kippo简介:
Kippo是一个中等交互的SSH蜜罐,主要设计用来记录蛮力破解攻击。另外,最重要的是Kippo提供了一个可供攻击者操作的shell。Kippo的灵感来源于Kojoney,但并不基于Kojoney。
一:需要的软件包
python需要2.5或2.6版本的,我这里用的是2.6的。
把所有文件保存到/tmp/haha中。(大家可自己定义)
二:安装软件包
1.安装python包
rpm -ivh *.rpm
出错:libTix8.4.so is needed by tkinter26-2.6-geekymedia1.i386
解决:yum install tix tcl tk
2.安装其它包
tar -xvf Twisted-10.2.0.tar.bz2 cd Twisted-10.2.0 python26 setup.py build python26 setup.py install tar -xvf zope.interface-3.3.0.tar.gz cd zope.interface-3.3.0 python26 setup.py build python26 setup.py install tar -xvf pycrypto-2.0.1.tar.gz cd pycrypto-2.0.1 python26 setup.py build python26 setup.py install tar -xvf pyasn1-0.0.12a.tar.gz cd pyasn1-0.0.12a python26 setup.py build python26 setup.py install
三.运行kippo
首先,kippo需要把数据存放到数据库中,所以单独创建一个kippo的库。
mysql -uroot -p create database kippo; grant all privileges on kippo.* to kippo@'localhost' identified by 'kippo'; flush privileges;
生成表
cd kippo-0.5/doc/sql/ mysql -u kippo -p kippo解压kippo
tar zxvf kippo-0.5.tar.gz cd kippo-0.5编辑kippo.cfg
vi kippo.cfg cat kippo.cfg内容如下:
[honeypot]
ssh_port = 2222 ———->端口号(做好是默认的2222,我改了之后不成功,改成2222就可以了)
hostname = hello ———->主机名
log_path = log
download_path = dl
contents_path = honeyfs
filesystem_file = fs.pickle
data_path = data
txtcmds_path = txtcmds
public_key = public.key private_key = private.key
password = 123456 ———>ssh密码
[database_mysql] host = localhost database = kippo username = kippo password = kippo
现在就基本配置完了。
这里不要以root省份运行start.sh,不然会报错:
ERROR: You must not run kippo as root!
创建kippo用户,并给于权限
useradd kippouser chown -R kippouser.kippouser /tmp/haha以kippouser的身份运行
su - kippouser ssh-keygen -t rsa mv private.key.pub public.key[kippouser@node2 kippo-0.5]$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/kippouser/.ssh/id_rsa): ./private.key Enter passphrase (empty for no passphrase): 这不填 Enter same passphrase again: 不填 Your identification has been saved in ./private.key. Your public key has been saved in ./private.key.pub. The key fingerprint is: 28:a5:58:10:78:39:ee:ed:69:1c:9e:c1:b8:9f:81:57 kippouser@node2
执行start.sh脚本
sh start.sh
出错:
import MySQLdb, uuid exceptions.ImportError: No module named MySQLdb
Failed to load application: No module named MySQLdb
解决办法:
wget http://pypi.python.org/packages/source/s/setuptools/setuptools-0.6c11.tar.gz tar zxvf setuptools-0.6c11.tar.gz cd setuptools-0.6c11 python26 setup.py build python26 setup.py install wget http://cdnetworks-kr-2.dl.sourceforge.net/project/mysql-python/mysql-python/1.2.3/MySQL-python-1.2.3.tar.gz tar zxvf MySQL-python-1.2.3.tar.gz cd MySQL-python-1.2.3 python26 setup.py build python26 setup.py install如果出现如下错误,是因为没有安装setuptools。应该先装setuptools,再装MySQL-python。
错误:
Traceback (most recent call last): File “setup.py”, line 5, in ? from setuptools import setup, Extension ImportError: No module named setuptools
测试
执行start.sh后,查看是否正常运行。
在客户机上进行远程登录
[root@localhost ~]# ssh -p 2222 The authenticity of host ‘192.168.211.147 (192.168.211.147)’ can’t be established. RSA key fingerprint is 28:a5:58:10:78:39:ee:ed:69:1c:9e:c1:b8:9f:81:57. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘192.168.211.147’ (RSA) to the list of known hosts. Password: hello:~# whoami root hello:~# pwd /root hello:~# usert bash: usert: command not found hello:~# uname -r Linux hello:~# uname -ra Linux hello:~# uname -a Linux hello 2.6.26-2-686 #1 SMP Wed Nov 4 20:45:37 UTC 2009 i686 GNU/Linux
有点不好的是backspa键不好用,而且很多地方和真实机还是存在差异的,很多命令都不支持。比如我创建一个用户就相当的麻烦。
四.通过日志或数据库查看记录
tail -10 kippo-0.5/log/kippo.log
或者
以上就是为各位朋友分享的相关内容。想要了解更多Linux相关知识记得关注公众号“良许Linux”,或扫描下方二维码进行关注,更多等着你!
微信扫一扫打赏
支付宝扫一扫打赏
.png)
.jpg){kind=link}