Announcing Kippo-Malware

This is another side project, with the goal of creating a script that will download all malicious files stored as URLs in a Kippo SSH honeypot database (and help me learn some Python during the process). This is useful in situations where you have lost your files or something happened to your VPS/server but you still have your DB intact.

You can download it from:

The script uses the following packages: MySQL-python, pony, requests, and clint. Installing those is trivial via pip. Your only problem might be with MySQL-python under Windows but you can use this precompiled binary.

# python -h
usage: [-h] [--directory DIRECTORY] [--hostname HOSTNAME]
[--port PORT] [--username USERNAME] [--password PASSWORD] [--database DATABASE] [--debug]

optional arguments:
-h, --help            show this help message and exit
--directory DIRECTORY Dir to save the files -- DEFAULT: <current>/downloads
--hostname HOSTNAME   MySQL server hostname -- DEFAULT:
--port PORT           MySQL server port -- DEFAULT: 3306
--username USERNAME   MySQL server username -- DEFAULT: kippo
--password PASSWORD   MySQL server password -- DEFAULT: kippo
--database DATABASE   MySQL server database -- DEFAULT: kippo
--debug               Enable debugging

For comments, suggestions, fixes, please use the Kippo-Malware page:

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Read previous post:
HoneyKippo en HoneyDrive [ES, no sound]