Navigation

← Previous Changeset
Next Changeset →

Changeset 1407

Timestamp:

10/07/07 21:28:52 (1 year ago)

Author:

till

Message:

honeytrap
- fancy, more intelligent configure script
- basic pop3 default response

Files:

honeytrap/trunk/configure.in (modified) (18 diffs)
honeytrap/trunk/etc/responses/110_tcp (added)
honeytrap/trunk/src/modules/htm_cspm/sc_shellcode.c (modified) (1 diff)
honeytrap/trunk/src/sock.c (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

honeytrap/trunk/configure.in

r1387	r1407
10	10	[ --enable-64bit-gcc try to compile 64bit (only tested on Sparc Solaris 9).],
11	11	[ CFLAGS="-O0 -g" CC="gcc -m64"; export CFLAGS CC ],)
	12
12	13	# Disable annoying practice of recursively re-running the autotools
13	14	AM_MAINTAINER_MODE
…	…
18	19	AC_PROG_LD(gnu-ld)
19	20	AC_PROG_LIBTOOL
20		if test -n "$GCC"; then
	21
	22
	23	## prepare fancy console output, taken from GNU shtools
	24	# determine terminal bold sequence
	25	term_bold=''
	26	term_norm=''
	27	case $TERM in
	28	# for the most important terminal types we directly know the sequences
	29	xterm\|xterm\|vt220\|vt220)
	30	term_bold=`awk 'BEGIN { printf("%c%c%c%c", 27, 91, 49, 109); }' </dev/null 2>/dev/null`
	31	term_norm=`awk 'BEGIN { printf("%c%c%c", 27, 91, 109); }' </dev/null 2>/dev/null`
	32	;;
	33	vt100\|vt100*\|cygwin)
	34	term_bold=`awk 'BEGIN { printf("%c%c%c%c%c%c", 27, 91, 49, 109, 0, 0); }' </dev/null 2>/dev/null`
	35	term_norm=`awk 'BEGIN { printf("%c%c%c%c%c", 27, 91, 109, 0, 0); }' </dev/null 2>/dev/null`
	36	;;
	37	# for all others, we try to use a possibly existing `tput' or `tcout' utility
	38	* )
	39	paths=`echo $PATH \| sed -e 's/:/ /g'`
	40	for tool in tput tcout; do
	41	for dir in $paths; do
	42	if [ -r "$dir/$tool" ]; then
	43	for seq in bold md smso; do # 'smso' is last
	44	bold="`$dir/$tool $seq 2>/dev/null`"
	45	if [ ".$bold" != . ]; then
	46	term_bold="$bold"
	47	break
	48	fi
	49	done
	50	if [ ".$term_bold" != . ]; then
	51	for seq in sgr0 me rmso init reset; do # 'reset' is last
	52	norm="`$dir/$tool $seq 2>/dev/null`"
	53	if [ ".$norm" != . ]; then
	54	term_norm="$norm"
	55	break
	56	fi
	57	done
	58	fi
	59	break
	60	fi
	61	done
	62	if [ ".$term_bold" != . ] && [ ".$term_norm" != . ]; then
	63	break;
	64	fi
	65	done
	66	;;
	67	esac
	68
	69	bold () {
	70	text=`echo $seo "$1" \| sed -e "s/%B/${term_bold}/g" -e "s/%b/${term_norm}/g" 2>/dev/null`
	71	echo $seo "$text"
	72	}
	73
	74
	75	if test -n "$GCC"; then
21	76	CFLAGS="$CFLAGS -Wall"
22		fi
	77	fi
23	78
24	79	AC_ARG_ENABLE(debug,
…	…
205	260	fi
206	261
	262
207	263	#----------------------- network stream monitors ---------------------------
208
209		AC_ARG_WITH(pcap-mon,
210		[ --with-pcap-mon Use libpcap to catch connection requests])
211		AM_CONDITIONAL(PCAP_MON, test x$with_pcap_mon = xyes)
212		if test "$with_pcap_mon" = "yes"; then
213		with_pcap_mon="X"
214		AC_ARG_WITH(libpcap_includes,
215		[ --with-libpcap-includes=DIR libpcap include directory],
216		[with_libpcap_includes="$withval"],[with_libpcap_includes=no])
217
218		AC_ARG_WITH(libpcap_libraries,
219		[ --with-libpcap-libraries=DIR libpcap library directory],
220		[with_libpcap_libraries="$withval"],[with_libpcap_libraries=no])
221
222		if test "$with_libpcap_includes" != "no"; then
223		CPPFLAGS="${CPPFLAGS} -I${with_libpcap_includes}"
224		fi
225		AC_CHECK_HEADER(pcap.h,,[AC_ERROR(pcap.h not found.)])
226
227		if test "$with_libpcap_libraries" != "no"; then
228		LDFLAGS="${LDFLAGS} -L${with_libpcap_libraries}"
229		fi
230		LPCAP=""
231		AC_CHECK_LIB(pcap, pcap_datalink,, LPCAP="no")
232
233		if test "$LPCAP" = "no"; then
