ADBHoney 100% CPU usage after `nmap` scan

I have been noticing adbhoney to keep running at 100% CPU usage after some connection attempts being made. In order to reproduce this I could do so with nmap -sV -v -p 5555 127.0.0.1.

Logs:

{"eventid": "adbhoney.session.connect", "src_ip": "172.18.0.1", "src_port": 40910, "dest_ip": "172.18.0.2", "dest_port": "5555", "timestamp": "2022-03-02T10:37:04.451089Z", "unixtime": 1646217424, "session": "f5ba8783e698", "sensor": "honeypot01"}
{"eventid": "adbhoney.session.connect", "src_ip": "172.18.0.1", "src_port": 40922, "dest_ip": "172.18.0.2", "dest_port": "5555", "timestamp": "2022-03-02T10:37:09.306698Z", "unixtime": 1646217429, "session": "c72b006616f4", "sensor": "honeypot01"}
{"eventid": "adbhoney.session.connect", "src_ip": "172.18.0.1", "src_port": 40928, "dest_ip": "172.18.0.2", "dest_port": "5555", "timestamp": "2022-03-02T10:37:14.938758Z", "unixtime": 1646217434, "session": "d9f64c158ada", "sensor": "honeypot01"}
{"eventid": "adbhoney.session.connect", "src_ip": "172.18.0.1", "src_port": 40944, "dest_ip": "172.18.0.2", "dest_port": "5555", "timestamp": "2022-03-02T10:37:19.392497Z", "unixtime": 1646217439, "session": "68e568cbc33a", "sensor": "honeypot01"}
{"eventid": "adbhoney.session.connect", "src_ip": "172.18.0.1", "src_port": 40950, "dest_ip": "172.18.0.2", "dest_port": "5555", "timestamp": "2022-03-02T10:37:24.219404Z", "unixtime": 1646217444, "session": "b1bd4f93f5fe", "sensor": "honeypot01"}
{"eventid": "adbhoney.session.connect", "src_ip": "172.18.0.1", "src_port": 40954, "dest_ip": "172.18.0.2", "dest_port": "5555", "timestamp": "2022-03-02T10:37:29.198837Z", "unixtime": 1646217449, "session": "c4349a44f61a", "sensor": "honeypot01"}
{"eventid": "adbhoney.session.connect", "src_ip": "172.18.0.1", "src_port": 40982, "dest_ip": "172.18.0.2", "dest_port": "5555", "timestamp": "2022-03-02T10:37:57.773941Z", "unixtime": 1646217477, "session": "00c648528b3e", "sensor": "honeypot01"}

Adbhoney behavior changes afterwards. While connections still can be made there is no functionality, logging for some reason, continues to work.

This is based on git commit 2417a7a982f4fd527b3a048048df9a23178767ad.

Finally caught the exception:

adbhoney    | INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
adbhoney    | INFO:ADBHoneypot:172.29.0.1 connection start (8d1fc08af223)
adbhoney    | INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.29.0.1', 'src_port': 40272, 'dest_ip': '172.29.0.2', 'dest_port': '5555', 'timestamp': '2022-03-09T16:29:33.021401Z', 'unixtime': 1646843373, 'session': '8d1fc08af223', 'sensor': 'honeypot01'}
adbhoney    |     self.run()
adbhoney    |   File "/usr/lib/python3.9/threading.py", line 910, in run
adbhoney    |     self._target(*self._args, **self._kwargs)
adbhoney    |   File "/opt/adbhoney/adbhoney/core.py", line 95, in __init__
adbhoney    |     self.run()
adbhoney    |   File "/opt/adbhoney/adbhoney/core.py", line 107, in run
adbhoney    |     self.process_connection()
adbhoney    |   File "/opt/adbhoney/adbhoney/core.py", line 320, in process_connection
adbhoney    | INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
adbhoney    |     message = self.parse_data(data)
adbhoney    |   File "/opt/adbhoney/adbhoney/core.py", line 165, in parse_data
adbhoney    | INFO:ADBHoneypot:172.29.0.1 connection start (1a84b40ec4f5)
adbhoney    | INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.29.0.1', 'src_port': 40276, 'dest_ip': '172.29.0.2', 'dest_port': '5555', 'timestamp': '2022-03-09T16:29:38.618027Z', 'unixtime': 1646843378, 'session': '1a84b40ec4f5', 'sensor': 'honeypot01'}
adbhoney    |     message = protocol.AdbMessage.decode(data)[0]
adbhoney    |   File "/opt/adbhoney/adbhoney/protocol.py", line 59, in decode
adbhoney    |     header, data = AdbMessageHeader.decode(data)
adbhoney    |   File "/opt/adbhoney/adbhoney/protocol.py", line 124, in decode
adbhoney    |     args = struct.unpack(cls._fmt, data[:length])
adbhoney    | struct.error: unpack requires a buffer of 24 bytes

