Honeypot - Dionaea をインストール ( CentOS 6.3 )
今日はHoneypotのDionaeaをインストールしましょう \(^o^)/
一応ページにはやり方載ってるけど、いろいろ苦戦したのでメモ ...φ(^ω^*)メモメモ
まずは、git を使うのでgitのインストールから。
$ sudo yum install git
とりあえず、dionaeaを取ってきましょう。
git clone git://git.carnivore.it/dionaea.git dionaea
./configure がない!!
作る必要があるみたいですね(^^)
$ autoreconf -vi
zsh: command not found: autoreconf
$ sudo yum install autoconf
$ autoreconf -vi
autoreconf: Entering directory `.'
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal --output=aclocal.m4t
Can't exec "aclocal": そのようなファイルやディレクトリはありません at /usr/share/autoconf/Autom4te/FileUtils.pm line 326.
autoreconf: failed to run aclocal: そのようなファイルやディレクトリはありません
$ sudo yum install automake
$ autoreconf -vi
autoreconf: Entering directory `.'
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal
autoreconf: configure.ac: tracing
autoreconf: configure.ac: not using Libtool
autoreconf: running: /usr/bin/autoconf
configure.ac:28: error: possibly undefined macro: AC_PROG_LIBTOOL
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
autoreconf: /usr/bin/autoconf failed with exit status: 1
$ autoreconf -vi
autoreconf: Entering directory `.'
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal
(省略)
modules/xmatch/Makefile.am:11: Libtool library used but `LIBTOOL' is undefined
modules/xmatch/Makefile.am:11: The usual way to define `LIBTOOL' is to add `AC_PROG_LIBTOOL'
modules/xmatch/Makefile.am:11: to `configure.ac' and run `aclocal' and `autoconf' again.
modules/xmatch/Makefile.am:11: If `AC_PROG_LIBTOOL' is in `configure.ac', make sure
modules/xmatch/Makefile.am:11: its definition is in aclocal's search path.
autoreconf: automake failed with exit status: 1
$ sudo yum install libtool
$ autoreconf -vi
$ ls
LICENSE README conf config.h.in~ configure depcomp install-sh missing tests
Makefile.am aclocal.m4 config.guess config.log configure.ac doc ltmain.sh modules
Makefile.in autom4te.cache config.h.in config.sub debian include m4 src初期状態だといろいろないみたいで、苦労しました(^^ゞ
autoreconf -> yum install autoconf
aclocal -> yum install automake
Libtool library used but `LIBTOOL' is undefined -> yum install libtool
これで ./configure ができますね +:。ヾ(o・ω・)ノ゜.+
早速やってみましょう!!
$ ./configure checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p (省略) checking pkg-config is at least version 0.9.0... yes checking for glib... configure: error: Package requirements (glib-2.0) were not met: No package 'glib-2.0' found Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively, you may set the environment variables glib_CFLAGS and glib_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details. $ sudo yum -y install glib2-devel $ ./configure (省略) checking for gmodule... yes checking for --enable-python... no checking for --with-python... no checking for python3.2... no configure: error: Python Executable not found
Python3.2 をインストールしましょう。
$ wget http://www.python.org/ftp/python/3.2/Python-3.2.tar.bz2 $ tar -jxf Python-3.2.tar.bz2 $ cd Python-3.2/ $ ./configure $ make $ sudo make install
Python インストール完了v( ̄Д ̄)v イエイ
$ ./configure (省略) checking lcfg/lcfg.h usability... no checking lcfg/lcfg.h presence... no checking for lcfg/lcfg.h... no configure: error: liblcfg is missing - install it please - download from http://liblcfg.carnivore.it
はい。次は liblcfg ですね。これはdionaeaのページにも書かれてます。
$ git clone git://git.carnivore.it/liblcfg.git liblcfg $ cd liblcfg/code $ autoreconf -vi $ ./configure $ make $ sudo make install
では、dionaeaの続きから。
$ ./configure (省略) checking lcfg/lcfg.h usability... no checking lcfg/lcfg.h presence... no checking for lcfg/lcfg.h... no configure: error: liblcfg is missing - install it please - download from http://liblcfg.carnivore.it $ ./configure --with-lcfg-include=/opt/liblcfg/include/ --with-lcfg-lib=/opt/liblcfg/lib/ (省略) checking DEPENDENCY emu... configure: WARNING: no checking DEPENDENCY ev... configure: WARNING: no checking DEPENDENCY curl... configure: WARNING: no checking DEPENDENCY cython... configure: WARNING: no checking DEPENDENCY python... yes checking DEPENDENCY glib... yes checking DEPENDENCY udns... configure: WARNING: no checking DEPENDENCY ssl... configure: WARNING: no checking if all required dependencies are installed properly... configure: error: no - better read the documentation
ただインストールするだけではなく、インストールされた場所も指定する必要があるみたいですね。
-
- with-lcfg-include= :headerファイルの場所を指定。
- with-lcfg-lib= :liblcfgファイルの場所の指定。
順調にここまで来ました( ´ー`)フゥー...
