stamparm/hontel stamparm/hontel

  • Stars
    star
    157
  • Rank 231,158 (Top 5 %)
  • Language
    Python
  • License
    MIT License
  • Created over 8 years ago
  • Updated about 5 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
stamparm/hontel
github

stamparm

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Telnet Honeypot

HonTel Python 2.6|2.7 License

HonTel is a Honeypot for Telnet service. Basically, it is a Python v2.x application emulating the service inside the chroot environment. Originally it has been designed to be run inside the Ubuntu/Debian environment, though it could be easily adapted to run inside any Linux environment.

Documentation:

Setting the environment and running the application requires intermediate Linux administration knowledge. The whole deployment process can be found "step-by-step" inside the deploy.txt file. Configuration settings can be found and modified inside the hontel.py itself. For example, authentication credentials can be changed from default root:123456 to some arbitrary values (options AUTH_USERNAME and AUTH_PASSWORD), custom Welcome message can be changed from default (option WELCOME), custom hostname (option FAKE_HOSTNAME), architecture (option FAKE_ARCHITECTURE), location of log file (inside the chroot environment) containing all telnet commands (option LOG_PATH), location of downloaded binary files dropped by connected users (option SAMPLES_DIR), etc.

hontel

Note: Some botnets tend to delete the files from compromised hosts (e.g. /bin/bash) in order to harden itself from potential attempts of cleaning and/or attempts of installation coming from other (concurrent) botnets. In such cases either the whole chroot environment has to be reinstalled or host directory where the chroot directory resides (e.g. /srv/chroot/) should be recovered from the previously stored backup (recommended).

License

This software is provided under under a MIT License. See the accompanying LICENSE file for more information.

More Repositories

1

maltrail

Malicious traffic detection system
Python
5,678
star
2

ipsum

Daily feed of bad IPs (with blacklist hit scores)
1,260
star
3

DSSS

Damn Small SQLi Scanner
Python
795
star
4

DSVW

Damn Small Vulnerable Web
Python
741
star
5

fetch-some-proxies

Simple Python script for fetching "some" (usable) proxies
Python
564
star
6

identYwaf

Blind WAF identification tool
Python
547
star
7

EternalRocks

EternalRocks worm
443
star
8

DSXS

Damn Small XSS Scanner
Python
412
star
9

blackbook

Blackbook of malware domains
186
star
10

tsusen

Network traffic sensor
Python
104
star
11

DSJS

Damn Small JS Scanner
Python
103
star
12

cryptospecs

Official archive of https://code.google.com/p/cryptospecs/
C
63
star
13

DSFS

Damn Small FI Scanner
Python
59
star
14

dnslog

Minimalistic DNS logging tool
Python
40
star
15

aux

Auxiliary stuff
26
star
16

python-doh

Python client for DNS over HTTPS (DoH) protocol
Python
21
star
17

ipnoise

Network white noise collector
Python
16
star
18

python-ipcat

Python module for client9/ipcat database
Python
6
star