zeroq / amun Goto Github PK

I just came to restart my Amun as it was automatically stopped and i get the following error, i dont know what it means so please can someone help . 👍 Traceback (most recent call last):
File "amun_server.py", line 1273, in
runMain()
File "amun_server.py", line 963, in runMain
vuln_modules = readVulnModules(config)
File "amun_server.py", line 615, in readVulnModules
port_list = config.getSingleValue(mod_name).split(',')
AttributeError: 'NoneType' object has no attribute 'split'

How does it work ? i have created my my sql server and filled the details in for the MYsql server and also removed the hash from the amun conf file but it does not write to the database? can someone please help. Thanks

Download logs are being generated (successfull_downloads.log*), but there are no binaries being stored in /opt/amun/malware/md5sum.

Some of the regular download.log.* logs are showing the following errors too:
[bindport] error: [Errno 107] Transport endpoint is not connected [http_download] different size ...

The only changes that I've made to amun.conf were changing the amun server IP to the machine's public IP and uncommenting the log-mysql portion. Are there any other changes that need to be made to allow amun to download malware?

What is the correct configuration for the server's IP address? 0.0.0.0 or server's IP?

[AmunServer]

### define the amun server ip
ip: 0.0.0.0
#ip: 192.168.0.1 - 192.168.0.5, 192.168.15.1 - 192.168.15.15
#ip: 192.168.0.1, 192.168.0.2, 192.168.0.5
#ip: 192.168.0.0/28
#ip: eth0

I ask because Amun probably does not work. How can I check if Amun is functioning properly?

after six month of running MHN . i checked "md5sum" folder of amun honeypot and surprised. there is no malware save. do you know why ?
i installed Amun honeypot (not using MHN)before and after two days i got malware sample.

hi, I recently deployed Amun on my own virtual machines for some security tests and I noticed that there is an emulated shell in Amun. I tried to simulate attacks on Amun to get the shell but all the existing exploits I used in Metasploit seems failed. I just wanna know What can I do to acquire the shell because I don't know if only some specific emulated vulnerabilities in Amun are bound to the shell? Thanks for your help!

I am running amun honeypot on mhn and it has been recording attacks and logging normally. However, there are no files in the Malware folder: it has failed to download binaries and shellcodes. Please how do i resolve this issue?
Thank you in anticipation

Hi,

I wanted to ask if there are some further settings I have to take care of, if I want to activate the syslog functionality of amun. Because at the moment, I have enabled the parameter within amun.conf but I do not see any syslog data.