Skip to content

Instantly share code, notes, and snippets.

@zafodB
Last active Aug 20, 2021
Embed
What would you like to do?

Google Summer of Code 2021 with HosTaGe

Written on 19 August 2021 by Filip Adamík

Introduction

A honeypot is a system that acts as a trap for cyber-attackers by simulating a real system. It contains no useful data for the attacker but is closely monitored and analysed by its operators. HosTage is an Android implementation of a honeypot that provides emulation of several network protocols. It has been developed jointly by Aalborg University (Denmark) and Technische Universität Darmstadt (Germany) and is a part of the Honeynet Project.

GSOC'21

In the 2021 edition of GSOC, the focus was put on addressing several outdated aspects of the application. It was necessary to adapt the code to changes in the latest Android APIs to improve the usability and stability, but also to allow HosTage to be re-listed on Google Play Store, after it was removed in February 2021.

My main contributions were in the areas of UI changes, Location permission and Log storage.

UI Changes and Dark Mode

In the state before GSOC started, the app supported dark mode partially and inconsistently. This resulted in some text being illegible if the device used a dark theme. Furthermore, some elements of the user interface were outdated, did not scale properly, or were unusable.

Several of my contributions addressed this. I have replaced the code behind a scrollable list of emulation profiles. I have replaced several custom buttons and layouts with their respective out-of-the-box versions (such as the date and time pickers, action buttons, switches...) I have adopted a more consistent style scheme, defining primary accent, and several supporting colours. I have then applied this style scheme uniformly across both Light and Dark themes.

Location Permissions

Android 11 introduces several changes to how applications can request access to the device location.

My contributions include a reworked approach to requesting location permission from the user and providing the location to various app components. This new approach supports both older and newer API versions.

Log Storage

One of the features of the app is the export of network logs, captured in a PCAP format. The user should be able to turn this feature on or off and select the output location of these logs. This was not working as intended and logs were always written to the same hard-coded location on devices with newer Android versions.

My work addresses this. Allowing the user to select the log output location reliably, regardless of their Android version, required a completely new approach to save the PCAP logs. The improved logging code includes changes to obtaining storage permissions from the user, as well as changes to how the logs are captured with tcpdump and moved to the desired output folder.

Conclusion

GSOC'21 was an amazing learning journey. I certainly improved my command of Java and Android and I hope the code produced in these three months will be put to good use.

A new HosTaGe release has been published in the project's repository on GitHub and the application was submitted to Google Play Store. It is undergoing review at the time of writing.

After a late-summer break, I plan to return to HosTaGe and tackle the next challenges, further improving the code quality and hopefully implementing a new monitoring protocol. As the Android platform keeps evolving, there will certainly be enough work for us to do!

I would like to extend my warmest thanks to my mentors Shreyas Srinivasa and Emmanouil Vasilomanolakis for their kind and thoughtful guidance.

HosTaGe logo

Pull requests

The following pull requests summarise my work on HosTaGe during GSOC'21. They represent my ~115 commits between 25 May 2021 and 18 August 2021.

Major changes

  • Replace old swipelistview in the Profile selector fragment with RecyclerView: #169
  • Adopt Dark mode and optimise UI accessibility: #174 and #202
  • Adjust Location permission flow and Storage permission flow: #177
  • Rework and optimise saving of PCAP logs on rooted devices: #203

Bug fixes and smaller changes

  • App crash when protocols are not initialised: #173
  • App crash when user clicked on Attacks on the Home fragment: #190
  • Replace Toasts with Snackbars: #188 and #204
  • App crash when user turned on monitoring before the app was fully initialised: #199
  • App crash when an attack is detected: #201

Formatting, code quality and housekeeping

  • Update library versions: #166
  • Extract Strings: #168
  • Remove generic exceptions, adjust profiles, code formatting: #186
  • Fix typos in code and comments (this was my first contribution!): #159
  • Replace checkboxes in settings with switches: #206
  • Remove obsolete, unused code: #198, #204 and #207

