.InputStreamReader;
  4. import java.net.Socket;
  5. import java.security.SecureRandom;
  6. import java.util.ArrayList;
  7. import java.util.LinkedList;
  8. import java.util.List;
  9. import org.apache.http.HttpEntity;
  10. import org.apache.http.HttpResponse;
  11. import org.apache.http.client.HttpClient;
  12. import org.apache.http.client.methods.HttpGet;
  13. import org.apache.http.impl.client.DefaultHttpClient;
  14. import org.apache.http.util.EntityUtils;
  15. import org.json.JSONObject;
  16. import android.app.NotificationManager;
  17. import android.app.PendingIntent;
  18. import android.app.Service;
  19. import android.content.BroadcastReceiver;
  20. import android.content.Context;
  21. import android.content.Intent;
  22. import android.content.IntentFilter;
  23. import android.content.SharedPreferences;
  24. import android.content.SharedPreferences.Editor;
  25. import android.net.ConnectivityManager;
  26. import android.net.Uri;
  27. import android.os.AsyncTask;
  28. import android.os.Binder;
  29. import android.os.IBinder;
  30. import android.preference.PreferenceManager;
  31. import android.support.v4.app.NotificationCompat;
  32. import android.support.v4.app.TaskStackBuilder;
  33. import android.support.v4.content.LocalBroadcastManager;
  34. import android.util.Log;
  35. import android.widget.Toast;
  36. import de.tudarmstadt.informatik.hostage.commons.HelperUtils;
  37. import de.tudarmstadt.informatik.hostage.db.HostageDbHelper;
  38. import de.tudarmstadt.informatik.hostage.logging.MyLocationManager;
  39. import de.tudarmstadt.informatik.hostage.protocol.HTTP;
  40. import de.tudarmstadt.informatik.hostage.protocol.Protocol;
  41. import de.tudarmstadt.informatik.hostage.ui.MainActivity;
  42. /**
  43. * Background service running as long as at least one protocol is active.
  44. * Service controls start and stop of protocol listener. Notifies GUI about
  45. * events happening in the background. Creates Notifications to inform the user
  46. * what it happening.
  47. *
  48. * @author Mihai Plasoianu
  49. * @author Lars Pandikow
  50. * @author Wulf Pfeiffer
  51. */
  52. public class HoneyService extends Service {
  53. public class LocalBinder extends Binder {
  54. public HoneyService getService() {
  55. return HoneyService.this;
  56. }
  57. }
  58. /**
  59. * Task for accuiring a qotd from one of four possible servers.
  60. *
  61. * @author Wulf Pfeiffer
  62. */
  63. private class QotdTask extends AsyncTask<String, Void, String> {
  64. @Override
  65. protected String doInBackground(String... unused) {
  66. String[] sources = new String[] { "djxmmx.net", "ota.iambic.com", "alpha.mike-r.com", "electricbiscuit.org" };
  67. SecureRandom rndm = new SecureRandom();
  68. StringBuffer sb = new StringBuffer();
  69. try {
  70. Socket client = new Socket(sources[rndm.nextInt(4)], 17);
  71. BufferedReader in = new BufferedReader(new InputStreamReader(client.getInputStream()));
  72. while (!in.ready())
  73. ;
  74. while (in.ready()) {
  75. sb.append(in.readLine());
  76. }
  77. in.close();
  78. client.close();
  79. } catch (Exception e) {
  80. e.printStackTrace();
  81. }
  82. return sb.toString();
  83. }
  84. @Override
  85. protected void onPostExecute(String result) {
  86. if (result != null)
  87. HTTP.setHtmlDocumentContent(result);
  88. }
  89. }
  90. /**
  91. * Task to find out the external IP.
  92. *
  93. * @author Lars Pandikow
  94. */
  95. private class SetExternalIPTask extends AsyncTask<String, Void, String> {
  96. @Override
  97. protected String doInBackground(String... url) {
  98. String ipAddress = null;
  99. try {
  100. HttpClient httpclient = new DefaultHttpClient();
  101. HttpGet httpget = new HttpGet(url[0]);
  102. HttpResponse response;
  103. response = httpclient.execute(httpget);
  104. HttpEntity entity = response.getEntity();
  105. entity.getContentLength();
  106. String str = EntityUtils.toString(entity);
  107. JSONObject json_data = new JSONObject(str);
  108. ipAddress = json_data.getString("ip");
  109. } catch (Exception e) {
  110. e.printStackTrace();
  111. }
  112. return ipAddress;
  113. }
  114. @Override
  115. protected void onPostExecute(String result) {
  116. connectionInfoEditor.putString(getString(R.string.connection_info_external_ip), result);
  117. connectionInfoEditor.commit();
  118. notifyUI(this.getClass().getName(), new String[] { getString(R.string.broadcast_connectivity) });
  119. }
  120. }
  121. private static Context context;
  122. /**
  123. * Returns the application context.
