Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
56 lines (44 sloc) 1.95 KB
#!/usr/bin/python
import binascii
import time
from twisted.internet.protocol import Protocol, Factory
from twisted.internet import reactor
#all interfaces
interface = '0.0.0.0'
#looked at some PCAPS and got this data. Dissect a few pcaps to add more. SSH would be nice eventually
VNC_RFB = binascii.unhexlify("524642203030332e3030380a")
FTP_response = binascii.unhexlify("3232302050726f4654504420312e332e306120536572766572202850726f4654504420416e6f6e796d6f75732053657276657229205b3139322e3136382e312e3233315d0d0a")
TELNET_response = binascii.unhexlify("fffd25")
def formattedprint(toprint):
curr = time.strftime("%Y-%m-%d %H:%M:%S: ")
print(curr + toprint)
class FakeTELNETClass(Protocol):
def connectionMade(self):
global TELNET_response
formattedprint("Inbound TELNET connection from: %s (%d/TCP)" % (self.transport.getPeer().host, self.transport.getPeer().port))
self.transport.write(TELNET_response)
formattedprint("Sending TELNET response...")
class FakeFTPClass(Protocol):
def connectionMade(self):
global FTP_response
formattedprint("Inbound FTP connection from: %s (%d/TCP)" % (self.transport.getPeer().host, self.transport.getPeer().port))
self.transport.write(FTP_response)
formattedprint("Sending FTP response...")
class FakeVNCClass(Protocol):
def connectionMade(self):
global VNC_RFB
formattedprint("Inbound VNC connection from: %s (%d/TCP)" % (self.transport.getPeer().host, self.transport.getPeer().port))
self.transport.write(VNC_RFB)
formattedprint("Sending VNC response...")
FakeVNC = Factory()
FakeVNC.protocol = FakeVNCClass
FakeFTP = Factory()
FakeFTP.protocol = FakeFTPClass
FakeTELNET = Factory()
FakeTELNET.protocol = FakeTELNETClass
formattedprint("Starting up honeypot python program...")
reactor.listenTCP(5900, FakeVNC, interface = interface)
reactor.listenTCP(21, FakeFTP, interface = interface)
reactor.listenTCP(23, FakeTELNET, interface = interface)
reactor.run()
formattedprint("Shutting down honeypot python program...")