Skip to content

Latest commit

 

History

History

PoC_v2

Folders and files

NameName
Last commit message
Last commit date

parent directory

..

BaddyDetectorv2.jpg

BaddyDetectorv2.jpg

 
 

BaddyDetectorv2cover.jpg

BaddyDetectorv2cover.jpg

 
 

IMG_8413.JPEG

IMG_8413.JPEG

 
 

IMG_8414.JPEG

IMG_8414.JPEG

 
 

IMG_8415.JPEG

IMG_8415.JPEG

 
 

IMG_8417.JPEG

IMG_8417.JPEG

 
 

IMG_8428.JPEG

IMG_8428.JPEG

 
 

IMG_8429.JPEG

IMG_8429.JPEG

 
 

IMG_8448.JPEG

IMG_8448.JPEG

 
 

IMG_8478.JPG

IMG_8478.JPG

 
 

PewPewBaddyDetectorV2base.stl

PewPewBaddyDetectorV2base.stl

 
 

PewPewBaddyDetectorV2cover.stl

PewPewBaddyDetectorV2cover.stl

 
 

README.md

README.md

 
 

pew.txt

pew.txt

 
 

v2_attackled.py

v2_attackled.py

 
 

v2_model.mp4

v2_model.mp4

 
 

v2_pewpewclient.sh

v2_pewpewclient.sh

 
 

v2_pewpewpew.mp4

v2_pewpewpew.mp4

 
 

v2_pewpewserver.sh

v2_pewpewserver.sh

 
 

README.md

Some details of the build

The stl file used to print the cover can be found here and the base here

The TinkerCAD 3D files can be found here. and the base is this one.

The server script runs on a Linux server that runs a collection of honeypots, TPOT-CE. The /data directory contains the logs of the different honeypots, I selected a few popular pots to use for my idea. The idea is for a similar but larger project and it needed this PoC to get it going.

I wanted to create a physical dashboard that would notify me when there was an attack taking place on one of the honeypots. Since this does not require a lot of power, I decided to use a Raspberry Pi 1 that I had lying around.

The RPi as a client will connect to specified ports on the server, where the server script runs. I designed and printed a LED holder that could stand on my desk and wired the LEDS to the RPi.

v2 model

https://www.youtube.com/shorts/phfXufrK0ew

Pewpew

https://youtube.com/shorts/jz_PYNGq8H0

This version works similar as v1 with bash scripts using tmux and a python script per GPIO/LED, it has a few more LEDs and a different casing.

PoC v2

Server

Client

LED

v2 of this Proof of Concept (PoC) script utilizes Tmux to create a new session and run multiple Python scripts concurrently in separate panes. Each script represents an individual LED on the pewclient, which blinks according to the incoming signals.

Two scripts, pewpewclient.sh and pewpewserver.sh, work together to monitor log file activity and visually indicate an attack taking place on the honeypot. The heavily rely on tmux which is a requirement to run the scripts.

Usage The client script creates a new Tmux session named "pewpew" and splits it into multiple panes. In each pane, it runs one of the Python scripts (attack_led1.py to attack_led8.py). These scripts control the LEDs on the pewclient, with each LED corresponding to a specific log file.

The server script creates a new Tmux session named "pewpew" and splits it into multiple panes. In each pane, it simply runs a command in each pane, similar to this:

tail -f /data/cowrie/log/cowrie.json | nc -nvklp 54631

A total of 8 ports will be listening and when the client connects, it will stream the data of 8 different logs to the client. Each new entry in the log files will trigger the client script to execute the attack_led.py script to blink the appropriate led.

To connect to the Tmux session after running the script, use the following command:

tmux attach -t pewpew

The Tmux session helps you monitor the blinking pattern of the LEDs, allowing you to efficiently keep track of your logs in real-time.

Some images

Assembly