Mar 02 '22 10:03 t3chn0m4g3

@huuck Can you reproduce?

Mar 09 '22 15:03 t3chn0m4g3

Sorry about this, looks like my GitHub messages are going sideways and not reaching my inbox. I'll take a look and do a fix as I think I know the issue.

Sep 28 '22 15:09 huuck

I've reproduced it. I don't think the issue is the error you pasted above but some kind of Pokemon try catch that's failing silently that I forgot somewhere that keeps the thread running even after an error.

Sep 28 '22 16:09 huuck

Thank you for taking this on. I can confirm it is working perfectly fine now.

Oct 12 '22 11:10 t3chn0m4g3

@huuck For some reason it is back. A simple nmap -A -p 5555 <ip> leaves it at 100% CPU load.

Can you reproduce?

Full logs of one nmap session:

INFO:config:Loading config from adbhoney.cfg
INFO:ADBHoneypot:Configuration loaded with ['output_log', 'output_json'] as output plugins
INFO:ADBHoneypot:Listening on 0.0.0.0:5555.
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (93b852b3e011)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 48516, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:13.355517Z', 'unixtime': 1709118853, 'session': '93b852b3e011', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Connection reset by peer.
INFO:ADBHoneypot:0.0005240440368652344	172.20.254.127	connection closed
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.closed', 'src_ip': '172.20.254.127', 'duration': '0.00', 'timestamp': '2024-02-28T11:14:13.355597Z', 'unixtime': 1709118853, 'session': '93b852b3e011', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (a771a49659c6)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 48528, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:13.398413Z', 'unixtime': 1709118853, 'session': 'a771a49659c6', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Connection reset by peer.
INFO:ADBHoneypot:11.013343811035156	172.20.254.127	connection closed
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.closed', 'src_ip': '172.20.254.127', 'duration': '11.01', 'timestamp': '2024-02-28T11:14:24.411323Z', 'unixtime': 1709118864, 'session': 'a771a49659c6', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (9d8824078a01)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 37832, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:24.414818Z', 'unixtime': 1709118864, 'session': '9d8824078a01', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (727b0d969214)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 37836, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:29.435114Z', 'unixtime': 1709118869, 'session': '727b0d969214', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (612854fc743f)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 53394, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:34.430102Z', 'unixtime': 1709118874, 'session': '612854fc743f', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (a1d7d28f6053)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 53408, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:39.429661Z', 'unixtime': 1709118879, 'session': 'a1d7d28f6053', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:data is none?: None
INFO:ADBHoneypot:6.002034664154053	172.20.254.127	connection closed
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.closed', 'src_ip': '172.20.254.127', 'duration': '6.00', 'timestamp': '2024-02-28T11:14:40.429397Z', 'unixtime': 1709118880, 'session': '612854fc743f', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (2c6ebc653364)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 50458, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:44.438686Z', 'unixtime': 1709118884, 'session': '2c6ebc653364', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (fb07c8d151ae)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 50468, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:49.446288Z', 'unixtime': 1709118889, 'session': 'fb07c8d151ae', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (ab04e3370c69)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 56634, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:54.453151Z', 'unixtime': 1709118894, 'session': 'ab04e3370c69', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (061c89141960)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 56636, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:59.458834Z', 'unixtime': 1709118899, 'session': '061c89141960', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Connection reset by peer.
INFO:ADBHoneypot:0.00012183189392089844	172.20.254.127	connection closed
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.closed', 'src_ip': '172.20.254.127', 'duration': '0.00', 'timestamp': '2024-02-28T11:14:59.458884Z', 'unixtime': 1709118899, 'session': '061c89141960', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (5c5e8c554faf)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 56646, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:14:59.462143Z', 'unixtime': 1709118899, 'session': '5c5e8c554faf', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Connection reset by peer.
INFO:ADBHoneypot:7.506870985031128	172.20.254.127	connection closed