  124. *
  125. * @return context.
  126. */
  127. public static Context getContext() {
  128. return HoneyService.context;
  129. }
  130. private LinkedList<Protocol> implementedProtocols;
  131. private ArrayList<HoneyListener> listeners = new ArrayList<HoneyListener>();
  132. private NotificationCompat.Builder builder;
  133. private SharedPreferences connectionInfo;
  134. private Editor connectionInfoEditor;
  135. private final IBinder mBinder = new LocalBinder();
  136. /**
  137. * Receiver for connectivity change broadcast.
  138. *
  139. * @see MainActivity#BROADCAST
  140. */
  141. private BroadcastReceiver netReceiver = new BroadcastReceiver() {
  142. @Override
  143. public void onReceive(Context context, Intent intent) {
  144. String bssid_old = connectionInfo.getString(getString(R.string.connection_info_bssid), "");
  145. String bssid_new = HelperUtils.getBSSID(context);
  146. if (bssid_new == null || !bssid_new.equals(bssid_old)) {
  147. deleteConnectionData();
  148. updateConnectionInfo();
  149. getLocationData();
  150. notifyUI(this.getClass().getName(), new String[] { getString(R.string.broadcast_connectivity) });
  151. }
  152. }
  153. };
  154. public List<HoneyListener> getListeners() {
  155. return listeners;
  156. }
  157. /**
  158. * Determines the number of active connections for a protocol running on its
  159. * default port.
  160. *
  161. * @param protocolName
  162. * The protocol name
  163. * @return Number of active connections
  164. */
  165. public int getNumberOfActiveConnections(String protocolName) {
  166. int port = getDefaultPort(protocolName);
  167. return getNumberOfActiveConnections(protocolName, port);
  168. }
  169. /**
  170. * Determines the number of active connections for a protocol running on the
  171. * given port.
  172. *
  173. * @param protocolName
  174. * The protocol name
  175. * @param port
  176. * Specific port
  177. * @return Number of active connections
  178. */
  179. public int getNumberOfActiveConnections(String protocolName, int port) {
  180. for (HoneyListener listener : listeners) {
  181. if (listener.getProtocolName().equals(protocolName) && listener.getPort() == port) {
  182. return listener.getHandlerCount();
  183. }
  184. }
  185. return 0;
  186. }
  187. /**
  188. * Determines if there any listener is currently running.
  189. *
  190. * @return True if there is a running listener, else false.
  191. */
  192. public boolean hasRunningListeners() {
  193. for (HoneyListener listener : listeners) {
  194. if (listener.isRunning())
  195. return true;
  196. }
  197. return false;
  198. }
  199. /**
  200. * Determines if a protocol with the given name is running on its default
  201. * port.
  202. *
  203. * @param protocolName
  204. * The protocol name
  205. * @return True if protocol is running, else false.
  206. */
  207. public boolean isRunning(String protocolName) {
  208. int port = getDefaultPort(protocolName);
  209. return isRunning(protocolName, port);
  210. }
  211. /**
  212. * Determines if a protocol with the given name is running on the given
  213. * port.
  214. *
  215. * @param protocolName
  216. * The protocol name
  217. * @param port
  218. * Specific port
  219. * @return True if protocol is running, else false.
  220. */
  221. public boolean isRunning(String protocolName, int port) {
  222. for (HoneyListener listener : listeners) {
  223. if (listener.getProtocolName().equals(protocolName) && listener.getPort() == port) {
  224. return listener.isRunning();
  225. }
  226. }
  227. return false;
  228. }
  229. /**
  230. * Notifies the GUI about a event.
  231. *
  232. * @param sender
  233. * Source where the event took place.
  234. * @param key
  235. * Detailed information about the event.
