SSH honeypot login shell
SSH honeypot login shell
Last modified | |
Lines | 103 |
Parent directory Download CGIread sitemap Main page
Quick links: (none)
#!/usr/bin/python2
import os
import sys
import time
import random
import signal
'''SSH honeypot login shell.'''
signal.signal(signal.SIGTSTP, signal.SIG_IGN)
os.system('mesg n 2> /dev/null')
filename = time.strftime('/var/log/dipshits/%Y-%m-%d_%H:%M:%S')
username = os.getenv('USER')
sys.stderr.write('''
********************
* *
* ACCESS GRANTED *
* *
********************
''')
oldprompt, prompt = 'Fuck you>', '[{}@oskog97 ~]# '.format(username)
os.system('echo User: {} > {}'.format(username, filename))
os.system(
'echo Host: $(echo $SSH_CLIENT | cut -d " " -f 1) >> {}'.format(
filename
)
)
incident_log = open(filename, 'a')
incident_log.write('Time: {}\n'.format(
time.strftime('%Y-%m-%d %H:%M:%S UTC', time.gmtime())
))
commandmode = False
if len(sys.argv) == 3:
if sys.argv[1] == '-c':
commandmode = True
if commandmode:
incident_log.write('Command: {}\n'.format(repr(sys.argv[2])))
else:
if len(sys.argv) != 1:
for index, arg in enumerate(sys.argv):
incident_log.write('sys.argv[{}] = {}\n'.format(index, repr(arg)))
incident_log.write('Script:\n')
try:
while True:
try:
sys.stderr.write(prompt)
sys.stderr.flush()
line = sys.stdin.readline()
if not line:
break
except KeyboardInterrupt:
sys.stderr.write('\n')
continue
incident_log.write('{}: {}\n'.format(
time.strftime('%Y-%m-%d %H:%M:%S UTC', time.gmtime()),
repr(line.rstrip('\n'))
))
incident_log.flush() # Inspect in real time.
# Let's have some fun with the dipshit.
# Cut off newline and truncate if NULs.
line = line[:line.find('\0')]
if line:
if len(line) % 2:
line = line[:-1]
try:
# What moron would ever use UTF-16?
sys.stderr.write(
'bash: {}: command not found\n'.format(
line.decode('utf-16-le').encode('utf-8')
)
)
except:
pass
sys.stderr.write('\n')
except:
pass
incident_log.write('%\n')
incident_log.close()
sys.stderr.write('''
This incident will be reported.
Have a bad day, you deserve it.
''')
os.system(
'mesg y 2> /dev/null; ' +
'for username in `who | cut -d" " -f1 | sort | uniq`; do ' +
'write $username < {} 2> /dev/null; '.format(filename) +
'done '
)