I developed a (small) honeypot to catch hackers & bots.
HTML-код
- Опубликовано: 14 июл 2024
- Receive 10% off with any purchase on Hostinger (or use code GRANTCOLLINS): hostinger.com/grantcollins
🍯 SSH HONEY_PY GitHub Repository: - github.com/collinsmc23/ssh_ho...
⏰ Timestamps:
0:00 - Introduction
1:26 - Project Overview
3:00 - Logging
4:00 - Implementing SSH
6:46 - Creating Emulated Shell
7:54 - Multi-Threading Implementation
9:28 - Argument Support
10:01 - Deploying a VPS Honeypot with Hostinger
12:03 - Honeypot VPS Configuration
14:01 - Results: Collecting Usernames, Passwords, and IP Addresses
14:54 - Advanced Features + Conclusion
🔗 Links (Sources):
- securehoney.net/blog/how-to-b...
- / deceptive-defense-buil...
- gist.github.com/cschwede/3e2c...
- www.hostinger.com/tutorials/h...
- github.com/collinsmc23/ssh_ho...
🐕 Follow Me:
Twitter: / collinsinfosec
Instagram: / _collinsinfosec
Cybercademy Discord Server: / discord
🤔 Have questions, concerns, comments?:
Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): amzn.to/2O0UfAM
Monitors (Dell D Series 31.5” D3218HN): amzn.to/2EXlgRF
Keyboard (Velocifire VM01): amzn.to/2TEswfd
Headphones (Audio Technica ATH-M40x): amzn.to/2F4Tvq6
Work Monitors (Dell U4919DW UltraSharp 49 Curved Monitor): amzn.to/3yQmDhM
Desk (FLEXISPOT EW8 Comhar Electric Standing Desk): amzn.to/3S9OxvG
💻 Cybersecurity PC Build Parts
[Processor] Intel Core i7-13700K 3.4 GHz 16-Core Processor: amzn.to/3OlTTUK
[Graphics Card] Asus DUAL OC GeForce RTX 3060 Ti 8 GB Video Card: amzn.to/3OE0bkd
[AIO Cooler] Corsair iCUE H100i RGB ELITE 65.57 CFM Liquid CPU Cooler: amzn.to/3DEUUT9
[Motherboard] MSI PRO Z690-A WIFI DDR4 ATX LGA1700 Motherboard: amzn.to/3Ol9La8
[RAM](2x) Corsair Vengeance LPX 64 GB (2 x 32 GB) DDR4-3200 CL16 Memory: amzn.to/3OlsgeM
[HDD] Seagate IronWolf NAS 8 TB 3.5" 7200 RPM Internal Hard Drive: amzn.to/3DFdc6K
[SSD] Samsung 980 Pro 2 TB M.2-2280 PCIe 4.0 X4 NVME Solid State Drive: amzn.to/3KpTnnQ
[Case] Corsair 5000D AIRFLOW ATX Mid Tower Case: amzn.to/44Rjaxf
[Power Supply] Corsair RM850x (2021) 850 W 80+ Gold Certified Fully Modular ATX Power Supply: amzn.to/478wC1r
[Fans] Corsair iCUE SP120 RGB ELITE 47.7 CFM 120 mm Fans 3-Pack: amzn.to/44R4myD
The commenters have spoken! I will create a crash course on this project. Before I do, I am going to add a few more "advanced" features (as I overviewed at 14:54) to the honeypot, including a small dashboard, tarpit (to trap the skids), and dockerize the application. Stay tuned for a follow-up video and a crash course in the next ~6 weeks.
Grant are you able to hack and return my account?
a crash course on this is something i would definitely tune in to
Small correction: You don't actually need to run the script as root to accept incoming connections on port 22, and you *really* shouldn't. The smarter approach (this is how my personal website is configured, for example) is to have the script and bind to an unprivileged port (e.g. 1234) and then use a firewall like iptables to redirect incoming traffic from the privileged port to the unprivileged port, in this case something like 22 -> 1234
Great to know! I was trying to find a way to do this. Now I know.
9:21 test interactiv input is every time most important
Let's go with the crash course plsss
Sounds good! I will make note of this.
Would love to see more of this please!
Let’s see that course brother🙌
would love a crash course this is awesome
nice video. please more videos on hostinger vps projects. keep it up
I’ve tried something similar with the T-Pot project a while ago and gathered some interesting insights about the attackers and which infrastructure they use. Maybe you want to give this also a try.
This is very interesting. Especially if you can do anything to the bots
Great video Grant!!
These are the kind of videos and projects that will set you apart in the job market. You need to have real cyber security projects done that will highlight your skills. Don't get too comfortable in your job you might lose it anytime. Also, stop downplaying your work by saying "small", just directly say honeypot.
Please Continue this Course
Great content
you finally woke up!
the backslashes were painful.
From the results... Yep they were.
Wish I will create mine
This video is awesome! The additional project ideas you mentioned could definitely be turned into a fully-fledged application. Well done!
I will take that as a +1 for continuing on with the project!
Crash courseeeeeeeeee! :)
this wallpaper is awesome😍link please !
Is it legal to malware your honey pot to catch local adversary?
Crash course, or something alike.
Crash course please
Crash course
Please make a crashcourse on this!
Bro your hairline is crying.
crash course
Sir do you earn 200k dollars a year in USA? Plz reply. Thanks a lot.
)))))
Another way would be to setup ssh without password and monitor ~/.bash_history and get the ip address from /var/logs/auth.log. Interesting idea though. Great video!!
that's too risky
@@patarisac why so?
@@cvpherhack3r819 Giving a real SSH session makes it easier for attackers to exploit the system. They can also easily clear or remove the .bash_history
@@cvpherhack3r819 you can run any unprivileged command (rm, python3, git, etc) even privileged commands if the hackers find a way to do privilege escalation
@@cvpherhack3r819 if hackers are given a real ssh session, it will increase the attack surface. also, they can easily remove the .bash_history, and we can't monitor what they do.
Hacker du dimanche surtout 😂😹😹😹🙀😂🤡🤡🤡🤏
Crash course
crash course