emu,ev,curl,udns,ssl を入れる作業に入ります。
$ git clone git://git.carnivore.it/libemu.git libemu $ cd libemu/ $ autoreconf -vi $ ./configure $ make $ sudo make install (dionaea) $ ./configure --with-lcfg-include=/opt/liblcfg/include/ --with-lcfg-lib=/opt/liblcfg/lib/ --with-emu-include=/opt/libemu/include/ --with-emu-lib=/opt/libemu/lib/ (省略) checking DEPENDENCY emu... yes checking DEPENDENCY ev... configure: WARNING: no checking DEPENDENCY curl... configure: WARNING: no checking DEPENDENCY cython... configure: WARNING: no checking DEPENDENCY python... yes checking DEPENDENCY glib... yes checking DEPENDENCY udns... configure: WARNING: no checking DEPENDENCY ssl... configure: WARNING: no checking if all required dependencies are installed properly... configure: error: no - better read the documentation
emu のパスを追加。
-
- with-emu-include=/opt/libemu/include/
- with-emu-lib=/opt/libemu/lib/
$ wget http://dist.schmorp.de/libev/Attic/libev-4.04.tar.gz $ tar xfz libev-4.04.tar.gz $ cd libev-4.04/ $ ./configure $ make $ sudo make install $ ./configure --with-lcfg-include=/opt/liblcfg/include/ --with-lcfg-lib=/opt/liblcfg/lib/ --with-emu-include=/opt/libemu/include/ --with-emu-lib=/opt/libemu/lib/ --with-ev-lib=/usr/local/lib/ --with-ev-include=/usr/local/include/ (省略) checking DEPENDENCY emu... yes checking DEPENDENCY ev... yes checking DEPENDENCY curl... configure: WARNING: no checking DEPENDENCY cython... configure: WARNING: no checking DEPENDENCY python... yes checking DEPENDENCY glib... yes checking DEPENDENCY udns... configure: WARNING: no checking DEPENDENCY ssl... configure: WARNING: no checking if all required dependencies are installed properly... configure: error: no - better read the documentation
evのパスを追加。
-
- with-ev-lib=/usr/local/lib/
- with-ev-include=/usr/local/include/
$ wget http://curl.haxx.se/download/curl-7.28.1.tar.gz $ tar zxvf curl-7.28.1.tar.gz $ cd curl-7.28.1/ $ ./configure $ make $ sudo make install $ ./configure --with-lcfg-include=/opt/liblcfg/include/ --with-lcfg-lib=/opt/liblcfg/lib/ --with-emu-include=/opt/libemu/include/ --with-emu-lib=/opt/libemu/lib/ --with-ev-lib=/usr/local/lib/ --with-ev-include=/usr/local/include/ --with-curl-config=/usr/local/bin (省略) checking DEPENDENCY emu... yes checking DEPENDENCY ev... yes checking DEPENDENCY curl... yes checking DEPENDENCY cython... configure: WARNING: no checking DEPENDENCY python... yes checking DEPENDENCY glib... yes checking DEPENDENCY udns... configure: WARNING: no checking DEPENDENCY ssl... configure: WARNING: no checking if all required dependencies are installed properly... configure: error: no - better read the documentation
curl のパスの指定。
-
- with-curl-config=/usr/local/bin
$ wget http://cython.org/release/Cython-0.15.tar.gz $ tar xfz Cython-0.15.tar.gz $ cd Cython-0.15/ $ sudo /usr/local/bin/python3.2 setup.py install $ ./configure --with-lcfg-include=/opt/liblcfg/include/ --with-lcfg-lib=/opt/liblcfg/lib/ --with-emu-include=/opt/libemu/include/ --with-emu-lib=/opt/libemu/lib/ --with-ev-lib=/usr/local/lib/ --with-ev-include=/usr/local/include/ --with-curl-config=/usr/local/bin checking DEPENDENCY emu... yes checking DEPENDENCY ev... yes checking DEPENDENCY curl... yes checking DEPENDENCY cython... yes checking DEPENDENCY python... yes checking DEPENDENCY glib... yes checking DEPENDENCY udns... configure: WARNING: no checking DEPENDENCY ssl... configure: WARNING: no checking if all required dependencies are installed properly... configure: error: no - better read the documentation
あと2つですね。。。 (´・ω・`)=з
