-
Notifications
You must be signed in to change notification settings - Fork 1
/
install.sh
94 lines (83 loc) · 2.61 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/bin/bash
set -e
echo "
This project has been developed for experimental purposes. It will perform the following operations on your system:
- Adding and running the Siberkuvvet honeypot as a service
- Adding and running FTP, SSH, Telnet honeypots as a service
- Clear all firewall rules
- Direct all requests (including port 22,80 except port 1) to the honeypot service (local 4141).
- Be sure you install dependencies for all python files.
- It can cause some network access lose.
****** DO NOT USE ON PRODUCTION SYSTEMS ***********
"
read -p "Are you sure you wish to continue? - yes / no"
if [ "$REPLY" != "yes" ]; then
exit
fi
dir=`pwd`
siberkuvvet_honeypot="
[Unit]
Description=Siberkuvvet Honeypot
[Service]
Type=simple
ExecStart=/usr/bin/python3 $dir/main.py > /dev/null 2>/dev/null
Restart=always
RestartSec=2
[Install]
WantedBy=sysinit.target
"
ftp_honeypot="
[Unit]
Description=FTP Honeypot
[Service]
Type=simple
ExecStart=/usr/bin/python $dir/honeypots/ftp.py > /dev/null 2>/dev/null
Restart=always
RestartSec=2
[Install]
WantedBy=sysinit.target
"
telnet_honeypot="
[Unit]
Description=Telnet Honeypot
[Service]
Type=simple
ExecStart=/usr/bin/python $dir/honeypots/telnet.py > /dev/null 2>/dev/null
Restart=always
RestartSec=2
[Install]
WantedBy=sysinit.target
"
ssh_honeypot="
[Unit]
Description=SSH Honeypot
[Service]
Type=simple
ExecStart=/usr/bin/python $dir/honeypots/ssh.py > /dev/null 2>/dev/null
Restart=always
RestartSec=2
[Install]
WantedBy=sysinit.target
"
echo "\n\n\n"
echo "creating services...";
echo "$siberkuvvet_honeypot" > /etc/systemd/system/siberkuvvet_honeypot.service
echo "$ftp_honeypot" > /etc/systemd/system/ftp_honeypot.service
echo "$telnet_honeypot" > /etc/systemd/system/telnet_honeypot.service
echo "$ssh_honeypot" > /etc/systemd/system/ssh_honeypot.service
systemctl daemon-reload
systemctl enable siberkuvvet_honeypot && systemctl start siberkuvvet_honeypot --no-block
systemctl enable ftp_honeypot && systemctl start ftp_honeypot --no-block
systemctl enable telnet_honeypot && systemctl start telnet_honeypot --no-block
systemctl enable ssh_honeypot && systemctl start ssh_honeypot --no-block
iptables -F -t nat
sysctl -w net.ipv4.conf.eth0.route_localnet=1
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 2:65530 -j DNAT --to-destination 127.0.0.1:4141
mkdir -p /var/log/honeypots/
touch /var/log/honeypots/ftp.log
touch /var/log/honeypots/telnet.log
touch /var/log/honeypots/ssh.log
# keep track of the last executed command
trap 'last_command=$current_command; current_command=$BASH_COMMAND' ERR
# echo an error message before exiting
trap 'echo "\"${last_command}\" command filed with exit code $?."' ERR