#nosound Installing the OpenCanary honeypot on a clean Ubuntu 20.04 machine and checking the logs

GitHub Repo: https://github.com/thinkst/opencanary

This is just for fun, we are trying to install a series of cheap honeypots to collect data on what is happening out there in real-time.
Stay tuned, this is just the beginning!

History of commands (what could fit the 5000 characters Youtube description limit):

11 sudo apt-get install python3-dev python3-pip python3-virtualenv python3-venv python3-scapy libssl-dev libpcap-dev samba
12 sudo pip install opencanary scapy pcapy opencanary-correlator
13 sudo opencanaryd –copyconfig
14 sudo apt-get install python3-dev python3-pip python3-virtualenv python3-venv python3-scapy libssl-dev libpcap-dev
15 virtualenv env/
17 . env/bin/activate
18 pip install opencanary
19 sudo apt install samba
20 pip install scapy pcapy-ng
21 opencanaryd –copyconfig
22 vim /etc/opencanaryd/opencanary.conf
28 PS1=” cyberwar.ro/youtube $ ”
33 vim /etc/opencanaryd/opencanary.conf
34 vim /etc/systemd/system/opencanary.service
35 sudo systemctl start opencanary
36 opencanaryd –start
37 rm /etc/systemd/system/opencanary.service
38 opencanaryd –start
40 tail -f /var/tmp/opencanary.log | vim –
42 cat /var/tmp/opencanary.log
43 cat /var/tmp/opencanary.log | jq .
44 snap install jq
46 cat /var/tmp/opencanary.log | jq . | vim –
47 cat /var/tmp/opencanary.log | jq . | wc
50 cat /var/tmp/opencanary.log | tail -2 | jq .
51 cat /var/tmp/opencanary.log | grep host
52 cat /var/tmp/opencanary.log | jq . | grep host
[..]
61 cat /var/tmp/opencanary.log | jq . | grep host | sort -u | cut -d””” -f4 | grep “.” | wc
62 cat /var/tmp/opencanary.log | jq . | grep host | sort -u | cut -d””” -f4 | grep “.”
64 . env/bin/activate
66 PS1=” cyberwar.ro/youtube $ ”
69 cat /var/tmp/opencanary.log | jq . | grep host | sort -u | cut -d””” -f4 | grep “.”
70 cat /var/tmp/opencanary.log | jq . | grep host | sort -u | cut -d””” -f4 | grep “.” | tee ips.txt
71 vim getinfo.sh
73 head ips.txt | tee sample
74 chmod +x getinfo.sh
75 ./getinfo.sh sample
76 vim getinfo.sh
77 ./getinfo.sh sample
78 mkdir data
79 vim getinfo.sh
80 ./getinfo.sh sample
82 cat data/103.245.236.155
83 history | grep PS1
84 ./getinfo.sh sample
85 PS1=” cyberwar.ro/youtube $ ”
87 ./getinfo.sh ips.txt
90 cd data/
92 cat * | grep country
93 cat * | grep country_name
94 cat * | grep country_name | sort | uniq -c
95 cat * | grep country_name | sort | uniq -c | sort -nr
97 cd ..
98 history | grep ips.txt
99 wc ips.txt
100 wget https://github.com/7h30th3r0n3/OpenCanaryChecker/blob/main/OpenCanaryChecker.sh
101 clear
102 ls
103 chmod +x OpenCanaryChecker.sh
104 ./OpenCanaryChecker.sh
105 vim OpenCanaryChecker.sh
106 ./OpenCanaryChecker.sh
107 vim OpenCanaryChecker.sh
108 rm OpenCanaryChecker.sh
109 vim checker.sh
110 chmod +x checker.sh
111 ./checker.sh
112 vim checker.sh
113 geoiplookup
114 apt install geoip-bin
115 ./checker.sh
116 vim checker.sh
117 ./checker.sh
118 watch
119 watch -n 10 ./checker.sh
120 vim checker.sh
121 ./checker.sh
122 vim checker.sh
123 geoiplookup 10.10.10.1
124 head ips.txt
125 geoiplookup 128.199.7.128
126 vim checker.sh
127 ./checker.sh
128 vim checker.sh
129 ./checker.sh
130 history | grep wc
131 cat /var/tmp/opencanary.log | jq . | grep host | sort -u | cut -d””” -f4 | grep “.” | wc
[..]
141 cat /var/tmp/opencanary.log | jq . | grep host | cut -d””” -f4 | grep “.” | sort -u | wc
142 cat /var/tmp/opencanary.log | jq . | grep host | cut -d””” -f4 | grep “.” | sort -u
143 cat /var/tmp/opencanary.log | jq . | grep host | cut -d””” -f4 | grep “.” | sort -u | tee ips.txt
144 ./getinfo.sh ips.txt
171 history | grep opencanary | grep start
172 opencanaryd –stop
173 . env/bin/activate
174 opencanaryd –stop
175 opencanaryd
177 cd env/lib/python3.8/site-packages/opencanary/modules/data/http/skin/
179 cat basicLogin/index.html
180 vim basicLogin/index.html

source

ubuntu