$ wget http://www.corpit.ru/mjt/udns/old/udns_0.0.9.tar.gz $ tar xfz udns_0.0.9.tar.gz $ cd udns-0.0.9/ $./configure $ make shared $ sudo mkdir /opt/dionaea/ $ sudo mkdir /opt/dionaea/include/ $ sudo mkdir /opt/dionaea/lib/ $ sudo cp udns.h /opt/dionaea/include/ $ sudo cp *.so* /opt/dionaea/lib/ $ cd /opt/dionaea/lib/ $ sudo ln -s libudns.so.0 libudns.so (dionaea) $ ./configure --with-lcfg-include=/opt/liblcfg/include/ --with-lcfg-lib=/opt/liblcfg/lib/ --with-emu-include=/opt/libemu/include/ --with-emu-lib=/opt/libemu/lib/ --with-ev-lib=/usr/local/lib/ --with-ev-include=/usr/local/include/ --with-curl-config=/usr/local/bin --with-udns-include=/opt/dionaea/include/ --with-udns-lib=/opt/dionaea/lib (省略) checking DEPENDENCY emu... yes checking DEPENDENCY ev... yes checking DEPENDENCY curl... yes checking DEPENDENCY cython... yes checking DEPENDENCY python... yes checking DEPENDENCY glib... yes checking DEPENDENCY udns... yes checking DEPENDENCY ssl... configure: WARNING: no checking if all required dependencies are installed properly... configure: error: no - better read the documentation
udns のパスの指定。
-
- with-udns-lib=/usr/local/lib
- with-udns-include=/usr/local/include/
$ cvs -d anonymous@cvs.openssl.org:/openssl-cvs co openssl $ cd openssl $ ./Configure shared --prefix=/opt/dionaea linux-x86_64 $ make SHARED_LDFLAGS=-Wl,-rpath,/opt/dionaea/lib $ sudo make install $ ll /usr/lib64/libssl.so.* -rwxr-xr-x. 1 root root 375352 5月 30 02:20 2012 /usr/lib64/libssl.so.1.0.0 lrwxrwxrwx. 1 root root 15 7月 6 21:49 2012 /usr/lib64/libssl.so.10 -> libssl.so.1.0.0 $ sudo ln -n /usr/lib64/libssl.so.1.0.0 /usr/lib64/libssl.so $ ./configure --with-lcfg-include=/opt/liblcfg/include/ --with-lcfg-lib=/opt/liblcfg/lib/ --with-emu-include=/opt/libemu/include/ --with-emu-lib=/opt/libemu/lib/ --with-ev-lib=/usr/local/lib/ --with-ev-include=/usr/local/include/ --with-curl-config=/usr/local/bin --with-udns-include=/opt/dionaea/include/ --with-udns-lib=/opt/dionaea/lib --with-ssl-include=/opt/dionaea/include/ (省略) - libs : -L/usr/local/lib -lcurl nl : no - cflags : - libs : xmatch : no - cflags : - libs :
sslのパスの指定。
-
- with-ssl-include=/opt/dionaea/include/
sslは最初から入っていたので、libssl.so はlnを使い、リンクファイルを作るだけで大丈夫でした。
$ make make all-recursive make[1]: ディレクトリ `/home/yoshiaki/final/dionaea2' に入ります Making all in src (省略) nc.c:37 から include されたファイル中: ../../include/connection.h:40:28: error: openssl/crypto.h: そのようなファイルやディレクトリはありません ../../include/connection.h:41:25: error: openssl/ssl.h: そのようなファイルやディレクトリはありません ../../include/connection.h:42:25: error: openssl/err.h: そのようなファイルやディレクトリはありません In file included from nc.c:37: ../../include/connection.h:176: error: expected ‘:’, ‘,’, ‘;’, ‘}’ or ‘__attribute__’ before ‘*’ token ../../include/connection.h:192: error: expected ‘:’, ‘,’, ‘;’, ‘}’ or ‘__attribute__’ before ‘*’ token ../../include/connection.h:362: error: expected ‘)’ before ‘*’ token ../../include/connection.h:363: error: expected ‘)’ before ‘*’ token cc1: warnings being treated as errors nc.c: In function ‘nc_new’: nc.c:71: error: implicit declaration of function ‘strcmp’ nc.c:118: error: implicit declaration of function ‘memcmp’ nc.c:118: error: implicit declaration of function ‘strlen’ nc.c:118: error: incompatible implicit declaration of built-in function ‘strlen’ nc.c: In function ‘proto_nc_io_in_http’: nc.c:269: error: incompatible implicit declaration of built-in function ‘strlen’ nc.c:270: error: implicit declaration of function ‘memcpy’ nc.c:270: error: incompatible implicit declaration of built-in function ‘memcpy’ nc.c:274: error: incompatible implicit declaration of built-in function ‘strlen’ make[3]: *** [nc.lo] エラー 1 make[3]: ディレクトリ `/home/yoshiaki/final/dionaea2/modules/nc' から出ます make[2]: *** [all-recursive] エラー 1 make[2]: ディレクトリ `/home/yoshiaki/final/dionaea2/modules' から出ます make[1]: *** [all-recursive] エラー 1 make[1]: ディレクトリ `/home/yoshiaki/final/dionaea2' から出ます
あれ?おかしい。。。あるはずなのに (ー'`ー ; )
ここは力技で行きますか!!
