Msfconsole Detecting Kippo SSH Honeypots – Kali Linux

Msfconsole Detecting Kippo SSH Honeypots – Kali Linux

Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.

Kippo is inspired, but not based on Kojoney.

Features:
Some interesting features:

Fake filesystem with the ability to add/remove files. A full fake filesystem resembling a Debian 5.0 installation is included
Possibility of adding fake file contents so the attacker can ‘cat’ files such as /etc/passwd. Only minimal file contents are included
Session logs stored in an UML Compatible format for easy replay with original timings
Just like Kojoney, Kippo saves files downloaded with wget for later inspection
Trickery; ssh pretends to connect somewhere, exit doesn’t really exit, etc

Requirements:

An operating system (tested on Debian, CentOS, FreeBSD and Windows 7)
Python 2.5+
Twisted 8.0+
PyCrypto
Zope Interface

More information:    https://github.com/desaster/kippo

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s