Honssh honeypot - Skilled attacker

Download videos:
hd720 medium

On 4-29-2015 an actually skilled attacker logs in. I'm not sure if he realized he was in a honeypot, and was trying to gain access to honssh. Or if he was trying to break into what he thought was a router. At any rate, he was skilled enough to write a one line shell script on the fly to search for open ports.

looks like too much coffee and not noticing the 65536 typo
richard vaughn
He should have nohupped the port scan, redirected it to a file, grepped that.
He knew that it was a honeypot and he tried to ger access to the host machine.
20% great technique 80% loading for port scanning
good to see there is someone out there knowing more than an wget command to download some "hacker scripts"
Sound-song name ? :)
can you see me
Nmap could have done the job BUT it's not straight forward as you think,nmap can be NOISY!
lmao if only we could see the look on his face at the end
Props to this guy...
Bob Lon
wow...this guy is amaizing...i mean i have seen sime skilled hqcks but this guy was probibly trying to break into the network through the honeypot...wow the skill is too real
I don't know why people are bashing on you for calling him "skilled" they are propably jealous :3 Anyway how did the attacker know he was in a honeypot?
Quantum Tunneller
This guy definitely isn't "incredibly skilled" as some in this comment section tend to believe. The most you can say about this guy is he knew what he was doing and clearly understood he was in a honeypot.
nc -z 80 nc -z 22 nc -z 443 and so on would have done the job as well (also a little simpler imo)
He wrote nmap in the command line. I really would have liked to see what he was really going to do. That was an inspiring, and scary, level of skills.
What is skilled about this? He wrote some bash to Port scan the router?? Anyone can do that
John Ritchie
Nice one, nice lesson for script kiddies to realize that a lot of recon can be done in bash prompt without a script. Gave me new respect for bash.
kek kek
What is the name of this honeypot
L Rose
So once theyre in a honeypot, they cant get out?
fish and banana
Hmm i couldnt find /dev/tcp on ubuntu, what is it replaced with ?
Stephen Xanders
Is nobody going to talk about the random DragonBall z subtitles in the beginning?
tcp is a device.
Nmap the easy way
Brad EastGate
Were running this on a raspberry pi?
Ammar Hamood
What was he tryin to do ? and why that all dots went in lines ???
Troy C
bigbear 350
i been thinking .. how about hacking india server and fried them .. then they will having hard time to scam us and plus .. they will getting hard time to get parts for the server ..
Arsh Rind
LOL its just an echo command used to read whatever the person is trying to say... nothing hacked actually... Nice fooling around
Blz Ahz
I have question: the open port was at 65535 why does the attacker try 65536? Did the attacker just goof up, or what's the deal here?