Descrição
- Prompt de login opcional
- Registra quem se conecta e o que eles fazem
- Sessão de captura para arquivo pcap
- Baixar links usados por invasores automaticamente
- Personalize MOTD, porta, nome do host e quantos clientes podem se conectar ao mesmo tempo (o padrão é ilimitado)
- Geolocalização (com ipstack)
- Salvar e carregar a configuração
- Adicione suporte a uma infinidade de comandos
Pendência
- Melhor registro
- Serviço
- Alertas de E-mail
- Insights como tabelas e gráficos
- Adicionar configurações padrão
- Otimizar / corrigir código
Instalação
chmod 755 setup.sh
sudo ./setup.sh
[+] Tcpdump is used to capture dystopia sessions!
[+] Would you like to install 'Tcpdump'? [Y/n] y
[+] 1 --> Install for Arch Linux
[+] 2 --> Install for Debian Users
1
[sudo] password for drew:
resolving dependencies...
looking for conflicting packages...
Packages (1) tcpdump-4.99.0-1
Total Installed Size: 1.35 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n] y
(1/1) checking keys in keyring [######################] 100%
.....
[+] Creating needed directorys!
python3 dystopy.py
Argumentos
usage: dystopia.py [-h] [--host HOST] [--port PORT] [--motd MOTD] [--max MAX]
[--login] [--username USERNAME] [--password PASSWORD]
[--hostname HOSTNAME] [--localhost] [--capture]
[--interface INTERFACE] [--save SAVE] [--load LOAD]
[--download] [--version]
Dystopia | A python Honeypot.
optional arguments:
-h, --help show this help message and exit
--host HOST IP Address to host the Honeypot. Default:
192.168.0.xxx
--port PORT, -P PORT specify a port to bind to
--motd MOTD, -m MOTD specify the message of the day
--max MAX, -M MAX max number of clients allowed to be connected at once
default is unlimited
--login, -f create a fake login prompt (no encryption)
--username USERNAME, -u USERNAME
username for fake login prompt and the user for the
Honeypot session default: 'ubuntu'
--password PASSWORD, -p PASSWORD
password for fake login prompt. Default: 'P@$$W0RD'
--hostname HOSTNAME, -H HOSTNAME
Hostname of the Honeypot default: 'localhost'
--localhost, -L start Honeypot on localhost
--capture, -c enable packet capturing using the tool Tcpdump
--interface INTERFACE, -i INTERFACE
interface to capture traffic on if --capture / -c is
used and no interface is configured, the default is:
'eth0'
--save SAVE, -s SAVE save config to a json file E.g: '--save settings.json'
--load LOAD, -l LOAD load config from a json file E.g '--load
settings.json'
--download, -a Automatically download links used by attackers
--version print version and exit
Como adicionar suporte para mais comandos
Você pode adicionar suporte a novos comandos editando o arquivo "commands.json". O formato é comando: saída
para, por exemplo
{
" cachorro " : " Comando do cachorro ativado! "
}
Como ?
cd tools/
chmod 755 dstat.py
./dstat.py --report -f report.html
+---------------+-----------------+---------------+----------------+
| IP Address | Times Connected | Failed Logins | Correct Logins |
+---------------+-----------------+---------------+----------------+
| 192.168.0.239 | 22345 | 1231 | 2 |
| 192.168.0.223 | 546646 | 27531 | 53 |
+---------------+-----------------+---------------+----------------+
Argumentos
usage: dstat.py [-h] [--address ADDRESS] [--report] [--sort SORT] [--update]
[--filename FILENAME]
dstat | Statistics tool for Dystopia
optional arguments:
-h, --help show this help message and exit
--address ADDRESS, -a ADDRESS
ip address to investigate
--report, -r show a general report
--sort SORT, -s SORT sort the report table by row name
--update, -U update geolocation entries
--filename FILENAME, -f FILENAME
Filename of report file