$ sudo cp -rf /opt/dionaea/include/openssl /usr/include/ $ make (省略) gcc -pthread -shared build/temp.linux-x86_64-3.2/binding.o build/temp.linux-x86_64-3.2/module.o build/temp.linux-x86_64-3.2/pyev/pyev.o -ldl -lm -lpthread -lpython3.2m -lutil -o build/lib.linux-x86_64-3.2/dionaea/core.cpython-32m.so -Xlinker -export-dynamic /usr/bin/ld: /usr/local/lib/libpython3.2m.a(abstract.o): relocation R_X86_64_32S against `_PyObject_NextNotImplemented' can not be used when making a shared object; recompile with -fPIC /usr/local/lib/libpython3.2m.a: could not read symbols: Bad value collect2: ld はステータス 1 で終了しました error: command 'gcc' failed with exit status 1 make[3]: *** [binding.c] エラー 1 make[3]: ディレクトリ `/home/yoshiaki/final/dionaea2/modules/python' から出ます make[2]: *** [all-recursive] エラー 1 make[2]: ディレクトリ `/home/yoshiaki/final/dionaea2/modules' から出ます make[1]: *** [all-recursive] エラー 1 make[1]: ディレクトリ `/home/yoshiaki/final/dionaea2' から出ます make: *** [all] エラー 2
Python に -fPIC オプションをつけてコンパイルし直しです。
$ cd Python-3.2/ $ emacs Makefile # === Variables set by configure VERSION= 3.2 srcdir= . CC= gcc -pthread -fPIC CXX= g++ MAINCC= $(CC) LINKCC= $(PURIFY) $(MAINCC) AR= ar $ make clean $ make $ sudo make install
これで最終段階おkです。
$ cd dionaea $ make clean $ make $ sudo make install (省略) /bin/sh /home/yoshiaki/final/dionaea/install-sh -d /opt/dionaea/var/dionaea/wwwroot/ /usr/bin/install -c -m 644 ./conf/dionaea.conf.dist /opt/dionaea/etc/dionaea/dionaea.conf.dist; if [ ! -e /opt/dionaea/etc/dionaea/dionaea.conf ]; then \ /usr/bin/install -c -m 644 ./conf/dionaea.conf.dist /opt/dionaea/etc/dionaea/dionaea.conf; \ fi /bin/sh /home/yoshiaki/final/dionaea/install-sh -d /opt/dionaea/var/log make[2]: ディレクトリ `/home/yoshiaki/final/dionaea' から出ます make[1]: ディレクトリ `/home/yoshiaki/final/dionaea' から出ます
これで dionaea が入りました +:。ヾ(o・ω・)ノ゜.+
ちなみに、、、-fPIC を付けなくてもmakeは通ります。
しかし、make install で以下のエラーがでます。
$ sudo make install (省略) make[5]: ディレクトリ `/home/yoshiaki/final/dionaea/modules/python' から出ます cp build/*/dionaea/*.so /opt/dionaea/lib/dionaea/python.so cp: cannot stat `build/*/dionaea/*.so': そのようなファイルやディレクトリはありません make[4]: *** [install-exec-am] エラー 1 make[4]: ディレクトリ `/home/yoshiaki/final/dionaea/modules/python' から出ます make[3]: *** [install-am] エラー 2 make[3]: ディレクトリ `/home/yoshiaki/final/dionaea/modules/python' から出ます make[2]: *** [install-recursive] エラー 1 make[2]: ディレクトリ `/home/yoshiaki/final/dionaea/modules/python' から出ます make[1]: *** [install-recursive] エラー 1 make[1]: ディレクトリ `/home/yoshiaki/final/dionaea/modules' から出ます make: *** [install-recursive] エラー 1
なので、-fPIC を付けて Python を make し直しましょうね \(^o^)/
さて、入ったのを確認してみましょう。
