Last active
October 15, 2022 06:31
-
-
Save gyrospectre/64d5d0f808e5098803959b49a2956979 to your computer and use it in GitHub Desktop.
Bind Shell Logger
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import socket | |
| BANNER = [ | |
| "bash: cannot set terminal process group (5237): Inappropriate ioctl for device", | |
| "bash: no job control in this shell", | |
| ] | |
| LISTEN_ON = '0.0.0.0' | |
| PORT = 51337 | |
| LOGFILE = './honey.log' | |
| def writeLog(client, data=''): | |
| separator = '='*50 | |
| fopen = open(LOGFILE, 'a') | |
| fopen.write( | |
| 'Time: {}\nIP: {}\nPort: {}\nData: {}\n{}\n\n'.format( | |
| time.ctime(), | |
| client[0], | |
| client[1], | |
| data.decode("utf-8"), | |
| separator | |
| ) | |
| ) | |
| fopen.close() | |
| def main(): | |
| print('Starting honeypot!') | |
| s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| s.bind((LISTEN_ON, PORT)) | |
| s.listen(100) | |
| while True: | |
| (insock, address) = s.accept() | |
| print(f"Connection from: {address[0]}:{address[1]}") | |
| for line in BANNER: | |
| insock.send('{}\n'.format(line).encode()) | |
| try: | |
| insock.send('root@{}:~# '.format(socket.gethostname()).encode()) | |
| data = insock.recv(1024) | |
| insock.close() | |
| except socket.error as e: | |
| writeLog(address) | |
| else: | |
| writeLog(address, data) | |
| if __name__=='__main__': | |
| try: | |
| main() | |
| except KeyboardInterrupt: | |
| print('Shutting down honeypot.') | |
| exit(0) | |
| except BaseException as e: | |
| print(f'Error: {e}') | |
| exit(1) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment