Google Summer of Code 2021 with HosTaGe
Written on 19 August 2021 by Filip Adamík
A honeypot is a system that acts as a trap for cyber-attackers by simulating a real system. It contains no useful data for the attacker but is closely monitored and analysed by its operators. HosTage is an Android implementation of a honeypot that provides emulation of several network protocols. It has been developed jointly by Aalborg University (Denmark) and Technische Universität Darmstadt (Germany) and is a part of the Honeynet Project.
In the 2021 edition of GSOC, the focus was put on addressing several outdated aspects of the application. It was necessary to adapt the code to changes in the latest Android APIs to improve the usability and stability, but also to allow HosTage to be re-listed on Google Play Store, after it was removed in February 2021.
My main contributions were in the areas of UI changes, Location permission and Log storage.
UI Changes and Dark Mode
In the state before GSOC started, the app supported dark mode partially and inconsistently. This resulted in some text being illegible if the device used a dark theme. Furthermore, some elements of the user interface were outdated, did not scale properly, or were unusable.
Several of my contributions addressed this. I have replaced the code behind a scrollable list of emulation profiles. I have replaced several custom buttons and layouts with their respective out-of-the-box versions (such as the date and time pickers, action buttons, switches...) I have adopted a more consistent style scheme, defining primary accent, and several supporting colours. I have then applied this style scheme uniformly across both Light and Dark themes.
Android 11 introduces several changes to how applications can request access to the device location.
My contributions include a reworked approach to requesting location permission from the user and providing the location to various app components. This new approach supports both older and newer API versions.
One of the features of the app is the export of network logs, captured in a PCAP format. The user should be able to turn this feature on or off and select the output location of these logs. This was not working as intended and logs were always written to the same hard-coded location on devices with newer Android versions.
My work addresses this. Allowing the user to select the log output location reliably, regardless of their Android version,
required a completely new approach to save the PCAP logs. The improved logging code includes changes to obtaining
storage permissions from the user, as well as changes to how the logs are captured with
tcpdump and moved to the desired
GSOC'21 was an amazing learning journey. I certainly improved my command of Java and Android and I hope the code produced in these three months will be put to good use.
A new HosTaGe release has been published in the project's repository on GitHub and the application was submitted to Google Play Store. It is undergoing review at the time of writing.
After a late-summer break, I plan to return to HosTaGe and tackle the next challenges, further improving the code quality and hopefully implementing a new monitoring protocol. As the Android platform keeps evolving, there will certainly be enough work for us to do!
The following pull requests summarise my work on HosTaGe during GSOC'21. They represent my ~115 commits between 25 May 2021 and 18 August 2021.
- Replace old swipelistview in the Profile selector fragment with RecyclerView: #169
- Adopt Dark mode and optimise UI accessibility: #174 and #202
- Adjust Location permission flow and Storage permission flow: #177
- Rework and optimise saving of PCAP logs on rooted devices: #203
Bug fixes and smaller changes
- App crash when protocols are not initialised: #173
- App crash when user clicked on Attacks on the Home fragment: #190
- Replace Toasts with Snackbars: #188 and #204
- App crash when user turned on monitoring before the app was fully initialised: #199
- App crash when an attack is detected: #201
Formatting, code quality and housekeeping
- Update library versions: #166
- Extract Strings: #168
- Remove generic exceptions, adjust profiles, code formatting: #186
- Fix typos in code and comments (this was my first contribution!): #159
- Replace checkboxes in settings with switches: #206
- Remove obsolete, unused code: #198, #204 and #207