From 6709833bf6f529e14ac24e7711b976cfa4f8d3e6 Mon Sep 17 00:00:00 2001 From: Andrew Meserole Date: Thu, 9 Nov 2017 11:10:14 -0600 Subject: [PATCH] Add Support for HTTPS --- AttackMapServer/AttackMapServer.py | 13 ++++++++---- AttackMapServer/index.html | 4 ++-- AttackMapServer/static/map.js | 4 ++-- README.md | 33 ++++++++++++++++++++++++++---- 4 files changed, 42 insertions(+), 12 deletions(-) diff --git a/AttackMapServer/AttackMapServer.py b/AttackMapServer/AttackMapServer.py index dc42e3b..3b38174 100755 --- a/AttackMapServer/AttackMapServer.py +++ b/AttackMapServer/AttackMapServer.py @@ -8,7 +8,7 @@ import json import redis import tornadoredis -#import tornado.httpserver +import tornado.httpserver import tornado.ioloop import tornado.web import tornado.websocket @@ -235,12 +235,12 @@ def on_message(self, msg): def main(): # Register handler pages - handlers = [ + application = tornado.web.Application([ (r'/websocket', WebSocketChatHandler), (r'/static/(.*)', tornado.web.StaticFileHandler, {'path': 'static'}), (r'/flags/(.*)', tornado.web.StaticFileHandler, {'path': 'static/flags'}), (r'/', IndexHandler) - ] + ]) # Define the static path #static_path = path.join( path.dirname(__file__), 'static' ) @@ -250,9 +250,14 @@ def main(): #'static_path': static_path } + # Define path to ssl certs + ssl_options={ + "certfile": "/path/to/domain.crt", + "keyfile": "/path/to/domain.key", + } # Create and start app listening on port 8888 try: - app = tornado.web.Application(handlers, **settings) + app = tornado.httpserver.HTTPServer(application, ssl_options=ssl_options) app.listen(8888) print('[*] Waiting on browser connections...') tornado.ioloop.IOLoop.instance().start() diff --git a/AttackMapServer/index.html b/AttackMapServer/index.html index 7c5b2e9..8816c6d 100644 --- a/AttackMapServer/index.html +++ b/AttackMapServer/index.html @@ -6,8 +6,8 @@ GeoIP Attack Map - - + + diff --git a/AttackMapServer/static/map.js b/AttackMapServer/static/map.js index eba1121..9e66e22 100644 --- a/AttackMapServer/static/map.js +++ b/AttackMapServer/static/map.js @@ -4,8 +4,8 @@ // - AttackMapServer machine: // - Internal IP: 127.0.0.1 // - External IP: 192.168.11.106 -var webSock = new WebSocket("ws:/127.0.0.1:8888/websocket"); // Internal -//var webSock = new WebSocket("ws:/192.168.1.100:8888/websocket"); // External +var webSock = new WebSocket("wss:/127.0.0.1:8888/websocket"); // Internal +//var webSock = new WebSocket("wss:/192.168.1.100:8888/websocket"); // External // link map diff --git a/README.md b/README.md index 91ad26a..3d29f45 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,7 @@ This program relies entirely on syslog, and because all appliances format logs d 4. Add headquarters latitude/longitude to hqLatLng variable in **index.html** 5. Use syslog-gen.py, or syslog-gen.sh to simulate dummy traffic "out of the box." 6. **IMPORTANT: Remember, this code will only run correctly in a production environment after personalizing the parsing functions. The default parsing function is only written to parse ./syslog-gen.sh traffic.** +7. Make sure to add the appropriate ssl certificate paths to `AttackMapServer.py` ### Bugs, Feedback, and Questions If you find any errors or bugs, please let me know. Questions and feedback are also welcome, and can be sent to mcmay.web@gmail.com, or open an issue in this repository. @@ -86,7 +87,29 @@ Tested on Ubuntu 16.04 LTS. cd AttackMapServer/ unzip static/flags.zip ``` - + +* Generate ssl certificates for your server + + * Generate Self Signed Cert with Openssl: + ```sh + openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout domain.key -out domain.crt + ``` + + * **NOTE**: If you are using a self signed cert your browser will warn you that your connection is unsafe. + + * Alternatively you can use [https://letsencrypt.org/](https://letsencrypt.org/) to get a free signed certificate for your domain. + +* Configure the Attack Map Server with SSL Certs: + + * Edit `ssl_options` in `AttackMapServer.py` to point to your certificates. + + ```python + ssl_options={ + "certfile": "/path/to/domain.crt", + "keyfile": "/path/to/domain.key", + } + + ``` * Start the Attack Map Server: ```sh @@ -95,19 +118,21 @@ Tested on Ubuntu 16.04 LTS. * Access the Attack Map Server from browser: - * [http://localhost:8888/](http://localhost:8888/) or [http://127.0.0.1:8888/](http://127.0.0.1:8888/) + * [https://localhost:8888/](https://localhost:8888/) or [https://127.0.0.1:8888/](https://127.0.0.1:8888/) + + * **NOTE** If you are using [https://localhost:8888/](https://localhost:8888/) and a self signed cert you will have to visit [https://127.0.0.1:8888/](https://127.0.0.1:8888/) and click proceed unsafely for the websocket connection to work. * To access via browser on another computer, use the external IP of the machine running the AttackMapServer. * Edit the IP Address in the file "/static/map.js" at "AttackMapServer" directory. From: ```javascript - var webSock = new WebSocket("ws:/127.0.0.1:8888/websocket"); + var webSock = new WebSocket("wss:/127.0.0.1:8888/websocket"); ``` * To, for example: ```javascript - var webSock = new WebSocket("ws:/192.168.1.100:8888/websocket"); + var webSock = new WebSocket("wss:/192.168.1.100:8888/websocket"); ``` * Restart the Attack Map Server: