From a7ba75b1b6ca4faa392cb3e5655fc784687e02ac Mon Sep 17 00:00:00 2001
From: "Tyler St. Onge" <tylertstonge@gmail.com>
Date: Thu, 5 Nov 2020 15:16:00 -0500
Subject: added discord reporter

---
 .../honeypot/reporter/DiscordReporter.scala        | 43 ++++++++++++++++++++++
 .../honeypot/reporter/LogReporter.scala            | 30 +++++++++++++--
 2 files changed, 69 insertions(+), 4 deletions(-)
 create mode 100644 src/main/scala/com/tylerstonge/honeypot/reporter/DiscordReporter.scala

(limited to 'src/main/scala/com/tylerstonge/honeypot/reporter')

diff --git a/src/main/scala/com/tylerstonge/honeypot/reporter/DiscordReporter.scala b/src/main/scala/com/tylerstonge/honeypot/reporter/DiscordReporter.scala
new file mode 100644
index 0000000..99a4eb7
--- /dev/null
+++ b/src/main/scala/com/tylerstonge/honeypot/reporter/DiscordReporter.scala
@@ -0,0 +1,43 @@
+package com.tylerstonge.honeypot.reporter
+
+import akka.actor.{Actor, Props}
+import akka.event.{Logging, LoggingAdapter}
+import scalaj.http.Http
+import com.tylerstonge.honeypot.messages.{MFoundFile, MFoundPassword, MFoundUsername, MNewConnection}
+
+object DiscordReporter {
+  def props(webhook: String): Props = Props(new DiscordReporter(webhook))
+}
+
+class DiscordReporter(webhook: String) extends Actor {
+
+  val log: LoggingAdapter = Logging(context.system, this)
+
+  context.system.eventStream.subscribe(self, classOf[MNewConnection])
+  context.system.eventStream.subscribe(self, classOf[MFoundUsername])
+  context.system.eventStream.subscribe(self, classOf[MFoundPassword])
+  context.system.eventStream.subscribe(self, classOf[MFoundFile])
+
+  override def postStop(): Unit = {
+    super.postStop()
+  }
+
+  override def receive: Receive = {
+    case msg: MNewConnection =>
+      log.debug(">> DISCORD REPORTER (MNewConnection) >> :: {}", msg.ip)
+      Http(webhook).postData(formatMessage("attacker detected @ " + msg.ip)).header("content-type", "application/json").asString
+    case msg: MFoundUsername =>
+      log.debug(">> DISCORD REPORTER >> (MFoundUsername) :: {}", msg.username)
+      Http(webhook).postData(formatMessage("attacker identified as " + msg.username)).header("content-type", "application/json").asString
+    case msg: MFoundPassword =>
+      log.debug(">> DISCORD REPORTER (MFoundPassword) >> :: {}", msg.password)
+      Http(webhook).postData(formatMessage("attacker password is " + msg.password)).header("content-type", "application/json").asString
+    case msg: MFoundFile =>
+      log.debug(">> DISCORD REPORTER (MFoundFile) >> :: {}", msg.filename)
+      Http(webhook).postData(formatMessage("attacker deposited a file called " + msg.filename)).header("content-type", "application/json").asString
+  }
+
+  def formatMessage(msg: String): String = {
+    """{ "username": "phreak", "content": "%s" }""".format(msg)
+  }
+}
diff --git a/src/main/scala/com/tylerstonge/honeypot/reporter/LogReporter.scala b/src/main/scala/com/tylerstonge/honeypot/reporter/LogReporter.scala
index 9b3f28f..f21fe99 100644
--- a/src/main/scala/com/tylerstonge/honeypot/reporter/LogReporter.scala
+++ b/src/main/scala/com/tylerstonge/honeypot/reporter/LogReporter.scala
@@ -1,6 +1,8 @@
 package com.tylerstonge.honeypot.reporter
 
-import akka.actor.{Actor, Props}
+import java.io.FileWriter
+
+import akka.actor.Actor
 import akka.event.{Logging, LoggingAdapter}
 import com.tylerstonge.honeypot.messages.{MFoundFile, MFoundPassword, MFoundUsername}
 
@@ -8,13 +10,33 @@ class LogReporter extends Actor {
 
   val log: LoggingAdapter = Logging(context.system, this)
 
+  val usernameLog = new FileWriter("logs/user.log", true)
+  val passwordLog = new FileWriter("logs/pass.log", true)
+  val fileLog = new FileWriter("logs/file.log", true)
+
   context.system.eventStream.subscribe(self, classOf[MFoundUsername])
   context.system.eventStream.subscribe(self, classOf[MFoundPassword])
   context.system.eventStream.subscribe(self, classOf[MFoundFile])
 
+  override def postStop(): Unit = {
+    super.postStop()
+    usernameLog.close()
+    passwordLog.close()
+    fileLog.close()
+  }
+
   override def receive: Receive = {
-    case msg: MFoundUsername => log.info(">> REPORTER >> :: {}", msg.username)
-    case msg: MFoundPassword => log.info(">> REPORTER >> :: {}", msg.password)
-    case msg: MFoundFile => log.info(">> REPORTER >> :: {}", msg.filename)
+    case msg: MFoundUsername =>
+      log.debug(">> REPORTER >> :: {}", msg.username)
+      usernameLog.write(msg.username + '\n')
+      usernameLog.flush()
+    case msg: MFoundPassword =>
+      log.debug(">> REPORTER >> :: {}", msg.password)
+      passwordLog.write(msg.password + '\n')
+      passwordLog.flush()
+    case msg: MFoundFile =>
+      log.debug(">> REPORTER >> :: {}", msg.filename)
+      fileLog.write(msg.filename + '\n')
+      fileLog.flush()
   }
 }
-- 
cgit v1.1