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.closed', 'src_ip': '172.20.254.127', 'duration': '7.51', 'timestamp': '2024-02-28T11:15:06.968936Z', 'unixtime': 1709118906, 'session': '5c5e8c554faf', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (eb6261470e53)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 51516, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:06.971115Z', 'unixtime': 1709118906, 'session': 'eb6261470e53', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (ed4b0ba2aee0)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 34304, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:11.977838Z', 'unixtime': 1709118911, 'session': 'ed4b0ba2aee0', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (8708a33558db)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 34312, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:16.986057Z', 'unixtime': 1709118916, 'session': '8708a33558db', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (d5574b066721)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 60956, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:21.995148Z', 'unixtime': 1709118921, 'session': 'd5574b066721', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (d361dfe17316)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 60968, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:26.999065Z', 'unixtime': 1709118926, 'session': 'd361dfe17316', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:Connection reset by peer.
INFO:ADBHoneypot:5.010464668273926	172.20.254.127	connection closed
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.closed', 'src_ip': '172.20.254.127', 'duration': '5.01', 'timestamp': '2024-02-28T11:15:32.009331Z', 'unixtime': 1709118932, 'session': 'd361dfe17316', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:172.20.254.127 connection start (71f086ceaf70)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 48056, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:32.010342Z', 'unixtime': 1709118932, 'session': '71f086ceaf70', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (f4c9a89f0fa1)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 48072, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:37.017067Z', 'unixtime': 1709118937, 'session': 'f4c9a89f0fa1', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (1a1fa3d5c4ca)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 41620, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:42.020472Z', 'unixtime': 1709118942, 'session': '1a1fa3d5c4ca', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Connection reset by peer.
INFO:ADBHoneypot:5.010341644287109	172.20.254.127	connection closed
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.closed', 'src_ip': '172.20.254.127', 'duration': '5.01', 'timestamp': '2024-02-28T11:15:42.023011Z', 'unixtime': 1709118942, 'session': 'f4c9a89f0fa1', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (2d612d163643)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 41636, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:47.029417Z', 'unixtime': 1709118947, 'session': '2d612d163643', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Connection reset by peer.
INFO:ADBHoneypot:0.0003857612609863281	172.20.254.127	connection closed
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.closed', 'src_ip': '172.20.254.127', 'duration': '0.00', 'timestamp': '2024-02-28T11:15:47.029467Z', 'unixtime': 1709118947, 'session': '2d612d163643', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (41757ab80270)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 41642, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:47.035957Z', 'unixtime': 1709118947, 'session': '41757ab80270', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (efebcb8bac74)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 34284, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:54.544974Z', 'unixtime': 1709118954, 'session': 'efebcb8bac74', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (aec1e2861466)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 34290, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:15:59.553746Z', 'unixtime': 1709118959, 'session': 'aec1e2861466', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Connection reset by peer.
INFO:ADBHoneypot:5.004915237426758	172.20.254.127	connection closed
Exception in thread Thread-49 (ADBConnection):
Traceback (most recent call last):
  File "/usr/lib/python3.11/threading.py", line 1045, in _bootstrap_inner
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.closed', 'src_ip': '172.20.254.127', 'duration': '5.00', 'timestamp': '2024-02-28T11:16:04.552211Z', 'unixtime': 1709118964, 'session': 'aec1e2861466', 'sensor': 'honeypot01'}
    self.run()
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
  File "/usr/lib/python3.11/threading.py", line 982, in run
INFO:ADBHoneypot:172.20.254.127 connection start (6302a9ac78f5)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 58688, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:04.558994Z', 'unixtime': 1709118964, 'session': '6302a9ac78f5', 'sensor': 'honeypot01'}
ERROR:ADBHoneypot:unpack requires a buffer of 24 bytes
