Upload kippo ssh honeypot files to viper

You want to store all your samples catched by your SSH-Kippo Honeypot to your malware repository operated with viper?

Go that way:
Start Viper API:

foo@bar ~/scripts/viper $ ./api.py -H 0.0.0.0 -p 8080

and upload all your samples to viper:

for i in /home/pi/kippo-read-only/dl/*; do curl -F file=@$i -F tags="honeypot" http://covert:8080/file/add; done 

Result:

{
    "message": "added"
}{
    "message": "added"
}

(you might want to modify the dir to your setup)
Why not automate uploading from kippo to viper?
– The „attacker“ might upload more then just malware / samples. You do not want to waste space in your malware zoo with another copy of netcat…

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.