GithubHelp home page GithubHelp logo

kkovacs / heralding Goto Github PK

View Code? Open in Web Editor NEW

This project forked from johnnykv/heralding

0.0 3.0 0.0 5.52 MB

Credentials catching honeypot

License: GNU General Public License v3.0

Python 100.00%

heralding's Introduction

Heralding travis badge Code Health version badge

About

Sometimes you just want a simple honeypot that collects credentials, nothing more. Heralding is that honeypot! Currently the following protocols are supported: ftp, telnet, ssh, http, https, pop3, pop3s and smtp.

Starting the honeypot

$ sudo heralding
2016-03-18 20:36:47,090 (root) Initializing Heralding version 0.1.0
2016-03-18 20:36:47,090 (root) Using default config file: "/Users/jkv/repos/heralding/heralding/heralding.yml", if you want to customize values please copy this file to the current working directory
2016-03-18 20:36:47,098 (heralding.reporting.file_logger) File logger started, using file: heralding_activity.log
2016-03-18 20:36:47,099 (heralding.honeypot) Started ftp capability listening on port 21
2016-03-18 20:36:47,100 (heralding.honeypot) Started Http capability listening on port 80
2016-03-18 20:36:47,100 (heralding.honeypot) Started Pop3 capability listening on port 110
2016-03-18 20:36:47,100 (heralding.honeypot) Started smtp capability listening on port 25
2016-03-18 20:36:47,268 (heralding.honeypot) Started SSH capability listening on port 22
2016-03-18 20:36:47,268 (heralding.honeypot) Started Telnet capability listening on port 23
2016-03-18 20:36:47,270 (root) Privileges dropped, running as nobody/nogroup.

Viewing the collected data

$ tail -f heralding_activity.log
timestamp,auth_id,auth_type,session_id,source_ip,source_port,destination_port,protocol,username,password
2016-03-12 20:35:02.258198,192.168.2.129,51551,23,telnet,bond,james
2016-03-12 20:35:09.658593,192.168.2.129,51551,23,telnet,clark,P@SSw0rd123
2016-03-18 19:31:38.064700,192.168.2.129,53416,22,ssh,NOP_Manden,M@MS3
2016-03-18 19:31:38.521047,192.168.2.129,53416,22,ssh,guest,guest
2016-03-18 19:31:39.376768,192.168.2.129,53416,22,ssh,HundeMad,katNIPkat
2016-03-18 19:33:07.064504,192.168.2.129,53431,110,pop3,charles,N00P1SH
2016-03-18 19:33:12.504483,192.168.2.129,53431,110,pop3,NektarManden,mANDENnEktar
2016-03-18 19:33:24.952645,192.168.2.129,53433,21,ftp,Jamie,brainfreeze
2016-03-18 19:33:47.008562,192.168.2.129,53436,21,ftp,NektarKongen,SuperS@cretP4ssw0rd1
2016-03-18 19:36:56.077840,192.168.2.129,53445,21,ftp,Joooop,Pooop

Installing Heralding

To install the latest stable (well, semi-stable) version, use pip:

pip install heralding

Make sure that requirements and pip is installed. Simple way to do this on a Debian-based OS is:

sudo apt-get install python-pip python-dev build-essential libssl-dev libffi-dev
sudo pip install -r requirements.txt

And finally start the honeypot:

mkdir tmp
cd tmp
sudo heralding

heralding's People

Contributors

adarshdinesh avatar czardoz avatar glaslos avatar johnnykv avatar kajojify avatar kkovacs avatar markszabo avatar tl87 avatar

Watchers

avatar avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.