234		echo
235		echo " ERROR! Libpcap library/headers not found, go get it from http://www.tcpdump.org"
236		echo " or use the --with-libpcap-* options, if you have it installed in unusual place."
237		echo
238		exit 1
239		fi
240
241		AC_DEFINE([USE_PCAP_MON], [], [Define if pcap connection monitor is used])
242		else with_pcap_mon=" "
243		fi
244
245		AC_ARG_WITH(ipq-mon,
246		[ --with-ipq-mon Use libipq to catch connection requests])
247		AM_CONDITIONAL(IPQ_MON, test x$with_ipq_mon = xyes)
248		if test "$with_ipq_mon" = "yes"; then
249		with_ipq_mon="X"
250		AC_ARG_WITH(libipq_includes,
251		[ --with-libipq-includes=DIR libipq include directory],
252		[with_libipq_includes="$withval"],[with_libipq_includes=no])
253
254		AC_ARG_WITH(libipq_libraries,
255		[ --with-libipq-libraries=DIR libipq library directory],
256		[with_libipq_libraries="$withval"],[with_libipq_libraries=no])
257
258		if test "$with_libipq_includes" != "no"; then
259		CPPFLAGS="${CPPFLAGS} -I${with_libipq_includes}"
260		fi
261		AC_CHECK_HEADER(libipq.h,,[AC_ERROR(libipq.h not found.)])
262
263		if test "$with_libipq_libraries" != "no"; then
264		LDFLAGS="${LDFLAGS} -L${with_libipq_libraries}"
265		fi
266		LIPQ=""
267		AC_CHECK_LIB(ipq, ipq_set_mode,, LIPQ="no")
268
269		if test "$LIPQ" = "no"; then
270		echo
271		echo " ERROR! Libipq library/headers not found, go get it from http://www.netfilter.org"
272		echo " or use the --with-libipq-* options, if you have it installed in unusual place."
273		echo
274		exit
275		fi
276
277		AC_DEFINE([USE_IPQ_MON], [], [Define if ip_queue connection monitor is used])
278		else with_ipq_mon="no"
279		fi
280
281		AC_ARG_WITH(nfq-mon,
282		[ --with-nfq-mon Use nfqueue to catch connection requests])
283		AM_CONDITIONAL(NFQ_MON, test x$with_nfq_mon = xyes)
284		if test "$with_nfq_mon" = "yes"; then
285		with_nfq_mon="X"
286		AC_ARG_WITH(libnetfilter_queue_includes,
287		[ --with-libnetfilter_queue-includes=DIR libnetfilter_queue include directory],
288		[with_libnetfilter_queue_includes="$withval"],[with_libnetfilter_queue_includes=no])
289
290		AC_ARG_WITH(libnetfilter_queue_libraries,
291		[ --with-libnetfilter_queue-libraries=DIR libnetfilter_queue library directory],
292		[with_libnetfilter_queue_libraries="$withval"],[with_libnetfilter_queue_libraries=no])
293
294		if test "$with_libnetfilter_queue_includes" != "no"; then
295		CPPFLAGS="${CPPFLAGS} -I${with_libnetfilter_queue_includes}"
296		fi
297		AC_CHECK_HEADER(libnetfilter_queue/libnetfilter_queue.h,,[AC_ERROR(libnetfilter_queue.h not found.)])
298
299		if test "$with_libnetfilter_queue_libraries" != "no"; then
300		LDFLAGS="${LDFLAGS} -L${with_libnetfilter_queue_libraries}"
301		fi
302		LNFQ=""
303		AC_CHECK_LIB(netfilter_queue, nfq_open,, LNFQ="no")
304
305		if test "$LNFQ" = "no"; then
306		echo
307		echo " ERROR! Libnetfilter_queue library/headers not found, go get it from http://www.netfilter.org"
308		echo " or use the --with-libnetfilter_queue-* options, if you have it installed in unusual place."
309		echo
310		exit
311		fi
312		AC_DEFINE([USE_NFQ_MON], [], [Define if netfilter_queue connection monitor is used])
313		else with_nfq_mon="no"
314		fi
315
316		AC_ARG_WITH(ipfw-mon,
317		[ --with-ipfw-mon Use ipfw to catch connection requests])
318		AM_CONDITIONAL(IPFW_MON, test x$with_ipfw_mon = xyes)
319		if test "$with_ipfw_mon" = "yes"; then
320		with_ipfw_mon="X"
321		echo "ipfw connection monitor is currently not supported."
322		exit 1
323		AC_DEFINE([USE_IPFW_MON], [], [Define if ipfw connection monitor is used])
324		else with_ipfw_mon="no"
325		fi
	264	AC_ARG_WITH(stream_mon,