  236. */
  237. public void notifyUI(String sender, String[] values) {
  238. createNotification();
  239. // Send Notification
  240. if (sender.equals(HoneyHandler.class.getName()) && values[0].equals(R.string.broadcast_started)) {
  241. attackNotification();
  242. }
  243. // Inform UI of Preference Change
  244. Intent intent = new Intent(getString(R.string.broadcast));
  245. intent.putExtra("SENDER", sender);
  246. intent.putExtra("VALUES", values);
  247. Log.i("Sender", sender);
  248. LocalBroadcastManager.getInstance(this).sendBroadcast(intent);
  249. }
  250. @Override
  251. public IBinder onBind(Intent intent) {
  252. return mBinder;
  253. }
  254. @Override
  255. public void onCreate() {
  256. super.onCreate();
  257. HoneyService.context = getApplicationContext();
  258. implementedProtocols = getImplementedProtocols();
  259. connectionInfo = getSharedPreferences(getString(R.string.connection_info), Context.MODE_PRIVATE);
  260. connectionInfoEditor = connectionInfo.edit();
  261. createNotification();
  262. registerNetReceiver();
  263. updateConnectionInfo();
  264. getLocationData();
  265. String sharedPreferencePath = getString(R.string.shared_preference_path);
  266. boolean useQotd = getSharedPreferences(sharedPreferencePath, MODE_PRIVATE).getBoolean("useQotd", true);
  267. if (useQotd) {
  268. new QotdTask().execute(new String[] {});
  269. }
  270. }
  271. @Override
  272. public void onDestroy() {
  273. cancelNotification();
  274. unregisterNetReceiver();
  275. super.onDestroy();
  276. }
  277. @Override
  278. public int onStartCommand(Intent intent, int flags, int startId) {
  279. // We want this service to continue running until it is explicitly
  280. // stopped, so return sticky.
  281. return START_STICKY;
  282. }
  283. /**
  284. * Starts the listener for the specified protocol. Creates a new
  285. * HoneyService if no matching HoneyListener is found.
  286. *
  287. * @param protocolName
  288. * Name of the protocol that should be started.
  289. */
  290. public boolean startListener(String protocolName) {
  291. return startListener(protocolName, getDefaultPort(protocolName));
  292. }
  293. /**
  294. * Starts the listener for the specified protocol and port. Creates a new
  295. * HoneyService if no matching HoneyListener is found.
  296. *
  297. * @param protocolName
  298. * Name of the protocol that should be started.
  299. * @param port
  300. * The port number in which the listener should run.
  301. */
  302. public boolean startListener(String protocolName, int port) {
  303. for (HoneyListener listener : listeners) {
  304. if (listener.getProtocolName().equals(protocolName) && listener.getPort() == port) {
  305. if (!listener.isRunning()) {
  306. if (listener.start()) {
  307. Toast.makeText(getApplicationContext(), protocolName + " SERVICE STARTED!", Toast.LENGTH_SHORT).show();
  308. return true;
  309. }
  310. Toast.makeText(getApplicationContext(), protocolName + " SERVICE COULD NOT BE STARTED!", Toast.LENGTH_SHORT).show();
  311. return false;
  312. }
  313. }
  314. }
  315. HoneyListener listener = createListener(protocolName, port);
  316. if (listener != null) {
  317. if (listener.start()) {
  318. Toast.makeText(getApplicationContext(), protocolName + " SERVICE STARTED!", Toast.LENGTH_SHORT).show();
  319. return true;
  320. }
  321. }
  322. Toast.makeText(getApplicationContext(), protocolName + " SERVICE COULD NOT BE STARTED!", Toast.LENGTH_SHORT).show();
  323. return false;
  324. }
  325. /**
  326. * Starts all listeners which are not already running.
  327. */
  328. public void startListeners() {
  329. for (HoneyListener listener : listeners) {
  330. if (!listener.isRunning()) {
  331. listener.start();
  332. }
  333. }
  334. Toast.makeText(getApplicationContext(), "SERVICES STARTED!", Toast.LENGTH_SHORT).show();
  335. }
  336. /**
  337. * Stops the listener for the specified protocol.
  338. *
  339. * @param protocolName
  340. * Name of the protocol that should be stopped.
  341. */
  342. public void stopListener(String protocolName) {
  343. stopListener(protocolName, getDefaultPort(protocolName));
  344. }
  345. /**
  346. * Stops the listener for the specified protocol.
  347. *
  348. * @param protocolName
  349. * Name of the protocol that should be stopped.
  350. * @param port
  351. * The port number in which the listener is running.
  352. */
  353. public void stopListener(String protocolName, int port) {
  354. for (HoneyListener listener : listeners) {
  355. if (listener.getProtocolName().equals(protocolName) && listener.getPort() == port) {
  356. if (listener.isRunning()) {
  357. listener.stop();
  358. }
  359. }
  360. }
  361. Toast.makeText(getApplicationContext(), protocolName + " SERVICE STOPPED!", Toast.LENGTH_SHORT).show();
  362. }
  363. /**
  364. * Stops all running listeners.
  365. */
  366. public void stopListeners() {
  367. for (HoneyListener listener : listeners) {
  368. if (listener.isRunning()) {
  369. listener.stop();
  370. }
  371. }
  372. Toast.makeText(getApplicationContext(), "SERVICES STOPPED!", Toast.LENGTH_SHORT).show();
  373. }
  374. /**
  375. * Updates the notification when a attack is registered.
  376. */
  377. private void attackNotification() {
  378. SharedPreferences defaultPref = PreferenceManager.getDefaultSharedPreferences(this);
  379. String strRingtonePreference = defaultPref.getString("pref_notification_sound", "content://settings/system/notification_sound");
  380. builder = new NotificationCompat.Builder(this).setContentTitle(getString(R.string.app_name)).setTicker("Honeypot under attack!")
  381. .setContentText("Honeypot under attack!").setSmallIcon(R.drawable.ic_service_red).setAutoCancel(true).setWhen(System.currentTimeMillis())
  382. .setSound(Uri.parse(strRingtonePreference));
  383. TaskStackBuilder stackBuilder = TaskStackBuilder.create(this);
  384. stackBuilder.addParentStack(MainActivity.class);
  385. stackBuilder.addNextIntent(new Intent(this, MainActivity.class));
  386. PendingIntent resultPendingIntent = stackBuilder.getPendingIntent(0, PendingIntent.FLAG_UPDATE_CURRENT);
  387. builder.setContentIntent(resultPendingIntent);
  388. if (defaultPref.getBoolean("pref_vibration", false)) {
  389. builder.setVibrate(new long[] { 100, 200, 100, 200 });
  390. }
  391. NotificationManager mNotificationManager = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
  392. mNotificationManager.notify(2, builder.build());
  393. }
  394. /**
  395. * Cancels the Notification
  396. */
  397. private void cancelNotification() {
  398. NotificationManager mNotificationManager = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
  399. mNotificationManager.cancel(1);
  400. }
  401. /**
  402. * Creates a Listener for a given protocol on a specific port. After
  403. * creation the Listener is not started. Checks if the protocol is
  404. * implemented first.
  405. *
  406. * @param protocolName
  407. * Name of the protocol
  408. * @param port
  409. * Port on which to start the Listener
  410. * @return Returns the created HoneyListener, if creation failed returns
  411. * null.
  412. */
  413. private HoneyListener createListener(String protocolName, int port) {
  414. for (Protocol protocol : implementedProtocols) {
  415. if (protocolName.equals(protocol.toString())) {
  416. HoneyListener listener = new HoneyListener(this, protocol, port);
  417. listeners.add(listener);
  418. return listener;
  419. }
  420. }
  421. return null;
  422. }
  423. /**
  424. * Creates a Notification in the notification bar.
  425. */
  426. private void createNotification() {
  427. HostageDbHelper dbh = new HostageDbHelper(this);
  428. boolean activeHandlers = false;
  429. boolean bssidSeen = false;
  430. boolean listening = false;
  431. for (HoneyListener listener : listeners) {
  432. if (listener.isRunning())
  433. listening = true;
  434. if (listener.getHandlerCount() > 0) {
  435. activeHandlers = true;
  436. }
  437. if (dbh.bssidSeen(listener.getProtocolName(), HelperUtils.getBSSID(getApplicationContext()))) {
  438. bssidSeen = true;
  439. }
  440. }
  441. builder = new NotificationCompat.Builder(this).setContentTitle(getString(R.string.app_name)).setWhen(System.currentTimeMillis());
  442. if (!listening) {
  443. builder.setSmallIcon(R.drawable.ic_launcher);
  444. builder.setContentText("HosTaGe is not active.");
  445. } else if (activeHandlers) {
  446. builder.setSmallIcon(R.drawable.ic_service_red);
  447. builder.setContentText("Network is infected!");
  448. } else if (bssidSeen) {
  449. builder.setSmallIcon(R.drawable.ic_service_yellow);
  450. builder.setContentText("Network has been infected in previous session!");
  451. } else {
  452. builder.setSmallIcon(R.drawable.ic_service_green);
  453. builder.setContentText("Everything looks fine!");
  454. }
  455. TaskStackBuilder stackBuilder = TaskStackBuilder.create(this);
  456. stackBuilder.addParentStack(MainActivity.class);
  457. stackBuilder.addNextIntent(new Intent(this, MainActivity.class));
  458. PendingIntent resultPendingIntent = stackBuilder.getPendingIntent(0, PendingIntent.FLAG_UPDATE_CURRENT);
  459. builder.setContentIntent(resultPendingIntent);
  460. builder.setOngoing(true);
  461. NotificationManager mNotificationManager = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
  462. mNotificationManager.notify(1, builder.build());
  463. }
  464. /**
  465. * Deletes all session related data.
