pypotomux - A python protocol demuxed honeypot (potomiel) -> From now on, this repo will only contain the wordlists and be updated from broneypote
ssh [email protected] tar -zcvf /tmp/dump.tgz /opt/broneypote/dump
scp [email protected]:/tmp/dump.tgz .
tar -zxvf dump.tgz; mv opt/broneypote/dump .
ssh [email protected] /bin/rm /tmp/dump.tgz
ssh [email protected] find /opt/broneypote/dump -type f -delete
python generate-wordlists.py
# Do the actual triage
git diff HEAD | grep -iaE '^[-]'
git diff HEAD | grep -iaE '^[+]' | cut -c 2- | less
grep -hrioaP '[a-zA-Z0-9_-]+=' dump | tr -d = > /tmp/params; sort -uV wordlists/params.lst /tmp/params -o wordlists/params.lst
/bin/rm -rf opt dump.tgz dump /tmp/params
git commit -am "updated wordlist from broneypote $(date)"
git push
# Setup
sudo apt install -y sslh virtualenv bat # Choose standalone
virtualenv -p python3 .py3 && source .py3/bin/activate
source .py3/bin/activate
pip install -r requirements.txt
# Start all
# Use your exposed interface, not 0.0.0.0
./start-all.sh IP.IP.IP.IP
# Stop honeypots if it failed
ps fauxww | grep potomiel | grep -v grep | awk '{ print $2 }' | xargs sudo kill -9
# Tests
curl -sk "http://0.0.0.0:9999/?coucou=maman"
curl -sk "https://0.0.0.0:9999/?nevergonna=giveyouup"
ssh -o StrictHostKeyChecking=no -p 9999 -i rsa-srv.key [email protected]
bat dump/*/*