$ /opt/dionaea/bin/dionaea -help Dionaea Version 0.1.0 Compiled on Linux/x86_64 at Nov 30 2012 18:56:20 with gcc 4.4.6 20120305 (Red Hat 4.4.6-4) Started on localhost.localdomain running Linux/x86_64 release 2.6.32-279.el6.x86_64 Dionaea Version 0.1.0 Compiled on Linux/x86_64 at Nov 30 2012 18:56:20 with gcc 4.4.6 20120305 (Red Hat 4.4.6-4) Started on localhost.localdomain running Linux/x86_64 release 2.6.32-279.el6.x86_64 -c, --config=FILE use FILE as configuration file -D, --daemonize run as daemon -g, --group=GROUP switch to GROUP after startup (use with -u) -h, --help display help -H, --large-help display help with default values -l, --log-levels=WHAT which levels to log, valid values all, debug, info, message, warning, critical, error, combine using ',', exclude with - prefix -L, --log-domains=WHAT which domains use * and ? wildcards, combine using ',', exclude using - -u, --user=USER switch to USER after startup -p, --pid-file=FILE write pid to file -r, --chroot=DIR chroot to DIR after startup, warning: chrooting causes problems with logsql/sqlite -V, --version show version -w, --workingdir=DIR set the process' working dir to DIR examples: # dionaea -l all,-debug -L '*' # dionaea -l all,-debug -L 'con*,py*' # dionaea -u nobody -g nogroup -w /opt/dionaea -p /opt/dionaea/var/run/dionaea.pid
以上。
じゃ起動してみますか!!
/opt/dionaea/bin/dionaea -l all,-debug -L '*'
Dionaea Version 0.1.0
Compiled on Linux/x86_64 at Nov 30 2012 15:12:20 with gcc 4.4.6 20120305 (Red Hat 4.4.6-4)
(省略)
0112012 20:35:10] pcap pcap.c:213: pcap version libpcap version 1.1.1
[30112012 20:35:10] pcap pcap.c:232: Could not open raw listener on device any 'any: You don't have permission to capture on that device (socket: Operation not permitted)'
[30112012 20:35:10] modules modules.c:216: new module /opt/dionaea/lib/dionaea/python.so 0x1ad4330 fn 0x7f3e1e539fe0
Traceback (most recent call last):
File "/opt/dionaea/lib/dionaea/python/dionaea/services.py", line 43, in <module>
from dionaea.smb import smb
File "/opt/dionaea/lib/dionaea/python/dionaea/smb/smb.py", line 41, in <module>
from .include.gssapifields import GSSAPI,SPNEGO, NegTokenTarg
File "/opt/dionaea/lib/dionaea/python/dionaea/smb/include/gssapifields.py", line 166, in <module>
class SPNEGO(ASN1_Packet):
File "/opt/dionaea/lib/dionaea/python/dionaea/smb/include/gssapifields.py", line 168, in SPNEGO
ASN1_root = ASN1F_CHOICE("NegotiationToken", NegTokenInit(), NegTokenTarg, NegTokenInit)
File "/opt/dionaea/lib/dionaea/python/dionaea/smb/include/asn1fields.py", line 356, in __init__
self.choice[int(p.ASN1_root.ASN1_tag)] = p
TypeError: int() argument must be a string or a number, not 'ASN1Tag'
[30112012 20:35:10] python module.c:416: Import failed dionaea.services
zsh: trace trap (core dumped) /opt/dionaea/bin/dionaea -l all,-debug -L '*'エラー発生 /(^o^)\ナンテコッタイ
$ sudo yum -y install sqlite-devel $ cd Python-3.2/ $ ./configure $ emacs Makefile CC= gcc -pthread -fPIC $ make $ sudo make install $ /opt/dionaea/bin/dionaea -l all,-debug -L '*' (省略) [30112012 20:57:03] logsql dionaea/logsql.py:178: Setting RPC ServiceOps [30112012 20:57:03] logsql dionaea/logsql.py:203: ... not required [30112012 20:57:03] logsql dionaea/logsql.py:429: Setting MySQL Command Ops [30112012 20:57:03] dionaea dionaea.c:811: Installing signal handlers [30112012 20:57:03] dionaea dionaea.c:845: Creating 2 threads in pool
動いた٩꒰๑╹ω╹๑ ꒱۶ワーイ
使い方よくわかってないw
今から勉強しますか!!
