Skip to content

cmarvel1975/kippo-dirtybastard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits

doc

doc

 
 

honeyfs

honeyfs

 
 

kippo

kippo

 
 

txtcmds

txtcmds

 
 

utils

utils

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

fs.pickle

fs.pickle

 
 

kippo.cfg.dist

kippo.cfg.dist

 
 

kippo.tac

kippo.tac

 
 

start.sh

start.sh

 
 

Repository files navigation

Kippo-DirtyBastard

An 'offensive' fork of the Kippo honeypot (https://code.google.com/p/kippo/). A strike-back honeypot of dubious legal, and moral, status.

Kippo-DirtyBastard requires minimal interaction from the host, setup and forget.

Features

Here are the features so far:

  • If the attacker uses passwd, try to SSH with this password onto their machine.
  • Try account credentials added with adduser.
  • Email alerts for any successful return fire.
  • Portscan on connection.
  • Bruteforce attacker's SSH with Hydra (did they get into 'their' box the same way as yours?).

Let me know if you have any suggestions for anything.

Setup

Follow the Kippo setup guide here: https://code.google.com/p/kippo/

Edit the kippo.cfg and add which commands will be automatically run once kippo-dirtybastard gets access to a remote machine.

Email alert settings can also be found in the kippo.cfg. If kippo-dirtybastard accesses anywhere, you'll be emailed the stdout afterwards, keep this in mind when writing the command in the cfg file.

Requires nmap, python-nmap and Hydra for portscanning and bruteforcing features respectively.

Disclaimer

Don't actually run this. It'd probably be illegal in most places to stick it on the internet.

About

A version of Kippo (code.google.com/p/kippo/) which attempts to launch automated attacks at an attacker.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published