Showing posts with label 25. Show all posts
Showing posts with label 25. Show all posts

Thursday, September 21, 2017

Try pentbox like honeypot tool with Fedora 25

Try pentbox like honeypot tool with Fedora 25


PenTBox is a Security Suite that packs security and stability testing oriented tools for networks and systems.
Programmed in Ruby and oriented to GNU/Linux systems, but compatible with Windows, MacOS and every systems where Ruby works. It is free, licensed under GNU/GPLv3.
First you need to install the ruby
[root@localhost pentbox]# dnf install ruby 
Last metadata expiration check: 1:55:17 ago on Tue Mar 7 20:16:17 2017.
Dependencies resolved.
================================================================================
 Package Arch Version Repository Size
================================================================================
Installing:
 ruby x86_64 2.3.3-61.1.fc25 updates 76 k
 ruby-irb noarch 2.3.3-61.1.fc25 updates 94 k
 rubygem-bigdecimal x86_64 1.2.8-61.1.fc25 updates 87 k
 rubygem-did_you_mean x86_64 1.0.0-61.1.fc25 updates 219 k
 rubygem-io-console x86_64 0.4.5-61.1.fc25 updates 57 k
...
 rubygems.noarch 2.5.2-61.1.fc25 
 rubypick.noarch 1.1.1-5.fc24 

Complete!
You need also the svn. The subversion is a free/open source version control system. 
[root@localhost pentbox]# dnf install svn
Last metadata expiration check: 1:59:41 ago on Tue Mar 7 20:16:17 2017.
Package subversion-1.9.5-1.fc25.x86_64 is already installed, skipping.
Dependencies resolved.
Nothing to do.
Complete!
Let get the pentbox. 
svn co https://pentbox.svn.sourceforge.net/svnroot/pentbox/trunk/ pentbox
cd pentbox
svn update
./pentbox.rb
[root@localhost pentbox]# ./pentbox.rb

 PenTBox 1.5 
 __
 U00U|.@@@@@@`.
 |__|(@@@@@@@@@@)
 (@@@@@@@@)
 `YY~~~~YY
 || ||

--------- Menu ruby2.3.3 @ x86_64-linux

1- Cryptography tools

2- Network tools

3- Web

4- License and contact

5- Exit

 -> 2

1- Net DoS Tester
2- TCP port scanner
3- Honeypot
4- Fuzzer
5- DNS and host gathering
6- MAC address geolocation (samy.pl)

0- Back

 -> 3

// Honeypot //

You must run PenTBox with root privileges.

 Select option.

1- Fast Auto Configuration
2- Manual Configuration [Advanced Users, more options]

 -> 1

 HONEYPOT ACTIVATED ON PORT 80 (2017-03-07 22:20:30 +0200)


Now, lets simulate one attack and see the result. Open your browser and put your_ip into address bar with port 80 and press enter key or go button: 
your_ip:90
Take a look to your terminal and see the result. You can see something like that: 

 INTRUSION ATTEMPT DETECTED! from your_ip:40482 (2017-03-07 22:22:07 +0200)
 -----------------------------
GET / HTTP/1.1
Host: your_ip
User-Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:51.0) Gecko/20100101 Firefox/51.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
The your_ip will fill with your ip workstation. You can also make more settings with the pentbox tool.

download file now

Read more »
Posted by at
Labels: , , , , , , ,
Subscribe to: Posts (Atom)