通过 HTTP 将有关攻击的文件和信息从蜜罐发送到中央存储库

发布于 2024-10-17 00:22:42 字数 1107 浏览 2 评论 0原文

大家好，有人知道 Dionaea 蜜罐吗？

我试图将本地收集的二进制信息和蜜罐上本地收集的攻击发送到中央服务器，但我无法获取它。

我尝试过使用 HTTP Post、Python CGI，但无法得到它。蜜罐有一项服务，可让您通过 HTTP 发送数据（submit_http.py： http:// /src.carnivore.it/dionaea/commit/?id=cfd2be8cf7484c781384648cf1c9223afc2bd3c1），我在中央服务器上有一个最初为猪笼草开发的PHP文件（submit.php：http://www.remoteroot.net/2008/07/21/nepenthes -submit-http-server-with-file-upload/）并希望通过 HTTP POST 接收文件以及有关每次攻击相关参数的信息。为什么submit.php 不起作用？！

我的 dionaea.conf 是这样的：


submit_http = {
                        url = "http://central_machine_IP/submit.php"
                        email = "[email protected]"
                        user = "uuuuuuu"
                        pass = "xxxxxxxxxxx"
                }

Thank you guys.

原文

Hello people someone knows Dionaea honeypot?

I'm trying to send binary information collected locally and attack collected locally on the honeypot to a central server and I can not get it.

I've tried using HTTP Post, Python CGI, and I can not get it.
The honeypot has a service that lets you send data via HTTP (submit_http.py: http://src.carnivore.it/dionaea/commit/?id=cfd2be8cf7484c781384648cf1c9223afc2bd3c1) and I have a PHP file on the central server which was originally developed for nepenthes (submit.php: http://www.remoteroot.net/2008/07/21/nepenthes-submit-http-server-with-file-upload/) and wanted to receive the files as well as information about each attack associated parameters through HTTP POST.
Why does the submit.php is not working?!

I have my dionaea.conf like this:


submit_http = {
                        url = "http://central_machine_IP/submit.php"
                        email = "[email protected]"
                        user = "uuuuuuu"
                        pass = "xxxxxxxxxxx"
                }

Thank you guys.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

温柔女人霸气范 2024-10-24 00:22:43

捕蝇草日志错误：


[10022011 17:51:14] curl module.c:202: DOWNLOAD DONE:
http://xxx.xxx.xxx.xxx/yyy => (0)
[10022011 17:51:14] logsql dionaea/logsql.py:601: complete for attackid 5241
[10022011 17:51:14] test dionaea/test.py:51: your configuration lacks urls
to submit to defaults
[10022011 17:51:14] python module.c:959: NameError at NameError("global name
'submithttp_report' is not defined",)
[10022011 17:51:14] python module.c:984:
/opt/dionaea/lib/dionaea/python/dionaea/submit_http.py:56 in
handle_incident_dionaea_download_complete_unique
[10022011 17:51:14] python module.c:985:      mr =
submithttp_report(i.sha512, i.md5, icd.file)
[10022011 17:51:14] python module.c:984: binding.pyx:975 in
dionaea.core.c_python_ihandler_cb (binding.c:8605)
[10022011 17:51:14] python module.c:985:      None

I hid the original ip by xxx.xxx.xxx.xxx

dionaea log error:


[10022011 17:51:14] curl module.c:202: DOWNLOAD DONE:
http://xxx.xxx.xxx.xxx/yyy => (0)
[10022011 17:51:14] logsql dionaea/logsql.py:601: complete for attackid 5241
[10022011 17:51:14] test dionaea/test.py:51: your configuration lacks urls
to submit to defaults
[10022011 17:51:14] python module.c:959: NameError at NameError("global name
'submithttp_report' is not defined",)
[10022011 17:51:14] python module.c:984:
/opt/dionaea/lib/dionaea/python/dionaea/submit_http.py:56 in
handle_incident_dionaea_download_complete_unique
[10022011 17:51:14] python module.c:985:      mr =
submithttp_report(i.sha512, i.md5, icd.file)
[10022011 17:51:14] python module.c:984: binding.pyx:975 in
dionaea.core.c_python_ihandler_cb (binding.c:8605)
[10022011 17:51:14] python module.c:985:      None

I hid the original ip by xxx.xxx.xxx.xxx

回复收藏 0 原文

~没有更多了~