update cowrie

cowrie/Dockerfile

@@ -5,7 +5,9 @@
 FROM alpine
 MAINTAINER kev <noreply@easypi.pro>
 
-RUN apk add -U build-base \
+RUN apk add -U bash \
+               build-base \
+               ca-certificates \
                libffi \
                libffi-dev \
                openssl \
@@ -14,14 +16,12 @@ RUN apk add -U build-base \
                python-dev \
                tar \
     && wget -qO- https://bootstrap.pypa.io/get-pip.py | python \
-    && pip install pyasn1 \
-                   pyOpenSSL \
-                   service_identity \
-                   twisted \
     && adduser -D cowrie \
     && cd /home/cowrie \
     && wget -qO- https://github.com/micheloosterhof/cowrie/archive/master.tar.gz | tar xz --strip 1 \
-    && mv cowrie.cfg.dist cowrie.cfg \
+    && pip install -r requirements.txt \
+    && sed '/Enable Telnet/{n;s/\(enabled\).*/\1 = true/}' cowrie.cfg.dist > cowrie.cfg \
+    && sed -i 's/^\(VIRTUALENV_ENABLED\).*/\1=no/' bin/cowrie \
     && chown -R cowrie:cowrie . \
     && apk del build-base \
                libffi-dev \
@@ -30,9 +30,9 @@ RUN apk add -U build-base \
                tar \
     && rm -rf /var/cache/apk/*
 
-EXPOSE 2222
+EXPOSE 2222 2223
 
 USER cowrie
 WORKDIR /home/cowrie
 
-CMD ["twistd", "-n", "-l", "log/cowrie.log", "cowrie"]
+CMD ["bin/cowrie", "start", "-n"]

cowrie/README.md

@@ -10,11 +10,12 @@ and, most importantly, the entire shell interaction performed by the attacker.
 
 ## docker-compose.yml
 
-```
+```yaml
 cowrie:
   image: vimagick/cowrie
   ports:
     - "2222:2222"
+    - "2223:2223"
   volumes:
     - ./dl:/home/cowrie/dl
     - ./log:/home/cowrie/log
@@ -23,7 +24,7 @@ cowrie:
 
 ## server
 
-```
+```bash
 $ cd ~/fig/cowrie
 $ mkdir -p dl log/tty
 $ chmod -R 777 dl log
@@ -39,8 +40,9 @@ $ tail -f log/cowrie.log
 
 ## client
 
-```
+```bash
 $ ssh -p 2222 root@server
+$ telnet server 2223
 ```
 
 > You can login as `root` with any password except `root` or `123456`.

cowrie/docker-compose.yml

@@ -2,6 +2,7 @@ cowrie:
   image: vimagick/cowrie
   ports:
     - "2222:2222"
+    - "2223:2223"
   volumes:
     - ./dl:/home/cowrie/dl
     - ./log:/home/cowrie/log