Code Monkey home page Code Monkey logo

wetftp's Introduction

Wetftp

Wetftp is a high interaction FTP honeypot,designed to log brute force attacks and every action of attacker after login.

Features

  • Use docker to provide a real linux document system.
  • Wetftp locate at the middle between ftpd container and attacker.
  • Log all of attacker's action.
  • Save a copy of files that attacker upload.
  • Support ftps(ftp over ssl).
  • Support ssl's session reuse.
  • Kinds of ways to report to you when wetland is touching by hacker

Requirements

  • A linux system (tested on ubuntu)
  • ftpd images in docker (e.g. bogem/ftp)
  • python2.7
  • pyOpenSSL
  • requests

Setup and Configuration

  1. Copy wetftp.cfg.default to wetftp.cfg

  2. Generate private key and sign the certificate

  • mkdir data && cd data
  • openssl genrsa -out server.key 2048
  • openssl req -new -key server.key -out server.csr
  • openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
  1. Install python requirements
  • pip install pyOpenSSl requests
  1. Install docker
  • install docker with docs in www.docker.com
  • docker search ftpd or docker search ftp
  • docker run -d --name ftpd ftpd_image_name
  • docker inspect ftpd,then replace docker_addr in wetftp.cfg with ftpd's ip.
  • some ftpd container maybe need to do something else, please read docs of the image in hub.docker.com
  1. Configure the output plugins in wetftp.cfg
  • enable or disable in [output] section
  • Edit the url of incoming robots when using bearychat
  • Edit user、pwd... when using email
  1. Configure ftps in wetftp.cfg if necessary
  • first make sure your ftpd images support ftps, has been configured to work.
  • enable it in [ftps] section.
  • ssl session can be reused between control channel and data channel,so if your ftpd support it, enable reuse in [ftps] seciton.
  • e.g. a configure file of vsftpd, it should enable ftps and reuse
rsa_cert_file=/var/server.crt
rsa_private_key_file=/var/server.key
ssl_enable=YES
# This determines ssl session reuse or not
require_ssl_reuse=YES

Running

  1. Run
  • nohup python main &
  1. Stop
  • netstat -autpn | grep 21
  • kill pid_number
  1. View logs
  • cd logs && ls

wetftp's People

Contributors

ohmyadd avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.