secubox-openwrt

gandalf/secubox-openwrt

Fork 0

Commit Graph

Author	SHA1	Message	Date
CyberMind-FR	22b344225c	feat(secubox-auth-logger): Add LuCI auth failure detection - Add CGI hook to capture client IP during failed auth attempts - Add JavaScript hook to intercept ubus session.login failures - Add rpcd plugin for ubus-based auth logging - Update CrowdSec parser for case-insensitive matching - Inject JS hook into LuCI theme headers on install This enables CrowdSec to detect and block brute-force attacks on the LuCI web interface, which previously only logged successful authentications. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-13 15:07:40 +01:00
CyberMind-FR	c2ea22bcab	fix: CAPI registration with stale credentials cleanup - repair_lapi() now removes stale online_api_credentials.yaml and retries - New repair_capi() function for dedicated CAPI repair - console_enroll() handles CAPI credential cleanup before retry - Added repairCapi API method in frontend - Bump luci-app-crowdsec-dashboard to 0.7.0-r20 - Add openwrt-luci-bf.yaml scenario for LuCI brute force detection - Add secubox-auth-acquis.yaml acquisition config Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-13 11:16:58 +01:00
CyberMind-FR	3b84c8a047	feat(secubox-auth-logger): Add auth failure monitoring for CrowdSec - Create secubox-auth-logger package to monitor SSH/LuCI auth failures - auth-monitor.sh watches logread for failed password attempts - Supports OpenSSH, Dropbear, and uhttpd/LuCI authentication - Logs failures to syslog with secubox-auth tag for CrowdSec parsing - Fix wizard.js syntax error with computed property names - Remove broken Dropbear verbose config (2024.86 doesn't support -v) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-13 09:35:20 +01:00

Author

SHA1

Message

Date

CyberMind-FR

22b344225c

feat(secubox-auth-logger): Add LuCI auth failure detection

- Add CGI hook to capture client IP during failed auth attempts
- Add JavaScript hook to intercept ubus session.login failures
- Add rpcd plugin for ubus-based auth logging
- Update CrowdSec parser for case-insensitive matching
- Inject JS hook into LuCI theme headers on install

This enables CrowdSec to detect and block brute-force attacks
on the LuCI web interface, which previously only logged
successful authentications.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-13 15:07:40 +01:00

CyberMind-FR

c2ea22bcab

fix: CAPI registration with stale credentials cleanup

- repair_lapi() now removes stale online_api_credentials.yaml and retries
- New repair_capi() function for dedicated CAPI repair
- console_enroll() handles CAPI credential cleanup before retry
- Added repairCapi API method in frontend
- Bump luci-app-crowdsec-dashboard to 0.7.0-r20
- Add openwrt-luci-bf.yaml scenario for LuCI brute force detection
- Add secubox-auth-acquis.yaml acquisition config

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-13 11:16:58 +01:00

CyberMind-FR

3b84c8a047

feat(secubox-auth-logger): Add auth failure monitoring for CrowdSec

- Create secubox-auth-logger package to monitor SSH/LuCI auth failures
- auth-monitor.sh watches logread for failed password attempts
- Supports OpenSSH, Dropbear, and uhttpd/LuCI authentication
- Logs failures to syslog with secubox-auth tag for CrowdSec parsing
- Fix wizard.js syntax error with computed property names
- Remove broken Dropbear verbose config (2024.86 doesn't support -v)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-13 09:35:20 +01:00

3 Commits