Kippo-Malware is a Python script that will download all malicious files stored as URLs in a Kippo SSH honeypot database. This is useful in situations where you have lost your files or something happened to your VPS/server but you still have your DB intact. The script also supports HTTP proxy usage to cover your IP address from malicious servers and custom User-Agent values.
DOWNLOAD Kippo-Malware:
The script uses the following packages: MySQL-python, pony, requests, and clint. Installing those is trivial via pip. Your only problem might be with MySQL-python under Windows but you can use this precompiled binary.
SCREENSHOTS:
3 comments
Petro
September 27, 2014 at 11:17 PM (UTC 0) Link to this comment
Have you gotten kippo to work with sftp at all?
Ion
September 27, 2014 at 11:41 PM (UTC 0) Link to this comment
Hi Petro,
there is a fork of Kippo with SFTP support added but I haven’t tried it. Link: https://github.com/micheloosterhof/kippo-mo
Regards,
Ion
Claz
March 20, 2015 at 6:39 PM (UTC 0) Link to this comment
I have an attacker trying to chmod 755 his malware so it can run, but kippo doesn’t seem to allow that command. Is there a way to allow attackers to chmod in kippo settings without it compromising its security?