	265	[ --with-stream-mon=TYPE network stream monitor],
	266	[with_stream_mon="$withval"], [with_stream_mon=""])
	267
	268	AM_CONDITIONAL(PCAP_MON, test x$with_stream_mon = xpcap)
	269	AM_CONDITIONAL(NFQ_MON, test x$with_stream_mon = xnfq)
	270	AM_CONDITIONAL(IPQ_MON, test x$with_stream_mon = xipq)
	271
	272	pcap_mon=" "
	273	ipq_mon=" "
	274	nfq_mon=" "
	275	case "x$with_stream_mon" in
	276	"xpcap")
	277	with_pcap_mon="X"
	278	AC_ARG_WITH(libpcap_includes,
	279	[ --with-libpcap-includes=DIR libpcap include directory],
	280	[with_libpcap_includes="$withval"],[with_libpcap_includes=no])
	281
	282	AC_ARG_WITH(libpcap_libraries,
	283	[ --with-libpcap-libraries=DIR libpcap library directory],
	284	[with_libpcap_libraries="$withval"],[with_libpcap_libraries=no])
	285
	286	if test "$with_libpcap_includes" != "no"; then
	287	CPPFLAGS="${CPPFLAGS} -I${with_libpcap_includes}"
	288	fi
	289	HPCAP=""
	290	AC_CHECK_HEADER(pcap.h,, HPCAP="no")
	291	if test "$HPCAP" = "no"; then
	292	echo
	293	bold " %BError%b - libpcap headers not found. Install them or use the following options:"
	294	echo
	295	echo " --with-libpcap-includes=location of libpcap header files"
	296	echo
	297	exit 1
	298	fi
	299
	300	if test "$with_libpcap_libraries" != "no"; then
	301	LDFLAGS="${LDFLAGS} -L${with_libpcap_libraries}"
	302	fi
	303	LPCAP=""
	304	AC_CHECK_LIB(pcap, pcap_datalink,, LPCAP="no")
	305	if test "$LPCAP" = "no"; then
	306	echo
	307	bold " %BError%b - libpcap library not found. Install it or use the following options:"
	308	echo
	309	echo " --with-libpcap-library=location of libpcap shared library files"
	310	echo
	311	exit 1
	312	fi
	313
	314	AC_DEFINE([USE_PCAP_MON], [], [Define if pcap connection monitor is used])
	315	;;
	316	"xnfq")
	317	with_nfq_mon="X"
	318	AC_ARG_WITH(libnetfilter_queue_includes,
	319	[ --with-libnfq-includes=DIR libnetfilter_queue include directory],
	320	[with_libnetfilter_queue_includes="$withval"],[with_libnetfilter_queue_includes=no])
	321
	322	AC_ARG_WITH(libnetfilter_queue_libraries,
	323	[ --with-libnfq-libraries=DIR libnetfilter_queue library directory],
	324	[with_libnetfilter_queue_libraries="$withval"],[with_libnetfilter_queue_libraries=no])
	325
	326	if test "$with_libnetfilter_queue_includes" != "no"; then
	327	CPPFLAGS="${CPPFLAGS} -I${with_libnetfilter_queue_includes}"
	328	fi
	329	HNFQ=""
	330	AC_CHECK_HEADER(libnetfilter_queue/libnetfilter_queue.h,, HNFQ="no")
	331	if test "$HNFQ" = "no"; then
	332	echo
	333	bold " %BError%b - libnetfilter_queue headers not found. Install them or use the following options:"
	334	echo
	335	echo " --with-libnfq-includes=location of libnetfilter_queue header files"
	336	echo
	337	exit
	338	fi
	339
	340	if test "$with_libnetfilter_queue_libraries" != "no"; then
	341	LDFLAGS="${LDFLAGS} -L${with_libnetfilter_queue_libraries}"
	342	fi
	343	LNFQ=""
	344	AC_CHECK_LIB(netfilter_queue, nfq_open,, LNFQ="no")
	345	if test "$LNFQ" = "no"; then
	346	echo
	347	bold " %BError%b - libnetfilter_queue library not found. Install it or use the following options:"
	348	echo
	349	echo " --with-libnfq-library=location of libnetfilter_queue shared library files"
	350	echo
	351	exit
	352	fi
	353
	354	AC_DEFINE([USE_NFQ_MON], [], [Define if netfilter_queue connection monitor is used])
	355	;;
	356	"xipq")
	357	with_ipq_mon="X"
	358	AC_ARG_WITH(libipq_includes,
	359	[ --with-libipq-includes=DIR libipq include directory],
	360	[with_libipq_includes="$withval"],[with_libipq_includes=no])
	361
	362	AC_ARG_WITH(libipq_libraries,
	363	[ --with-libipq-libraries=DIR libipq library directory],
	364	[with_libipq_libraries="$withval"],[with_libipq_libraries=no])
	365
	366	if test "$with_libipq_includes" != "no"; then
	367	CPPFLAGS="${CPPFLAGS} -I${with_libipq_includes}"
	368	fi
	369	AC_CHECK_HEADER(libipq.h,, HIPQ="no")
	370	if test "$HIPQ" = "no"; then
	371	echo
	372	bold " %BError%b - libipq headers not found. Install them or use the following options:"
	373	echo
	374	echo " --with-libipq-includes=location of libipq header files"
	375	echo
	376	exit
	377	fi
	378
	379	if test "$with_libipq_libraries" != "no"; then
	380	LDFLAGS="${LDFLAGS} -L${with_libipq_libraries}"
	381	fi
	382	LIPQ=""
	383	AC_CHECK_LIB(ipq, ipq_set_mode,, LIPQ="no")
	384	if test "$LIPQ" = "no"; then
	385	echo
	386	bold " %BError%b - libipq library not found. Install it or use the following options:"
	387	echo
	388	echo " --with-libipq-library=location of libipq shared library files"
	389	echo
	390	exit
	391	fi
	392
	393	AC_DEFINE([USE_IPQ_MON], [], [Define if ip_queue connection monitor is used])
	394	;;
	395	"xipfw")
	396	echo
	397	echo "The ipfw monitor is currently not implemented."
	398	echo "Please choose a different stream monitor."
	399	exit 1
	400	;;
	401	*)
	402	echo
	403	bold " %BError%b - No connection monitor selected. Please reconfigure with one of the following:"
	404	echo
	405	echo " --with-stream-mon=nfq receive packets via netfilter's NFQUEUE target (Linux only, recommended)"
	406	echo " --with-stream-mon=ipq receive packets via netfilter's QUEUE target (Linux only)"
	407	echo " --with-stream-mon=pcap receive packets using a built-in pcap sniffer"
	408	echo
	409	exit 1
	410	esac
	411
	412
326	413
327	414
328	415	#----------------------- optional plugins ---------------------------
329	416
	417	AC_ARG_WITH(spamsum,
	418	[ --with-spamsum perform SpamSum similarity analysis for recorded attacks])
	419	AM_CONDITIONAL(BUILD_SPAMSUM_PLUGIN, test x$with_spamsum = xyes)
	420	if test "$with_spamsum" = "yes"; then
	421	with_spamsum="X"
	422	else
	423	with_spamsum=" "
	424	fi
	425
	426
330	427	AC_ARG_WITH(clamav,
331		[ --with-clamav Scan downloaded samples with ClamAV antivirus engine])
	428	[ --with-clamav scan downloaded samples with ClamAV antivirus engine],
	429	[with_clamav="$withval"], [with_clamav=""])
332	430	AM_CONDITIONAL(BUILD_CLAMAV_PLUGIN, test x$with_clamav = xyes)
333	431	if test "$with_clamav" = "yes"; then
334	432	with_clamav="X"
335	433	AC_ARG_WITH(libclamav_includes,
336		[ --with-libclamav-includes=DIR libclamav include directory],
	434	[ --with-libclamav-includes=DIR libclamav include directory],
337	435	[with_libclamav_includes="$withval"],[with_libclamav_includes=no])
338	436
…	…
344	442	CPPFLAGS="${CPPFLAGS} -I${with_libclamav_includes}"
345	443	fi
346		AC_CHECK_HEADER(clamav.h,,[AC_ERROR(clamav.h not found.)])
	444	HCLAMAV="yes"
	445	AC_CHECK_HEADER(clamav.h,, HCLAMAV="no")
	446	if test "$HCLAMAV" = "no"; then
	447	echo
	448	bold " %BError%b - libclamav headers not found. Install them or use the following options:"
	449	echo
	450	bold " %B--with-libclamav-includes%b=location of libclamav header files"
	451	echo
	452	exit
	453	fi
347	454
348	455	if test "$with_libclamav_libraries" != "no"; then
…	…
351	458	LCLAMAV="yes"
352	459	AC_CHECK_LIB(clamav, cl_load,, LCLAMAV="no")
353
354	460	if test "$LCLAMAV" = "no"; then
355	461	echo
356		echo " ERROR! Libclamav library/headers not found. Install it or use the"
357		echo " --with-libclamav-* options, if you have it installed in unusual place."
	462	bold " %BError%b - libclamav library not found. Install it or use the following options:"
	463	echo
	464	bold " %B--with-libclamav-library%b=location of libclamav shared library files"
358	465	echo
359	466	exit
…	…
365	472
366	473	AC_ARG_WITH(cpuemu,
367		[ --with-cpuemu Perform shellcode analysis in x86 CPU emulation])
	474	[ --with-cpuemu perform shellcode analysis in x86 CPU emulation])
368	475	AM_CONDITIONAL(BUILD_CPUEMU_PLUGIN, test x$with_cpuemu = xyes)
369	476	if test "$with_cpuemu" = "yes"; then
370	477	with_cpuemu="X"
371	478	AC_ARG_WITH(libemu_includes,
372		[ --with-libemu-includes=DIR libemu include directory],
	479	[ --with-libemu-includes=DIR libemu include directory],
373	480	[with_libemu_includes="$withval"],[with_libemu_includes=no])
374	481
375	482	AC_ARG_WITH(libemu_libraries,
376		[ --with-libemu-libraries=DIR libemu library directory],
	483	[ --with-libemu-libraries=DIR libemu library directory],
377	484	[with_libemu_libraries="$withval"],[with_libemu_libraries=no])
378	485
…	…
380	487	CPPFLAGS="${CPPFLAGS} -I${with_libemu_includes}"
381	488	fi
382		AC_CHECK_HEADER(emu/emu.h,,[AC_ERROR(emu.h not found.)])
	489	HEMU="yes"
	490	AC_CHECK_HEADER(emu/emu.h,, HEMU="no")
	491	if test "$HEMU" = "no"; then
	492	bold " %BError%b - libemu headers not found. Install them or use the following options:"
	493	echo
	494	bold " %B--with-libemu-includes%b=location of libemu header files"
	495	echo
	496	exit
	497	fi
383	498
384	499	if test "$with_libemu_libraries" != "no"; then
…	…
386	501	fi
387	502	LEMU="yes"
388		# AC_CHECK_LIB(emu, emu_getpc_check,, LEMU="no")
389
	503	AC_CHECK_LIB(emu, emu_getpc_check,, LEMU="no")
390	504	if test "$LEMU" = "no"; then
391		~~echo~~
392		echo ~~" ERROR! Libemu library/headers not found. Install it or use the"~~
393		~~echo " --with-libemu-* options, if you have it installed in unusual place.~~"
	505	bold " %BError%b - libemu library not found. Install it or use the following options:"
	506	echo
	507	bold " %B--with-libemu-library%b=location of libemu shared library files"
394	508	echo
395	509	exit
…	…
402	516
403	517
404		~~AC_ARG_WITH(spamsum,~~
405		~~[ --with-spamsum Perform SpamSum similarity analysis for recorded attacks])~~
406		~~AM_CONDITIONAL(BUILD_SPAMSUM_PLUGIN, test x$with_spamsum = xyes)~~
407		~~if test "$with_spamsum" = "yes"; then~~
408		~~with_spamsum="X"~~
409		~~else~~
410		~~with_spamsum=" "~~
411		fi
412
413
414
415	518	AC_ARG_WITH(submit-mwserv,
416		[ --with-submit-mwserv Submit malware samples to a central server])
	519	[ --with-submit-mwserv submit malware samples to a central server])
417	520	AM_CONDITIONAL(BUILD_SUBMIT_MWSERV_PLUGIN, test x$with_submit_mwserv = xyes)
418	521	if test "$with_submit_mwserv" = "yes"; then
…	…
423	526
424	527	AC_ARG_WITH(libcurl_includes,
425		[ --with-libcurl-includes=DIR libcurl include directory],
	528	[ --with-libcurl-includes=DIR libcurl include directory],
426	529	[with_libcurl_includes="$withval"],[with_libcurl_includes=no])
427	530
428	531	AC_ARG_WITH(libcurl_libraries,
429		[ --with-libcurl-libraries=DIR libcurl library directory],
	532	[ --with-libcurl-libraries=DIR libcurl library directory],
430	533	[with_libcurl_libraries="$withval"],[with_libcurl_libraries=no])
431	534
…	…
433	536	CPPFLAGS="${CPPFLAGS} -I${with_libcurl_includes}"
434	537	fi
435		AC_CHECK_HEADER(curl.h,,[AC_ERROR(curl.h not found.)])
436
	538	HCURL="yes"
	539	AC_CHECK_HEADER(curl.h,, HCURL="no")
	540	if test "$HCURL" = "no"; then
	541	bold " %BError%b - libcurl headers not found. Install them or use the following options:"
	542	echo
	543	bold " %B--with-libcurl-includes%b=location of libcurl header files"
	544	echo
	545	exit
	546	fi
	547
	548	LCURL="yes"
437	549	AC_CHECK_LIB(curl, curl_version, LCURL="yes", LCURL="no")
