SSH honeypot login shell

SSH honeypot login shell

Last modified	2016-10-05
Lines	103

Parent directory Download CGIread sitemap Main page

Quick links: (none)

```
#!/usr/bin/python2
```
```
import os
```
```
import sys
```
```
import time
```
```
import random
```
```
import signal
```
```
'''SSH honeypot login shell.'''
```

signal.signal(signal.SIGTSTP, signal.SIG_IGN)

```
os.system('mesg n 2> /dev/null')
```

filename = time.strftime('/var/log/dipshits/%Y-%m-%d_%H:%M:%S')

```
username = os.getenv('USER')
```
```
sys.stderr.write('''
```
```
********************
```
```
*                  *
```
```
*  ACCESS GRANTED  *
```
```
*                  *
```
```
********************
```
```
''')
```

oldprompt, prompt = 'Fuck you>', '[{}@oskog97 ~]# '.format(username)

os.system('echo User: {} > {}'.format(username, filename))

```
os.system(
```

    'echo Host: $(echo $SSH_CLIENT | cut -d " " -f 1) >> {}'.format(

```
        filename
```
```
    )
```
```
)
```
```
incident_log = open(filename, 'a')
```
```
incident_log.write('Time: {}\n'.format(
```

    time.strftime('%Y-%m-%d %H:%M:%S UTC', time.gmtime())

```
))
```
```
commandmode = False
```
```
if len(sys.argv) == 3:
```
```
    if sys.argv[1] == '-c':
```
```
        commandmode = True
```
```
if commandmode:
```

    incident_log.write('Command: {}\n'.format(repr(sys.argv[2])))

```
else:
```
```
    if len(sys.argv) != 1:
```

        for index, arg in enumerate(sys.argv):

            incident_log.write('sys.argv[{}] = {}\n'.format(index, repr(arg)))

```
    incident_log.write('Script:\n')
```
```
    try:
```
```
        while True:
```
```
            try:
```

                sys.stderr.write(prompt)

```
                sys.stderr.flush()
```

                line = sys.stdin.readline()

```
                if not line:
```
```
                    break
```
```
            except KeyboardInterrupt:
```
```
                sys.stderr.write('\n')
```
```
                continue
```

            incident_log.write('{}: {}\n'.format(

                time.strftime('%Y-%m-%d %H:%M:%S UTC', time.gmtime()),

```
                repr(line.rstrip('\n'))
```
```
            ))
```

            incident_log.flush()    # Inspect in real time.

            # Let's have some fun with the dipshit.

            # Cut off newline and truncate if NULs.

            line = line[:line.find('\0')]

```
            if line:
```
```
                if len(line) % 2:
```
```
                    line = line[:-1]
```
```
                try:
```

                    # What moron would ever use UTF-16?

```
                    sys.stderr.write(
```

                        'bash: {}: command not found\n'.format(

                            line.decode('utf-16-le').encode('utf-8')

```
                        )
```
```
                    )
```
```
                except:
```
```
                    pass
```
```
        sys.stderr.write('\n')
```
```
    except:
```
```
        pass
```
```
incident_log.write('%\n')
```
```
incident_log.close()
```
```
sys.stderr.write('''
```
```
This incident will be reported.
```
```
Have a bad day, you deserve it.
```
```
''')
```
```
os.system(
```
```
    'mesg y 2> /dev/null; ' +
```

    'for username in `who | cut -d" " -f1 | sort | uniq`; do ' +

        'write $username < {} 2> /dev/null; '.format(filename) +

```
    'done '
```
```
)
```