I am trying to execute HoneyC, which code is on this link: HoneyC Source Code. I have followed the 'readme' document instructions, which says that the UnitTest have to be run first.
It says: "Unpack the HoneyC distribution into a directory, cd into that directory, and execute ‘ruby UnitTester.rb’. This will start the unit tests executing some basic module tests. (Note that you need to have network connectivity and direct outgoing access on port 80 for the unit tests to succeed.)"
I am using Ruby version 2.3.1p112 (2016-04-26) [x86_64-linux-gnu]
*I've never programmed using Ruby before.
Port 80 seems to be okay ... if I run the command netstat I get:
:~$ netstat -tulnap (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:30800 0.0.0.0:*
LISTEN - tcp 0 0 0.0.0.0:80
0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:30900 0.0.0.0:* LISTEN -
tcp 0 0 127.0.1.1:53 0.0.0.0:*
LISTEN
However, I am getting the following error when I try to run the UnitTest:
:~/honeypot/honeyc-master$ ruby UnitTester.rb
/usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in `require': cannot load such file -- HoneyCConfiguration (LoadError)
from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from UnitTester.rb:39:in `block in suite'
from /usr/lib/ruby/2.3.0/find.rb:49:in `block (2 levels) in find'
from /usr/lib/ruby/2.3.0/find.rb:48:in `catch'
from /usr/lib/ruby/2.3.0/find.rb:48:in `block in find'
from /usr/lib/ruby/2.3.0/find.rb:43:in `each'
from /usr/lib/ruby/2.3.0/find.rb:43:in `find'
from UnitTester.rb:29:in `suite'
from /usr/lib/ruby/vendor_ruby/test/unit/ui/testrunner.rb:12:in `initialize'
from /usr/lib/ruby/vendor_ruby/test/unit/ui/console/testrunner.rb:38:in `initialize'
from /usr/lib/ruby/vendor_ruby/test/unit/ui/testrunnerutilities.rb:24:in `new'
from /usr/lib/ruby/vendor_ruby/test/unit/ui/testrunnerutilities.rb:24:in `run'
from UnitTester.rb:54:in `<main>'
The ruby code of the Unit Test is:
require 'test/unit/testsuite'
require 'test/unit/ui/console/testrunner'
require 'find'
module Kernel
def get_class_for_name(name, objects = [Object])
#STDERR.puts name.to_s
return nil if objects.size == 0
object = objects.shift
object.constants.each do |constant_name|
real_object = object.const_get(constant_name)
case real_object
when Class
return real_object if constant_name == name
when Module
objects << real_object
end
end
return get_class_for_name(name, objects)
end
end
class UnitTester
def self.suite
exceptions = ["HoneyC","UnitTester"]
suite = Test::Unit::TestSuite.new("HoneyC Unit Tests")
#find all rb files
Find.find(".") do |full_file_name|
if /.rb/ =~ full_file_name and !(/.svn/ =~ full_file_name)
/.*\// =~ full_file_name
path = $&[2..$&.length]
classname = full_file_name[$&.length..-4]
if !exceptions.index(classname)
#assume test is under classname + "Test"
#run unit test on them except on the exceptions
require path + classname
classname.sub!(/\.tab/,"") #silly replacement for the snortruleparser, since this is an automatically generated class.
unit_test = get_class_for_name(classname + "Test")
if(unit_test==nil)
STDERR.puts "No unit test defined for class " + classname + "."
else
suite << unit_test.suite
end
end
end
end
return suite
end
end
Test::Unit::UI::Console::TestRunner.run(UnitTester)
What should I do to get this honeypot running?
The most recent commit on this codebase is from 2007 (and that's transferring it to git, I'm not sure whether the original subversion commits are even older). Ruby has come a long way since then, and the UnitTester you're running relies on some metaprogramming behavior that's changed over the years. It's trying to look through all the ruby files in the source tree to load them to find tests, but the way it's doing that doesn't work in modern rubies. There are at least two things wrong:
Starting in ruby 1.9, released in 2009, the current directory is no longer (by default) in the load path, so when you try to require a module/class that's defined in the current directory it'll fail. They'd need to switch to require_relative (Why does Ruby 1.9.2 remove "." from LOAD_PATH, and what's the alternative?)
The codebase is doing something very bizarre (but maybe once necessary) in how it's crawling the object tree to try to figure out what classes/modules have been defined (https://github.com/honeynet/honeyc/blob/master/UnitTester.rb#L10). This doesn't work properly in modern rubies.
You can get the UnitTests running with ruby 1.8.7, but be aware that version of ruby hasn't been supported since 04/01/2017. The unit tests mostly pass except some are querying web services that no longer exist.
I don't think you can really use this codebase without significant work upgrading it, which is probably off-topic here.