438	550	if test "$LCURL" = "no"; then
439		~~echo~~
440		echo ~~" ERROR! Libcurl library/headers not found. Install it or use the"~~
441		~~echo " --with-libcurl-* options, if you have it installed in unusual place.~~"
	551	bold " %BError%b - libcurl library not found. Install it or use the following options:"
	552	echo
	553	bold " %B--with-libcurl-library%b=location of libcurl shared library files"
442	554	echo
443	555	exit
444	556	fi
	557
445	558	if test "x$libcurl" = xno ; then
446	559	AC_MSG_CHECKING([checking for curl with SSL])
447	560	LIBS="$LIBS -lcurl -L/usr/local/ssl/lib -lssl -lcrypto"
448		AC_TRY_LINK([#include <curl/curl.h>], [curl_version();], libcurl=yes,
449		libcurl=no)
	561	AC_TRY_LINK([#include <curl/curl.h>], [curl_version();], libcurl=yes, libcurl=no)
450	562	if test "x$libcurl" = xno ; then
451	563	AC_MSG_RESULT(no)
…	…
462	574
463	575	AC_ARG_WITH(cspm,
464		[ --with-cspm Perform shellcode pattern matching])
	576	[ --with-cspm perform shellcode pattern matching])
465	577	AM_CONDITIONAL(BUILD_CSPM_PLUGIN, test x$with_cspm = xyes)
466	578	if test "$with_cspm" = "yes"; then
	579	AC_ARG_WITH(libpcre_includes,
	580	[ --with-libpcre-includes=DIR libpcre include directory],
	581	[with_libpcre_includes="$withval"],[with_libpcre_includes=no])
	582
	583	AC_ARG_WITH(libpcre_libraries,
	584	[ --with-libpcre-libraries=DIR libpcre library directory],
	585	[with_libpcre_libraries="$withval"],[with_libpcre_libraries=no])
	586
	587	if test "$with_libpcre_includes" != "no"; then
	588	CPPFLAGS="${CPPFLAGS} -I${with_libpcre_includes}"
	589	fi
	590	HPCRE="yes"
	591	AC_CHECK_HEADER(pcre.h,, HPCRE="no")
	592	if test "$HPCRE" = "no"; then
	593	echo
	594	bold " %BError%b - libpcre headers not found. Install them or use the following options:"
	595	echo
	596	bold " %B--with-libpcre-includes%b=location of libpcre header files"
	597	echo
	598	exit
	599	fi
	600
	601	if test "$with_libpcre_libraries" != "no"; then
	602	LDFLAGS="${LDFLAGS} -L${with_libpcre_libraries}"
	603	fi
	604	LPCRE=""
	605	AC_CHECK_LIB(pcre, pcre_compile,, LPCRE="no")
	606	if test "$LPCRE" = "no"; then
	607	echo
	608	bold " %BError%b - libpcre library not found. Install it or use the following options:"
	609	echo
	610	bold " %B--with-libpcre-library%b=location of libpcre shared library files"
	611	echo
	612	exit
	613	fi
467	614	with_cspm="X"
468	615	else
…	…
473	620
474	621	AC_ARG_WITH(postgres,
475		[ --with-postgres Store attack data in PostgreSQL database])
	622	[ --with-postgres store attack data in PostgreSQL database])
476	623	AM_CONDITIONAL(BUILD_POSTGRES_PLUGIN, test x$with_postgres = xyes)
477	624	if test "$with_postgres" = "yes"; then
478	625	with_postgres="X"
479	626	AC_ARG_WITH(libpq_includes,
480		[ --with-libpq-includes=DIR libpq include directory],
	627	[ --with-libpq-includes=DIR libpq include directory],
481	628	[with_libpq_includes="$withval"],[with_libpq_includes=no])
482	629
483	630	AC_ARG_WITH(libpq_libraries,
484		[ --with-libpq-libraries=DIR libpq library directory],
	631	[ --with-libpq-libraries=DIR libpq library directory],
485	632	[with_libpq_libraries="$withval"],[with_libpq_libraries=no])
486	633
…	…
488	635	CPPFLAGS="${CPPFLAGS} -I${with_libpq_includes}"
489	636	fi
490		AC_CHECK_HEADER(libpq-fe.h,,[AC_ERROR(libpq-fe.h not found.)])
	637	HPQ="yes"
	638	AC_CHECK_HEADER(libpq-fe.h,, HPQ="no")
	639	if test "$HPQ" = "no"; then
	640	echo
	641	bold " %BError%b - libpq headers not found. Install them or use the following options:"
	642	echo
	643	bold " %B--with-libpq-includes%b=location of libpq header files"
	644	echo
	645	exit
	646	fi
491	647
