Snare和Tanner安装

蜜罐 信息安全
软件安装
发布日期:   2023-10-19
文章字数:   859
阅读时长:   4 分

Resource

mushorg/snare: Super Next generation Advanced Reactive honEypot (github.com)

mushorg/tanner: He who flays the hide (github.com)

Document

Welcome to SNARE’s documentation! — SNARE v0.3 documentation

Welcome to TANNER’s documentation! — tanner 1.0 documentation

snare:Super Next generation Advanced Reactive honEypot

  • SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet.
  • TANNER is a remote data analysis and classification service to evaluate HTTP requests and composing the response then served by SNARE. TANNER uses multiple application vulnerability type emulation techniques when providing responses for SNARE. In addition, TANNER provides Dorks for SNARE powering its luring capabilities.

操作环境

  • 操作系统:Ubuntu20.04.2

    Linux version 5.15.0-86-generic (buildd@lcy02-amd64-062) (gcc (Ubuntu 9.4.0-1ubuntu1~20.04.2) 9.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34) #96~20.04.1-Ubuntu SMP Thu Sep 21 13:23:37 UTC 2023

  • 预安装Python3.8.0,将pip3升级到最新版本

    同时将pip进行换源,方便后续下载

    pip install --upgrade pip
pip install pip -U
pip config set global.index-url https://pypi.tuna.tsinghua.edu.cn/simple

snare安装

  1. 在指定好的路径(自由指定)clone源码

    git clone https://github.com/mushorg/snare.git

  2. 进入源码文件夹,安装软件依赖

    cd sare
sudo pip3 install -r requirements.txt

  3. 安装snare

    sudo python3 setup.py install

    查看到当前目录结构为

    bin          docker-compose.yml  .github     readthedocs.yml   Snare.egg-info
build        Dockerfile          .gitignore  requirements.txt
.coveragerc  docs                LICENSE     setup.py
dist         .git                README.md   snare

    则为安装成功

tanner安装

  1. 安装redis

    sudo apt-get install redis-server
redis-server

  2. 创建PHP沙箱

    参考mushorg/phpox: PHP Sandbox (github.com)

    其中BFR笔者未能成功安装,但是也能成功运行

  3. 安装docker

    参考最详细的ubuntu 安装 docker教程 - 知乎 (zhihu.com)

    对于其中的添加Docker官方GPG key失败问题,添加Docker官方GPG key失败解决方案这篇文章解决了问题

    具体做法:

    • 把官方GPG key下载到本地,下载下来是一个gpg文件,下载地址

    • 下载到本地后,采用如下命令,安装官方GPG key

      sudo apt-key add <gpg path>

  4. 在指定好的路径(自由指定)clone源码

    git clone https://github.com/mushorg/tanner.git

  5. 进入源码文件夹,安装软件依赖

    cd tanner
sudo pip3 install -r requirements.txt

  6. 安装tanner

    sudo python3 setup.py install

    在tanner目录下运行sudo tanner,出现

          _________    _   ___   ____________
     /_  __/   |  / | / / | / / ____/ __ \
      / / / /| | /  |/ /  |/ / __/ / /_/ /
     / / / ___ |/ /|  / /|  / /___/ _, _/
    /_/ /_/  |_/_/ |_/_/ |_/_____/_/ |_|

    
Debug logs will be stored in /opt/tanner/tanner.log
Error logs will be stored in /opt/tanner/tanner.err
======== Running on http://0.0.0.0:8090 ========
(Press CTRL+C to quit)

    以及curl http://localhost:8090返回Tanner server说明安装成功

snare搭配tanner的example

使用Snare克隆页面

sudo clone --target http://example.com --path <path>

启动Snare并在后台挂载Tanner

sudo snare --port 8080 --page-dir example.com --path <path> --tanner <tanner-ip>

输出

   _____ _   _____    ____  ______
  / ___// | / /   |  / __ \/ ____/
  \__ \/  |/ / /| | / /_/ / __/
 ___/ / /|  / ___ |/ _, _/ /___
/____/_/ |_/_/  |_/_/ |_/_____/
    
serving with uuid ea504261-df23-4e4c-a2e1-72a19725dc17
Debug logs will be stored in /snare/snare/snare.log
Error logs will be stored in /snare/snare/snare.err
======== Running on http://127.0.0.1:8080 ========
(Press CTRL+C to quit)
privileges dropped, running as "nobody:nogroup"

连接成功

文章作者: J&Ocean
文章链接: https://jiang-wu-19.github.io/2023/10/19/Snare%E5%92%8CTanner%E5%AE%89%E8%A3%85/
版权声明: 本博客所有文章除特別声明外,均采用 CC BY 4.0 许可协议。转载请注明来源 J&Ocean !
蜜罐 信息安全
评论
  目录