Honssh honeypot - Skilled attacker


Download videos:
hd720 medium

On 4-29-2015 an actually skilled attacker logs in. I'm not sure if he realized he was in a honeypot, and was trying to gain access to honssh. Or if he was trying to break into what he thought was a router. At any rate, he was skilled enough to write a one line shell script on the fly to search for open ports.



Tags:
honssh honeypot raspberry pi hacker hacking bash



jthid
looks like too much coffee and not noticing the 65536 typo
TheSurvivor4
Sound-song name ? :)
#MUWA •
20% great technique 80% loading for port scanning
-
good to see there is someone out there knowing more than an wget command to download some "hacker scripts"
can you see me
Nmap could have done the job BUT it's not straight forward as you think,nmap can be NOISY!
richard vaughn
He should have nohupped the port scan, redirected it to a file, grepped that.
MrArisVideo
He knew that it was a honeypot and he tried to ger access to the host machine.
MELLOW
Props to this guy...
Astrokie
lmao if only we could see the look on his face at the end
Esc
I don't know why people are bashing on you for calling him "skilled" they are propably jealous :3 Anyway how did the attacker know he was in a honeypot?
zy
nc -z 192.168.1.110 80 nc -z 192.168.1.110 22 nc -z 192.168.1.110 443 and so on would have done the job as well (also a little simpler imo)
Bob Lon
wow...this guy is amaizing...i mean i have seen sime skilled hqcks but this guy was probibly trying to break into the network through the honeypot...wow the skill is too real
Misanthrope330
He wrote nmap in the command line. I really would have liked to see what he was really going to do. That was an inspiring, and scary, level of skills.
roflex2
What is skilled about this? He wrote some bash to Port scan the router?? Anyone can do that
John Ritchie
Nice one, nice lesson for script kiddies to realize that a lot of recon can be done in bash prompt without a script. Gave me new respect for bash.
kek kek
What is the name of this honeypot
L Rose
So once theyre in a honeypot, they cant get out?
fish and banana
Hmm i couldnt find /dev/tcp on ubuntu, what is it replaced with ?
dr07828
tcp is a device.
Stephen Xanders
Is nobody going to talk about the random DragonBall z subtitles in the beginning?
Brad EastGate
Were running this on a raspberry pi?
Troy C
Whoa!
GENERATING ROPS AND NOPS 4 YEARS
Nmap the easy way
Algorak
lol
Ammar Hamood
What was he tryin to do ? and why that all dots went in lines ???
Quantum Tunneller
This guy definitely isn't "incredibly skilled" as some in this comment section tend to believe. The most you can say about this guy is he knew what he was doing and clearly understood he was in a honeypot.
bigbear 350
i been thinking .. how about hacking india server and fried them .. then they will having hard time to scam us and plus .. they will getting hard time to get parts for the server ..
Arsh Rind
LOL its just an echo command used to read whatever the person is trying to say... nothing hacked actually... Nice fooling around
Blz Ahz
I have question: the open port was at 65535 why does the attacker try 65536? Did the attacker just goof up, or what's the deal here?