492	648	if test "$with_libpq_libraries" != "no"; then
493	649	LDFLAGS="${LDFLAGS} -L${with_libpq_libraries}"
494	650	fi
495		LPQ=""
	651	LPQ="yes"
496	652	AC_CHECK_LIB(pq, PQconnectdb,, LPQ="no")
497
498	653	if test "$LPQ" = "no"; then
499	654	echo
500		echo " ERROR! Libpq library/headers not found. Install it or use the"
501		echo " --with-libpq-* options, if you have it installed in unusual place."
	655	bold " %BError%b - libpq library not found. Install it or use the following options:"
	656	echo
	657	bold " %B--with-libpq-library%b=location of libpq shared library files"
502	658	echo
503	659	exit
…	…
523	679	if test "$DLCLIB" = "no"; then
524	680	echo
525		~~echo " ERROR! programmatic interface to dynamic link loader~~"
526		echo " ~~not found.~~ Cannot use dynamic plugin libraries."
	681	bold " %BError%b - Programmatic interface to dynamic link loader not found."
	682	echo " Cannot use dynamic plugin libraries."
527	683	echo
528	684	exit 1
…	…
548	704
549	705	# Check for electric fence malloc debugger
550		AC_ARG_WITH(efence, [ --with-efence link with electric fence ])
	706	AC_ARG_WITH(efence, [ --with-efence link with electric fence ])
551	707	if test "$with_efence" = "yes"
552	708	then
553	709	with_efence="X"
554		AC_CHECK_LIB(efence, EF_ALIGNMENT, LIBS="${LIBS} -lefence", AC_MSG_ERROR(libefence not found))
	710	LEFENCE="yes"
	711	AC_CHECK_LIB(efence, EF_ALIGNMENT, LIBS="${LIBS} -lefence", LEFENCE="no")
	712	if test "$LEFENCE" = "no"; then
	713	echo
	714	bold " %BError%b - Electric fence libraries not found."
	715	bold " Install them and re-run configure with %B--with-efence%b."
	716	echo
	717	exit 1
	718	fi
555	719	else
556	720	with_efence=" "
…	…
567	731	AC_SUBST(INCLUDES)
568	732
569		~~if test $with_ipq_mon != "X" -a $with_nfq_mon != "X" -a $with_ipfw_mon != "X" -a $with_pcap_mon != "X"; then~~
570		~~echo~~
571		~~echo " ERROR! No connection monitor selected. Please reconfigure with --with-pcap-mon, --with-nfq-mon or --with-ipq-mon."~~
572		~~echo~~
573		~~exit 1~~
574		fi
575	733
576	734	if test "$with_ipq_mon" != "X"; then with_ipq_mon=" "; fi
…	…
591	749
592	750	echo
593		echo "--- honeytrap configuration ---"
594		echo "General options"
595		echo -e " ($enable_debug) Debugging"
596		echo -e " ($enable_profile) Profiling"
597		echo -e " ($with_efence) Electric Fence"
	751	bold " ----- %Bhoneytrap configuration%b -----"
598	752	echo
599		echo "Connection monitor"
600		echo -e " ($with_ipq_mon) Linux ip_queue (ipq)"
601		echo -e " ($with_ipfw_mon) FreeBSD ipfw (ipfw)"
602		echo -e " ($with_nfq_mon) Linux libnetfilter_queue (nfq)"
603		echo -e " ($with_pcap_mon) Libpcap (pcap)"
	753	echo " General options"
	754	bold " (%B$enable_debug%b) Debugging"
	755	bold " (%B$enable_profile%b) Profiling"
	756	bold " (%B$with_efence%b) Electric Fence"
604	757	echo
605		echo "Optional plugins"
606		echo -e " ($with_clamav) ClamAV"
607		echo -e " ($with_cpuemu) cpuEmu"
608		echo -e " ($with_postgres) PostgeSQL"
609		echo -e " ($with_spamsum) SpamSum"
610		echo -e " ($with_cspm) CSPM"
611		echo -e " ($with_submit_mwserv) submitMwserv"
	758	echo " Connection monitor"
	759	bold " (%B$with_ipq_mon%b) Linux ip_queue (ipq)"
	760	bold " (%B$with_ipfw_mon%b) FreeBSD ipfw (ipfw)"
	761	bold " (%B$with_nfq_mon%b) Linux libnetfilter_queue (nfq)"
	762	bold " (%B$with_pcap_mon%b) Libpcap (pcap)"
	763	echo
	764	echo " Optional plugins"
	765	bold " (%B$with_clamav%b) ClamAV"
	766	bold " (%B$with_cpuemu%b) cpuEmu"
	767	bold " (%B$with_postgres%b) PostgeSQL"
	768	bold " (%B$with_spamsum%b) SpamSum"
	769	bold " (%B$with_cspm%b) CSPM"
	770	bold " (%B$with_submit_mwserv%b) submitMwserv"