Commits

  1. 04d695b491ce48cbc1a4055b0a7b73801909ce9e
  2. a7bdaa13ddeed4f2e0166624e76e235cf6e0e448
  3. 0d8514021becdb81a30d5a584d11b8721865e1ef
  4. a54a3ad8c76828eba3e08ad1f4acc58a089c1222
  5. 965246eff51a6c4c345d7dee46a4b824cd5d2217
  6. 906f14b2698994f983a6231a944fc20cfe66fe51
  7. 281a097d8d1bbfc46ed0b9d8f1dce2aa7c28b4a6
  8. ffaffafbcb82fbf65a7a6f81f47fee9604528705
  9. ee90bba18ba18692f461f313d0cd6b72a1e451a3
  10. 1d3f3b73ecab2942675930a5145595314d23fa9a
  11. 5e7454ec10548b92aa32fa43ed37a586565b9103
  12. dbea58c127b308496c2344d41b6b4c3f1335427b
  13. 5834d81f0f35f420fc65b95d18c9c5be8aebee0a
  14. 99daa3abde663cde8656cce56e234e087b00f257
  15. db7dfa363aec18f8be549a0c50d8e0e8880625ff
  16. 892079436d92c452926a596f0b7cca1891247254
  17. bc526f07433170d3ceb27848faa4bbe9e1f7886f
  18. 5822efeada6f9ce1d1b0ed6d0849ef63e6aedfb6
  19. daeb17e0a20a578ca9e2f7c11eb140992d8bd24c
  20. 470bb99abffc246f70374a4ad0f2de96239dca77
  21. 90750a20fe06c360c236c4a261a1e09b708c167d
  22. 94d3251a3a1377883d3feb31b6bff8bd6be1329c
  23. f8ecfa005764f0fe216bee1ebb8162c5df59c237
  24. 3717604b39a9a137148801daa5034bc5ebc6407b
  25. b277e92a542e8fe3952fc290f55457b3ba87b37c
  26. f239ddd177caee659366ed5ef4cece584c605d76
  27. f2e30b79d9f91004ddd8d7832af36a88bdfee788
  28. 73f8681102b525b263d2444acd39e4fcbf27e59b
  29. 114380fc01fcef00b3db944e66fdeae03ce9ba30
  30. 111faef4848788ef70fcaab92a97ccc4149039d8
  31. 7966a586dfeef7861919e534e117dc05857c708f
  32. c06e134d55c674df59d607874e8481a0966ee4ad
  33. b41a935e5241ccdd240fa6cfcc7a3b0d22da7542
  34. d4ae044a4801210be43312a13bec0aa62deb317d
  35. 59f9a3cd9e15735c32a70b03173cb829789f8b20
  36. 0f60c0e8a8337c382b2cdb847ccb3670a0c442e7
  37. 5c8340fd45fd35794a291fac8ac88ba1f82d27e3
  38. 655a9d374edca98989a11d48486c1b850fd59b01
  39. ffd31c607861fe3807fc5ddc2e5d38ed4e64d4a2
  40. 2432f11b67af0b36b1d3a71dcc9d07585b92ec8d
  41. e2572b081596c4c9c58de4ba1d6a02edf4c00d91
  42. ea2d95d3bec30685ac522cf9ab077dca8a195577
  43. 8de396988228a693cca44d505356147ee3f09374
  44. 512267f34d2d214042fc1ee3a04bed9110158d8b
  45. 6c2ce16baeac5f4bd7bbe61ee619673c54fe8846
  46. ac1aeb4b39b207212a36b3a86d3f5ab630294522
  47. 05a6e2af82d3c5089207ec3b0224cc7cfbcba651
  48. f11eb49a3a1b426a0806a11302dfe1c29ae973b9
  49. 13fa8aacb2b1734d5145b8ec5d83d7bac157e9c6
  50. 6ad68777e6fb98fd10375558b839a36c8bf2f10a
  51. 2bd498354db963103e609de605dc103de115eb1f
  52. 5920125d94abab33551f317981357c193e6da0d9
  53. e7ef243575e34def3a5af7edebb20ae675f80fea
  54. c70c22bd066693bab53e1362311a77414e58c115
  55. 284760b082e2e81e652db4072a30c1e6d87f384c
  56. 21ae072db4bcfac14760612afce1fa69a42b5e4e
  57. 88e81d30fffb28a23e7f18b6bcde604d32ef456c
  58. 5495d60597eae3b19463a5f5320a9f7bdf62fcdf
  59. e5e2a8ba7fdc8e1c249687a39157b5a33ebc66ee
