Chameleon is a customizable honeypots for monitoring network traffic, bots activities and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET and Postgres and MySQL).
Grafana Interface
NMAP Scan
Credentials Monitoring
General Features
Install & Run
git clone https://github.com/qeeqbox/chameleon.git
cd chameleon
chmod +x ./run.sh
./run.sh auto_configure
The Grafana interface http://localhost:3000 will open automatically after finishing the initialization process (username is changeme457f6460cb287 and passowrd is changemed23b8cc6a20e0). If you don’t see Chameleon dashboard, click on the search icon in the left bar and add it.
Wait for a few seconds until honeypot shows the IP address
…
honeypot_1 | Your IP: 172.19.0.3
honeypot_1 | Your MAC: 09:45:aa:23:10:03
…
You can interact with the honeypot from your local system
ping 172.19.0.3
or run any network tool against it
nmap 172.19.0.3
git clone https://github.com/qeeqbox/chameleon.git
cd chameleon
chmod +x ./run.sh
./run.sh auto_configure_test
The Grafana interface http://localhost:3000 will open automatically after finishing the initialization process (username is admin and passowrd is admin). If you don’t see Chameleon dashboard, click on the search icon in the left bar and add it
copy ssh_server.py to your folder
# ip= String E.g. 0.0.0.0 # port= Int E.g. 9999 # username= String E.g. Test # password= String E.g. Test # mocking= Boolean or String E.g OpenSSH 7.0 # logs= String E.g db, terminal or all # -------------------------------------------------------------------- # always remember to add process=true to run_server() for non-blocking from ssh_server import QSSHServer qsshserver = QSSHServer(port=9999) qsshserver.run_server(process=True) qsshserver.test_server(port=9999) qsshserver.kill_server()
ssh test@127.0.0.1
INFO:chameleonlogger:[‘servers’, {‘status’: ‘success’, ‘username’: ‘test’, ‘ip’: ‘127.0.0.1’, ‘server’: ‘ssh_server’, ‘action’: ‘login’, ‘password’: ‘test’, ‘port’: 38696}]
git clone https://github.com/qeeqbox/chameleon.git
cd chameleon
#choose which honeypot http, https, ssh etc and use -p in docker for the ports
docker build -t honeypot ./honeypot/. && docker run -p 9999:9999 -p 9998:9998 -it honeypot –mode normal –servers “ssh:9999 http:9998”
Requirements (Servers only)
#apt-get update -y && apt-get install -y iptables-persistent tcpdump nmap iputils-ping python python-pip python-psycopg2 lsof psmisc dnsutils
#pip install scapy==2.4.4 netifaces==0.10.9 pyftpdlib==1.5.6 sqlalchemy==1.3.23 pyyaml==5.4.1 paramiko==2.7.1 impacket==0.9.22 twisted==20.3.0 psutil==5.8.0 requests==2.25.1 redis==3.5.3 mysql-connector-python==8.0.23 pygments==2.5.2
#pip install -U requests[socks]
#pip install -Iv rsa==4.0
#pip install rdpy==1.3.2
Current Servers/Emulators
Changes
Roadmap
The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…
Introduction In digital investigations, images often hold more information than meets the eye. With the…
The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…
What is a Port? A port in networking acts like a gateway that directs data…
The ls command is fundamental for anyone working with Linux. It’s used to display the files and…
The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…