honeytrap/trunk/src/modules/htm_cspm/sc_shellcode.c

r1387	r1407
325	325	if ( (matchCount = pcre_exec(sc->compiled_pattern, 0, (char ) shellcode, len, 0, 0, (int )ovec, sizeof(ovec)/sizeof(int32_t))) > 0 ) {
326	326	if ( (matchCount = pcre_exec(sc->compiled_pattern, 0, (char ) shellcode, len, 0, 0, (int )ovec, sizeof(ovec)/sizeof(int32_t))) > 0 ) {
327		logmsg(LOG_NOISY, 1, "CSPM - Shellcode matches pattern '%s' (2).\n", sc->name);
	327	logmsg(LOG_NOISY, 1, "CSPM - Shellcode matches pattern '%s' (2).\n", sc->name);
328	328	int32_t i;
329	329	for ( i=0; i < sc->map_items; i++ ) {

honeytrap/trunk/src/sock.c

r1387	r1407
62	62	if ((bind(fd, (struct sockaddr *) server_addr, sizeof(struct sockaddr_in))) < 0) {
63	63	/* we already got one server process */
64		logmsg(LOG_DEBUG, 1, "Unable to bind to port %~~s: %m.\n", portstr~~);
	64	logmsg(LOG_DEBUG, 1, "Unable to bind to port %u/tcp: %m.\n", port);
65	65	#ifdef USE_IPQ_MON
66	66	/* hand packet processing back to the kernel */
…	…
91	91	/* if bind() did not fail for 'port already in use' but for some other reason,
92	92	* we're in troubles and want a verbose error message */
93		if (errno != 98) logmsg(LOG_NOISY, 1, "Warning - Could not bind to port %~~s: %m.\n", portstr~~);
	93	if (errno != 98) logmsg(LOG_NOISY, 1, "Warning - Could not bind to port %u/tcp: %m.\n", port);
94	94	exit(EXIT_FAILURE);
95	95	#endif

Navigation

Changeset 1407

Legend:

honeytrap/trunk/configure.in

honeytrap/trunk/src/modules/htm_cspm/sc_shellcode.c

honeytrap/trunk/src/sock.c

Download in other formats: