|
(3) 拉取部署文件
- root@VM-0-3-debian:/opt# su cowrie
- cowrie@VM-0-3-debian:/opt$ cd ~
- cowrie@VM-0-3-debian:~$ git clone https://github.com/cowrie/cowrie.git
- Cloning into 'cowrie'...
- remote: Enumerating objects: 26, done.
- remote: Counting objects: 100% (26/26), done.
- remote: Compressing objects: 100% (20/20), done.
- remote: Total 12330 (delta 6), reused 24 (delta 6), pack-reused 12304
- Receiving objects: 100% (12330/12330), 8.09 MiB | 1.14 MiB/s, done.
- Resolving deltas: 100% (8561/8561), done.
- cowrie@VM-0-3-debian:~$ ls
- cowrie
- cowrie@VM-0-3-debian:~$ cd cowrie/
(4) 设置虚拟环境
设置为 python2 的虚拟环境
- cowrie@VM-0-3-debian:~/cowrie$ pwd
- /home/cowrie/cowrie
- cowrie@VM-0-3-debian:~/cowrie$ virtualenv --python=python2 cowrie-env
- Running virtualenv with interpreter /usr/bin/python2
- New python executable in /home/cowrie/cowrie/cowrie-env/bin/python2
- Also creating executable in /home/cowrie/cowrie/cowrie-env/bin/python
- Installing setuptools, pkg_resources, pip, wheel...done.
激活虚拟环境并安装包:
- cowrie@VM-0-3-debian:~/cowrie$ source cowrie-env/bin/activate
- (cowrie-env) cowrie@VM-0-3-debian:~/cowrie$ pip install --upgrade pip
- Requirement already up-to-date: pip in ./cowrie-env/lib/python2.7/site-packages (19.0.3)
- (cowrie-env) cowrie@VM-0-3-debian:~/cowrie$ pip install --upgrade -r requirements.txt
- Collecting twisted>=17.1.0 (from -r requirements.txt (line 1))
- Using cached https://files.pythonhosted.org/packages/f8/2b/a80a70f71eb2b86992ffa5aaae41457791ae67faa70927fd16b76127c2b7/Twisted-19.2.0.tar.bz2
- Collecting cryptography>=0.9.1 (from -r requirements.txt (line 2))
- ......
- Successfully built twisted tftpy pycparser......
- Successfully installed Automat-0.7.0 ......
(5) 安装配置文件
要启用telnet,请创建cowrie.cfg并仅输入以下内容:
- (cowrie-env) cowrie@VM-0-3-debian:~/cowrie$ pwd
- /home/cowrie/cowrie
- (cowrie-env) cowrie@VM-0-3-debian:~/cowrie$ vim cowrie.cfg
- #写入以下文件,启用 telnet
- [telnet]
- enabled = true
(6) 启动 Cowrie
- (cowrie-env) cowrie@VM-0-3-debian:~/cowrie/bin$ ./cowrie start
-
- Join the Cowrie community at: http://bit.ly/cowrieslack
-
- Using activated Python virtual environment "/opt/cowrie/cowrie-env"
- Starting cowrie: [twistd --umask=0022 --pidfile=var/run/cowrie.pid --logger cowrie.python.logfile.logger cowrie ]...
- (cowrie-env) cowrie@VM-0-3-debian:/opt/cowrie/bin$ ./cowrie status
- cowrie is running (PID: 13215).
(7) 端口重定向
有三种方法可以在默认的 SSH 端口(22)上访问 Cowrie:iptables,authbind 和 setcap。
更多输出配置,可参见:
https://blog.csdn.net/Kevinhanser/article/details/79282309
3. 基于 Docker 的高交互 t-pot
t-pot 是一个基于 Docker 的高交互蜜罐平台,集成了Conpot、Cowrie、Dionaea、Honeytrap 等多个蜜罐。t-pot 对于资源的要求也比较高(t-pot 安装需要至少 6-8 GB RAM 和128 GB可用磁盘空间 (SSD) 以及可用的互联网连接),目前的最新版本为 19.03。可采用镜像 (ISO)的方式进行安装。
项目地址:https://github.com/dtag-dev-sec/tpotce
安装部署:
下载镜像,虚拟机安装,安装过程和常规的 Linux 安装差不多,需要选择 t-pot 安装类型及设置账户及密码,安装好之后界面如下: (编辑:宣城站长网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
