rubylinuxhoneypot

Error when executing HoneyC - `require': cannot load such file


I am trying to execute HoneyC, which code is on this link: HoneyC Source Code. I have followed the 'readme' document instructions, which says that the UnitTest have to be run first.

It says: "Unpack the HoneyC distribution into a directory, cd into that directory, and execute ‘ruby UnitTester.rb’. This will start the unit tests executing some basic module tests. (Note that you need to have network connectivity and direct outgoing access on port 80 for the unit tests to succeed.)"

I am using Ruby version 2.3.1p112 (2016-04-26) [x86_64-linux-gnu]

*I've never programmed using Ruby before.

Port 80 seems to be okay ... if I run the command netstat I get:

:~$ netstat -tulnap (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:30800 0.0.0.0:*
LISTEN - tcp 0 0 0.0.0.0:80
0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:30900 0.0.0.0:* LISTEN -
tcp 0 0 127.0.1.1:53 0.0.0.0:*
LISTEN

However, I am getting the following error when I try to run the UnitTest:

:~/honeypot/honeyc-master$ ruby UnitTester.rb
/usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in `require': cannot load such file -- HoneyCConfiguration (LoadError)
    from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in `require'
    from UnitTester.rb:39:in `block in suite'
    from /usr/lib/ruby/2.3.0/find.rb:49:in `block (2 levels) in find'
    from /usr/lib/ruby/2.3.0/find.rb:48:in `catch'
    from /usr/lib/ruby/2.3.0/find.rb:48:in `block in find'
    from /usr/lib/ruby/2.3.0/find.rb:43:in `each'
    from /usr/lib/ruby/2.3.0/find.rb:43:in `find'
    from UnitTester.rb:29:in `suite'
    from /usr/lib/ruby/vendor_ruby/test/unit/ui/testrunner.rb:12:in `initialize'
    from /usr/lib/ruby/vendor_ruby/test/unit/ui/console/testrunner.rb:38:in `initialize'
    from /usr/lib/ruby/vendor_ruby/test/unit/ui/testrunnerutilities.rb:24:in `new'
    from /usr/lib/ruby/vendor_ruby/test/unit/ui/testrunnerutilities.rb:24:in `run'
    from UnitTester.rb:54:in `<main>'

The ruby code of the Unit Test is:

 require 'test/unit/testsuite'
 require 'test/unit/ui/console/testrunner'
 require 'find'

module Kernel
  def get_class_for_name(name, objects = [Object])
    #STDERR.puts name.to_s
    return nil if objects.size == 0
    object = objects.shift
    object.constants.each do |constant_name|
      real_object = object.const_get(constant_name)
      case real_object
      when Class
    return real_object if constant_name == name
      when Module
    objects << real_object
      end
    end
    return get_class_for_name(name, objects)
  end
end

class UnitTester
   def self.suite
    exceptions = ["HoneyC","UnitTester"]
    suite = Test::Unit::TestSuite.new("HoneyC Unit Tests")

    #find all rb files
    Find.find(".") do |full_file_name|
        if /.rb/ =~ full_file_name and !(/.svn/ =~ full_file_name)
            /.*\// =~ full_file_name
            path = $&[2..$&.length]
            classname = full_file_name[$&.length..-4]

            if !exceptions.index(classname)
                #assume test is under classname + "Test"
                #run unit test on them except on the exceptions

                require path + classname
                classname.sub!(/\.tab/,"") #silly replacement for the snortruleparser, since this is an automatically generated class.
                unit_test = get_class_for_name(classname + "Test")
                if(unit_test==nil)
                    STDERR.puts "No unit test defined for class " + classname + "."
                else
                    suite << unit_test.suite    
                end
            end
        end
    end

    return suite
   end
 end
 Test::Unit::UI::Console::TestRunner.run(UnitTester)

What should I do to get this honeypot running?


Solution

  • The most recent commit on this codebase is from 2007 (and that's transferring it to git, I'm not sure whether the original subversion commits are even older). Ruby has come a long way since then, and the UnitTester you're running relies on some metaprogramming behavior that's changed over the years. It's trying to look through all the ruby files in the source tree to load them to find tests, but the way it's doing that doesn't work in modern rubies. There are at least two things wrong:

    1. Starting in ruby 1.9, released in 2009, the current directory is no longer (by default) in the load path, so when you try to require a module/class that's defined in the current directory it'll fail. They'd need to switch to require_relative (Why does Ruby 1.9.2 remove "." from LOAD_PATH, and what's the alternative?)

    2. The codebase is doing something very bizarre (but maybe once necessary) in how it's crawling the object tree to try to figure out what classes/modules have been defined (https://github.com/honeynet/honeyc/blob/master/UnitTester.rb#L10). This doesn't work properly in modern rubies.

    You can get the UnitTests running with ruby 1.8.7, but be aware that version of ruby hasn't been supported since 04/01/2017. The unit tests mostly pass except some are querying web services that no longer exist.

    I don't think you can really use this codebase without significant work upgrading it, which is probably off-topic here.