Feat: Improve cloud plugin (#240)

* Implement hot reload

Author: mariocandela

builder/builder.go

@@ -3,11 +3,12 @@ package builder
 import (
 	"errors"
 	"fmt"
-	"github.com/mariocandela/beelzebub/v3/protocols/strategies/MCP"
 	"io"
 	"net/http"
 	"os"
 
+	"github.com/mariocandela/beelzebub/v3/protocols/strategies/MCP"
+
 	"github.com/mariocandela/beelzebub/v3/parser"
 	"github.com/mariocandela/beelzebub/v3/plugins"
 	"github.com/mariocandela/beelzebub/v3/protocols"
@@ -121,9 +122,9 @@ Honeypot Framework, happy hacking!`)
 	if b.beelzebubCoreConfigurations.Core.BeelzebubCloud.Enabled {
 		conf := b.beelzebubCoreConfigurations.Core.BeelzebubCloud
 
-		beelzebubCloud := plugins.InitBeelzebubCloud(conf.URI, conf.AuthToken)
+		beelzebubCloud := plugins.InitBeelzebubCloud(conf.URI, conf.AuthToken, true)
 
-		if honeypotsConfiguration, err := beelzebubCloud.GetHoneypotsConfigurations(); err != nil {
+		if honeypotsConfiguration, _, err := beelzebubCloud.GetHoneypotsConfigurations(); err != nil {
 			return err
 		} else {
 			if len(honeypotsConfiguration) == 0 {

builder/director.go

@@ -60,7 +60,7 @@ func (d *Director) beelzebubCloudStrategy(event tracer.Event) {
 
 	conf := d.builder.beelzebubCoreConfigurations.Core.BeelzebubCloud
 
-	beelzebubCloud := plugins.InitBeelzebubCloud(conf.URI, conf.AuthToken)
+	beelzebubCloud := plugins.InitBeelzebubCloud(conf.URI, conf.AuthToken, false)
 
 	result, err := beelzebubCloud.SendEvent(event)
 	if err != nil {

docker-compose.yml

@@ -1,5 +1,3 @@
-version: "3.9"
-
 services:
   beelzebub:
     build: .

parser/configurations_parser.go

@@ -2,6 +2,9 @@
 package parser
 
 import (
+	"crypto/sha256"
+	"encoding/hex"
+	"encoding/json"
 	"fmt"
 	"os"
 	"path/filepath"
@@ -80,6 +83,15 @@ type BeelzebubServiceConfiguration struct {
 	TLSKeyPath             string    `yaml:"tlsKeyPath"`
 }
 
+func (bsc BeelzebubServiceConfiguration) HashCode() (string, error) {
+	data, err := json.Marshal(bsc)
+	if err != nil {
+		return "", err
+	}
+	hash := sha256.Sum256(data)
+	return hex.EncodeToString(hash[:]), nil
+}
+
 // Command is the struct that contains the configurations of the commands
 type Command struct {
 	RegexStr   string         `yaml:"regex"`

parser/configurations_parser_test.go

@@ -182,6 +182,21 @@ func TestReadConfigurationsServicesValid(t *testing.T) {
 	assert.Equal(t, firstBeelzebubServiceConfiguration.Tools[0].Handler, "reset_password ok")
 }
 
+func TestReadConfigurationsServicesGenerateHashCode(t *testing.T) {
+	configurationsParser := Init("", "")
+
+	configurationsParser.readFileBytesByFilePathDependency = mockReadfilebytesBeelzebubServiceConfiguration
+	configurationsParser.gelAllFilesNameByDirNameDependency = mockReadDirValid
+
+	beelzebubServicesConfiguration, err := configurationsParser.ReadConfigurationsServices()
+
+	hashCode, errHashCode := beelzebubServicesConfiguration[0].HashCode()
+
+	assert.Nil(t, err)
+	assert.Nil(t, errHashCode)
+	assert.Equal(t, hashCode, "9c349217fdf25f8a1751c33de9e06799a6c96fa996c2dba40df6d2c34c3025a0")
+}
+
 func TestReadConfigurationsPluginGuardrailsValid(t *testing.T) {
 	configurationsParser := Init("", "")
 

plugins/beelzebub-cloud.go

@@ -4,6 +4,9 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"os"
+	"strings"
+	"time"
 
 	"github.com/go-resty/resty/v2"
 	"github.com/mariocandela/beelzebub/v3/parser"
@@ -12,10 +15,38 @@ import (
 	"gopkg.in/yaml.v3"
 )
 
+type EventDTO struct {
+	DateTime        string
+	RemoteAddr      string
+	Protocol        string
+	Command         string
+	CommandOutput   string
+	Status          string
+	Msg             string
+	ID              string
+	Environ         string
+	User            string
+	Password        string
+	Client          string
+	Headers         string
+	HeadersMap      map[string][]string
+	Cookies         string
+	UserAgent       string
+	HostHTTPRequest string
+	Body            string
+	HTTPMethod      string
+	RequestURI      string
+	Description     string
+	SourceIp        string
+	SourcePort      string
+	TLSServerName   string
+}
+
 type beelzebubCloud struct {
-	URI       string
-	AuthToken string
-	client    *resty.Client
+	URI             string
+	AuthToken       string
+	client          *resty.Client
+	PollingInterval time.Duration
 }
 
 type HoneypotConfigResponseDTO struct {
@@ -25,16 +56,30 @@ type HoneypotConfigResponseDTO struct {
 	LastUpdatedOn string `json:"lastUpdatedOn"`
 }
 
-func InitBeelzebubCloud(uri, authToken string) *beelzebubCloud {
-	return &beelzebubCloud{
-		URI:       uri,
-		AuthToken: authToken,
-		client:    resty.New(),
+func InitBeelzebubCloud(uri, authToken string, enableVerifyConfigurationsChanged bool) *beelzebubCloud {
+	beelzebubCloud := &beelzebubCloud{
+		URI:             uri,
+		AuthToken:       authToken,
+		client:          resty.New(),
+		PollingInterval: 15 * time.Second,
+	}
+	if enableVerifyConfigurationsChanged {
+		go func() {
+			if err := beelzebubCloud.verifyConfigurationsChanged(); err != nil {
+				log.Fatalf("Error verify configurations changed: %s", err.Error())
+			}
+		}()
 	}
+	return beelzebubCloud
 }
 
 func (beelzebubCloud *beelzebubCloud) SendEvent(event tracer.Event) (bool, error) {
-	requestJson, err := json.Marshal(event)
+	eventDTO, err := beelzebubCloud.mapToEventDTO(event)
+	if err != nil {
+		return false, err
+	}
+
+	requestJson, err := json.Marshal(eventDTO)
 	if err != nil {
 		return false, err
 	}
@@ -59,9 +104,9 @@ func (beelzebubCloud *beelzebubCloud) SendEvent(event tracer.Event) (bool, error
 	return response.StatusCode() == 200, nil
 }
 
-func (beelzebubCloud *beelzebubCloud) GetHoneypotsConfigurations() ([]parser.BeelzebubServiceConfiguration, error) {
+func (beelzebubCloud *beelzebubCloud) GetHoneypotsConfigurations() ([]parser.BeelzebubServiceConfiguration, string, error) {
 	if beelzebubCloud.AuthToken == "" {
-		return nil, errors.New("authToken is empty")
+		return nil, "", errors.New("authToken is empty")
 	}
 
 	response, err := beelzebubCloud.client.R().
@@ -71,34 +116,98 @@ func (beelzebubCloud *beelzebubCloud) GetHoneypotsConfigurations() ([]parser.Bee
 		Get(fmt.Sprintf("%s/honeypots", beelzebubCloud.URI))
 
 	if err != nil {
-		return nil, err
+		return nil, "", err
 	}
 
 	if response.StatusCode() != 200 {
-		return nil, errors.New(fmt.Sprintf("Response code: %v, error: %s", response.StatusCode(), string(response.Body())))
+		return nil, "", errors.New(fmt.Sprintf("Response code: %v, error: %s", response.StatusCode(), string(response.Body())))
 	}
 
 	var honeypotsConfig []HoneypotConfigResponseDTO
 
 	if err = json.Unmarshal(response.Body(), &honeypotsConfig); err != nil {
-		return nil, err
+		return nil, "", err
 	}
 
 	var servicesConfiguration = make([]parser.BeelzebubServiceConfiguration, 0)
+	var localHashBuilder strings.Builder
 
 	for _, honeypotConfig := range honeypotsConfig {
 		var honeypotsConfig parser.BeelzebubServiceConfiguration
 
 		if err = yaml.Unmarshal([]byte(honeypotConfig.Config), &honeypotsConfig); err != nil {
-			return nil, err
+			return nil, "", err
 		}
 		if err := honeypotsConfig.CompileCommandRegex(); err != nil {
-			return nil, fmt.Errorf("unable to load service config from cloud: invalid regex: %v", err)
+			return nil, "", fmt.Errorf("unable to load service config from cloud: invalid regex: %v", err)
 		}
 		servicesConfiguration = append(servicesConfiguration, honeypotsConfig)
+
+		if hashCode, err := honeypotsConfig.HashCode(); err != nil {
+			return nil, "", err
+		} else {
+			localHashBuilder.WriteString(hashCode)
+		}
+
 	}
 
-	log.Debug(servicesConfiguration)
+	return servicesConfiguration, localHashBuilder.String(), nil
+}
+
+var exitFunction func(code int) = os.Exit
+
+func (beelzebubCloud *beelzebubCloud) verifyConfigurationsChanged() error {
+	var lastConfigurationsHash = ""
+	for {
+		log.Debug("Checking configurations...")
+		_, configurationsHash, err := beelzebubCloud.GetHoneypotsConfigurations()
+		if err != nil {
+			return err
+		}
+		if len(lastConfigurationsHash) == 0 {
+			lastConfigurationsHash = configurationsHash
+		}
+		if lastConfigurationsHash != configurationsHash {
+			log.Debug("Configurations changed.")
+			exitFunction(0)
+		}
+		time.Sleep(beelzebubCloud.PollingInterval)
+	}
+}
+
+func (beelzebubCloud *beelzebubCloud) mapToEventDTO(event tracer.Event) (EventDTO, error) {
+	eventDTO := EventDTO{
+		DateTime:        event.DateTime,
+		RemoteAddr:      event.RemoteAddr,
+		Protocol:        event.Protocol,
+		Command:         event.Command,
+		CommandOutput:   event.CommandOutput,
+		Status:          event.Status,
+		Msg:             event.Msg,
+		ID:              event.ID,
+		Environ:         event.Environ,
+		User:            event.User,
+		Password:        event.Password,
+		Client:          event.Client,
+		Cookies:         event.Cookies,
+		UserAgent:       event.UserAgent,
+		HostHTTPRequest: event.HostHTTPRequest,
+		Body:            event.Body,
+		HTTPMethod:      event.HTTPMethod,
+		RequestURI:      event.RequestURI,
+		Description:     event.Description,
+		SourceIp:        event.SourceIp,
+		SourcePort:      event.SourcePort,
+		TLSServerName:   event.TLSServerName,
+	}
+
+	if len(event.Headers) > 0 {
+		headersJSON, err := json.Marshal(event.Headers)
+		if err != nil {
+			return EventDTO{}, fmt.Errorf("failed to marshal headers: %w", err)
+		}
+		eventDTO.Headers = string(headersJSON)
+	}
 
-	return servicesConfiguration, nil
+	return eventDTO, nil
 }