Skip to content


Subversion checkout URL

You can clone with
Download ZIP
tree: 6b14104f82
Fetching contributors…

Cannot retrieve contributors at this time

executable file 62 lines (46 sloc) 2.618 kB
#!/usr/bin/env ruby
$LOAD_PATH.unshift File.dirname(__FILE__) + '/../lib'
require 'trollop' unless defined?(Trollop)
require 'micetrap'
require 'micetrap/version'
opts = Trollop::options do
version "micetrap #{Micetrap::VERSION} (c) 2011 Josep M. Bach"
banner <<-EOS
Micetrap opens a server on either a given or random port, emulating fake
vulnerable services. Port scanners such as Nmap, when fingerprinting ports
to discover service names and versions, will get apparently legitimate
responses from common services such as FTP, HTTP or MySQL servers,
therefore misleading potential attackers with false information.
Depending on the operating system you are using, micetrap will try its best
to +look feasible+ by choosing the appropriate fake services and versions
to emulate. Whenever possible, micetrap will provide a bit outdated versions
which are more likely to be vulnerable, and thus making the attacker focus
on those ports. While the attacker tries to exploit these ports, she is
essentially sending certain packets -- which get properly captured and
logged my micetrap. This information might be useful to discover what kind
of attacks are being tried against your machine, therefore giving you time
and the opportunity to defend appropriately.
Fire up a simple ftp micetrap like this:
sudo micetrap ftp
Running it with sudo will allow you to use default, unsuspicious ports,
which may give you advantage at tricking a smart attacker.
If you don't want to use system ports, you can run micetrap without having
root privileges like this:
micetrap ftp --port 9999 (or whatever non-system port you like)
The available services are are:
#{SERVICES.join(', ')}
[sudo] micetrap <service> [options]
where [options] are:
opt :port, "A specific port to use", :default => nil, :type => :integer
stop_on SERVICES
service = ARGV.shift.to_sym
Trollop::die "You need to specify a service, which must be one of the following: #{SERVICES.join(', ')}\n\nMaybe you just feel a bit lost.." unless SERVICES.include?(service)
# Show a nice banner
ANSI = {:RESET=>"\e[0m", :BOLD=>"\e[1m", :UNDERLINE=>"\e[4m", :LGRAY=>"\e[0;37m", :GRAY=>"\e[1;30m", :RED=>"\e[31m", :GREEN=>"\e[32m", :YELLOW=>"\e[33m", :BLUE=>"\e[34m", :MAGENTA=>"\e[35m", :CYAN=>"\e[36m", :WHITE=>"\e[37m"}
puts "Starting #{ANSI[:BOLD]}Micetrap#{ANSI[:RESET]}..."
puts "Loading fake #{ANSI[:RED]}#{service}#{ANSI[:RESET]} server... (press Ctrl-C to exit)\n" => service)).fire!
Jump to Line
Something went wrong with that request. Please try again.