Ansible Role for creating a realist cowrie instance.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
razian 6b0648f00a Merge branch 'master' of https://git.rznet.fr/AnsibleRoles/cowrie 2 months ago
defaults Improve userlist 5 months ago
meta Add meta 5 months ago
tasks Add clear task 2 months ago
templates Improve userlist 5 months ago
README.md Update 'README.md' 4 months ago

README.md

Requirements

  • Docker
  • Git
  • Make

Variables

Variables Default Descriptions
cowrie_path "/opt/docker/cowrie" Sources dir
cowrie_cfg_template "../templates/cowrie.cfg.j2" Cowrie config template
cowrie_cfg_dest "{{ cowrie_path }}/etc/cowrie.cfg" Cowrie config template dest
cowrie_userdb_users users list Cowrie userdb.txt users list
cowrie_userdb_pass passwords list Cowrie userdb.txt passwords list
cowrie_userdb_template "../templates/userdb.txt.j2" Cowrie userdb.txt template
cowrie_userdb_dest "{{ cowrie_path }}/etc/userdb.txt" Cowrie userdb.txt template dest
cowrie_hostname "srv42" Hostname of your cowrie fake system
cowrie_mysql false Enable cowrie mysql output
cowrie_mysql_host "localhost" Host of cowrie's mysql server
cowrie_mysql_port "3306" Port of cowrie's mysql server
cowrie_mysql_base "cowrie" Cowrie's mysql database
cowrie_mysql_user "cowrie" Cowrie's mysql user
cowrie_mysql_pass "cowrie" Cowrie's mysql pass (change it)
cowrie_ssh_port "4222" Container port to use for ssh connection
cowrie_telnet false Enable telnet
cowrie_telnet_port "4223" Container port to use for telnet connection

Build and start the container

cd /opt/docker/cowrie
make docker-build && make docker-start

Stop and rebuild the container

docker stop cowrie
docker rm cowrie
make docker-build
make docker-start

Purge and rebuild the container

cd /opt/docker/cowrie
docker stop cowrie
docker rm cowrie
docker volume rm cowrie-etc cowrie-var
make docker-build
make docker-start

Iptables rules

iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4222
iptables -t nat -A PREROUTING -p tcp --dport 23 -j REDIRECT --to-port 4223

UFW

Add at the end of /etc/ufw/before.rules

*nat
:PREROUTING ACCEPT [0:0]
-A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4222
-A PREROUTING -p tcp --dport 23 -j REDIRECT --to-port 4223
COMMIT

Then open the ports and reload ufw

ufw allow 4222:4223/tcp
ufw reload