  60. 92e2ea49e71d7d3a47539bef2e69f7dd6af753b8
  61. d86cb154d4db801048bb93fd3fbb0a4fc8a7d24e
  62. fb7c6f772395e3b1d05cb11166f7ac0fbf8111c9
  63. c0dda70f7cb236f13fa87c06903af8899d56e7a6
  64. b20c8d1396b546848140a8ccfe99e7c4183aa6f3
  65. 1097c145d3272ae29c4deb14711683fe13f3b967
  66. ae1e04921b61d7d122dde85cbd023bd1736f22d8
  67. 55b250461ac43bae035b3be3f9494244dbc2d5ed
  68. 705311d0a058c8e57b7cb884117e58a92ee092e1
  69. 827be2f8b365cdbd350136510ef00d58c2daaae9
  70. 1061ab16a64d9be13a5f1576524e262eaddfe4fc
  71. 9900ef739b04c1afbe3afe8bf4bf8bfc1383f125
  72. 62c6af74b2d38c8800b2489c34c326fd9ed29e0e
  73. 8a918f23689abe42449131fb2e75f8cd9f779992
  74. 8f43605a2cbadbfc91767b32142fc5bf3af02cd6
  75. ee3adbcf5e2489ab54441ba10d220ae9c7d17f72
  76. f641fa7712b9a23e6f3ca47c646c641970bb8c14
  77. 08663ac6dfc74f8ccf0e42949f9fdc2d6ab87dba
  78. e4bd39aa3d27df3947a3bd9c5632ddbfd881ccf5
  79. 8abdd4a455d91d563c9b47194305d92d5f966c01
  80. b030ce59e0cc26a8b5c0b10c17761b2430ccd0b4
  81. 5c88602f5df96a91b27c7100e2f3117fc2c0cff8
  82. 5d124973d11bb5bba49e5e866da4a801e1321e9b
  83. 366dcd837b1e9eb9e8c97d543e9709f9cc0d55da
  84. 6d7cd9c693e2b28b939d0e819bff8ea03803c5d7
  85. b2e896e27f28fbdcf2b7c0074169d68cf0091b41
  86. 144add1453f9861adda792cbe314e905db428b67
  87. ddd44a0c8af093a0e39f58ebc4ab152ac98b1a66
  88. a22cf168ba36d53b3a8b6f7e7df6e05477a0c10b
  89. a4fdc95c62d8e3b68f216a7b690059b23a2cf4d6
  90. 5b01e002ad074545c3701e1fd20aa9aca7f6c0a1
  91. c401e12c26f90fd3b1cd1442918a94c8ea177eb4
  92. a47df2ca053899161996a746316cd495cc6205c5
  93. 0cc89da3bfa971d06adfbdcce6657cf744588110
  94. f445eb5a16bfdb80dd2a2bba232b4ffb77a2303a
  95. b9df6fdd36830c8e55ca140691f18dab118d76c8
  96. 6b8d7d5cdbd6834f4f9e2d0f956b40ade99f039e
  97. e765b895025721046f5edbb35838c024398f7254
  98. 897b8e91c2ba098d7513cfc44741d9984caa2599
  99. 461529a483e6277ba064a4ab86319ea05205359c
  100. a81df58a6b14bc9abf4a403dd1a1e510d88d6eac
  101. 7cabdd105259e7b11ab21c005e98e4ec0e1f4d0c
  102. 7a4e4f801578641c9b778ab64f9b43e7477f8704
  103. 8d7588abe66cf78db40cfd7c1595db611fd8998f
  104. 2388ece9f90c685a93802d7787dbc50692468819
  105. c958f22d2b859b614999931e7fea82d7288c0f87
  106. 464596f5abe58b3fb7e5579ca16e74f1dec01cb8
  107. e126085063a7d6b4aebb9e18bbda43bfb83c0967
  108. c1c22c38460467bd69c7ae2a9bfe90ffd64d2509
  109. 1241a3831a336f9df070c7c1085f597e7f7b4763
  110. 6d5b4c1b80b61a1fdbe922b0e3e43e010b957dcb
  111. b972a3e4c5c6822e14d3a2f7ebe4619190bbf19c
  112. e2038a72b8c18f9a961e4f020e34a615b0a109d2
  113. 7418180f45e8053cc0c467c85dabbcc6e983e8c0
  114. 8b68d2d4dcf599c1285d70703c1d97224d60f8dd
  115. a72aa3f329a63cd6e5d17b9ae1a93774b66497c3
  116. 8713a12c08bac7bfa2d4f013b7a6e21ae19aaf66
  117. 445fd75d947443a5db56fbe709b180af1fbfea55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment