Extra logins for Kippo

  • SSH

Having run Kippo for a few days now I am yet to get a successful login. 931 failed login attempts so far. This is due to the fact that by default Kippo only accepts two combinations of username and password: root and 123456. This can be easily altered by editing Kippo.tac. So it made sense to use the usernames and passwords that had been tried against my honeypot an feed them back in.

I did this using this, probably unnecessarily complex, bit of shell script:

cat log/kippo.log | grep attempt | awk '{ print $9 }' | sed -e 's/[//'g | sed -e 's/]//'g | sed -e 's///'', '/g | awk ' { print "(x27"$0"x27)," } ' | uniq

This produces a nice long list of 921 usernames and passwords that can then be pasted in to the Kippo configuration file. It's now up and running so hopefully I will get a few more bites.

Comments !