  466. */
  467. private void deleteConnectionData() {
  468. connectionInfoEditor.clear();
  469. connectionInfoEditor.commit();
  470. }
  471. /**
  472. * Returns the default port number, if the protocol is implemented.
  473. *
  474. * @param protocolName
  475. * The name of the protocol
  476. * @return Returns the default port number, if the protocol is implemented.
  477. * Else returns -1.
  478. */
  479. private int getDefaultPort(String protocolName) {
  480. for (Protocol protocol : implementedProtocols) {
  481. if (protocolName.equals(protocol.toString())) {
  482. return protocol.getPort();
  483. }
  484. }
  485. return -1;
  486. };
  487. /**
  488. * Returns an LinkedList<String> with the names of all implemented
  489. * protocols.
  490. *
  491. * @return ArrayList of
  492. * {@link de.tudarmstadt.informatik.hostage.protocol.Protocol
  493. * Protocol}
  494. */
  495. private LinkedList<Protocol> getImplementedProtocols() {
  496. String[] protocols = getResources().getStringArray(R.array.protocols);
  497. String packageName = Protocol.class.getPackage().getName();
  498. LinkedList<Protocol> implementedProtocols = new LinkedList<Protocol>();
  499. for (String protocol : protocols) {
  500. try {
  501. implementedProtocols.add((Protocol) Class.forName(String.format("%s.%s", packageName, protocol)).newInstance());
  502. } catch (Exception e) {
  503. e.printStackTrace();
  504. }
  505. }
  506. return implementedProtocols;
  507. }
  508. /**
  509. * Starts an Instance of MyLocationManager to set the location within this
  510. * class.
  511. */
  512. private void getLocationData() {
  513. MyLocationManager locationManager = new MyLocationManager(this);
  514. locationManager.getUpdates(60 * 1000, 3);
  515. };
  516. // Notifications
  517. /**
  518. * Register broadcast receiver for connectivity changes
  519. */
  520. private void registerNetReceiver() {
  521. // register BroadcastReceiver on network state changes
  522. IntentFilter intent = new IntentFilter();
  523. intent.addAction(ConnectivityManager.CONNECTIVITY_ACTION); // "android.net.conn.CONNECTIVITY_CHANGE"
  524. registerReceiver(netReceiver, intent);
  525. }
  526. /**
  527. * Unregister broadcast receiver for connectivity changes
  528. */
  529. private void unregisterNetReceiver() {
  530. unregisterReceiver(netReceiver);
  531. }
  532. /**
  533. * Updates the connection info and saves them in the the SharedPreferences
  534. * for session data.
  535. *
  536. * @param context
  537. * Needs a context to get system recourses.
  538. * @see MainActivity#CONNECTION_INFO
  539. */
  540. private void updateConnectionInfo() {
  541. SharedPreferences pref = context.getSharedPreferences(getString(R.string.connection_info), Context.MODE_PRIVATE);
  542. Editor editor = pref.edit();
  543. editor.putString(getString(R.string.connection_info_ssid), HelperUtils.getSSID(context));
  544. editor.putString(getString(R.string.connection_info_bssid), HelperUtils.getBSSID(context));
  545. editor.putString(getString(R.string.connection_info_internal_ip), HelperUtils.getInternalIP(context));
  546. editor.commit();
  547. SetExternalIPTask async = new SetExternalIPTask();
  548. async.execute(new String[] { "http://ip2country.sourceforge.net/ip2c.php?format=JSON" });
  549. }
  550. }