    self._target(*self._args, **self._kwargs)
  File "/opt/adbhoney/adbhoney/core.py", line 164, in __init__
    self.run()
  File "/opt/adbhoney/adbhoney/core.py", line 176, in run
    self.process_connection()
  File "/opt/adbhoney/adbhoney/core.py", line 392, in process_connection
    message = self.parse_data(data)
              ^^^^^^^^^^^^^^^^^^^^^
  File "/opt/adbhoney/adbhoney/core.py", line 234, in parse_data
    message = protocol.AdbMessage.decode(data)[0]
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/adbhoney/adbhoney/protocol.py", line 59, in decode
    header, data = AdbMessageHeader.decode(data)
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/adbhoney/adbhoney/protocol.py", line 124, in decode
    args = struct.unpack(cls._fmt, data[:length])
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
struct.error: unpack requires a buffer of 24 bytes
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (f24bec702a41)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 58690, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:09.561812Z', 'unixtime': 1709118969, 'session': 'f24bec702a41', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (bb9e25fb5c4f)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 53256, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:14.574977Z', 'unixtime': 1709118974, 'session': 'bb9e25fb5c4f', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Connection reset by peer.
INFO:ADBHoneypot:5.00162410736084	172.20.254.127	connection closed
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.closed', 'src_ip': '172.20.254.127', 'duration': '5.00', 'timestamp': '2024-02-28T11:16:19.572529Z', 'unixtime': 1709118979, 'session': 'bb9e25fb5c4f', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (ef892cf633cd)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 53266, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:19.575564Z', 'unixtime': 1709118979, 'session': 'ef892cf633cd', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (623a38c5b4f6)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 54888, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:24.580840Z', 'unixtime': 1709118984, 'session': '623a38c5b4f6', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (9318291f9abb)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 54896, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:29.588020Z', 'unixtime': 1709118989, 'session': '9318291f9abb', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (747e14e221bb)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 60006, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:34.595792Z', 'unixtime': 1709118994, 'session': '747e14e221bb', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (4cfbc968e569)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 60008, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:39.602013Z', 'unixtime': 1709118999, 'session': '4cfbc968e569', 'sensor': 'honeypot01'}
Exception in thread Thread-61 (ADBConnection):
Traceback (most recent call last):
  File "/usr/lib/python3.11/threading.py", line 1045, in _bootstrap_inner
    self.run()
  File "/usr/lib/python3.11/threading.py", line 982, in run
    self._target(*self._args, **self._kwargs)
  File "/opt/adbhoney/adbhoney/core.py", line 164, in __init__
ERROR:ADBHoneypot:unpack requires a buffer of 24 bytes
    self.run()
  File "/opt/adbhoney/adbhoney/core.py", line 176, in run
    self.process_connection()
  File "/opt/adbhoney/adbhoney/core.py", line 392, in process_connection
    message = self.parse_data(data)
              ^^^^^^^^^^^^^^^^^^^^^
  File "/opt/adbhoney/adbhoney/core.py", line 234, in parse_data
    message = protocol.AdbMessage.decode(data)[0]
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/adbhoney/adbhoney/protocol.py", line 59, in decode
    header, data = AdbMessageHeader.decode(data)
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/adbhoney/adbhoney/protocol.py", line 124, in decode
    args = struct.unpack(cls._fmt, data[:length])
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
struct.error: unpack requires a buffer of 24 bytes
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (0a3e47ce4667)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 54270, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:44.613206Z', 'unixtime': 1709119004, 'session': '0a3e47ce4667', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (8b3700dce954)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 49916, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:51.613541Z', 'unixtime': 1709119011, 'session': '8b3700dce954', 'sensor': 'honeypot01'}
INFO:ADBHoneypot:Received a connection, creating an ADBConnection.
INFO:ADBHoneypot:172.20.254.127 connection start (c8e3bf5f7896)
INFO:ADBHoneypot:{'eventid': 'adbhoney.session.connect', 'src_ip': '172.20.254.127', 'src_port': 49928, 'dest_ip': '192.168.112.2', 'dest_port': '5555', 'timestamp': '2024-02-28T11:16:58.619456Z', 'unixtime': 1709119018, 'session': 'c8e3bf5f7896', 'sensor': 'honeypot01'}

Feb 28 '24 11:02 t3chn0m4g3

ADBHoney ADBHoney copied to clipboard

100% CPU usage after `nmap` scan

ADBHoney
ADBHoney copied to clipboard