self-hosted/dockerfiles
1
0
Fork 0
mirror of https://github.com/vimagick/dockerfiles.git synced 2025-10-30 23:47:48 +02:00
Code Issues Releases Activity
Files
master
dockerfiles/cowrie
History
kevin 6103375ec2 update cowrie
2023-07-18 19:29:17 +08:00
..
data/etc
update cowrie
2023-07-18 17:48:27 +08:00
docker-compose.yml
update cowrie
2020-11-05 19:22:21 +08:00
README.md
update cowrie
2023-07-18 19:29:17 +08:00

README.md

cowrie

Cowrie is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.

Cowrie is directly based on Kippo by Upi Tamminen (desaster).

docker-compose.yml

version: "3.8"

services:
  cowrie:
    image: cowrie/cowrie
    ports:
      - "2222:2222"
      - "2223:2223"
    volumes:
      - cowrie-etc:/cowrie/cowrie-git/etc
      - cowrie-var:/cowrie/cowrie-git/var
    restart: unless-stopped

volumes:
  cowrie-etc:
  cowrie-var:

server

$ docker-compose up -d
$ docker volume ls
$ docker volume inspect cowrie_cowrie-var
$ cd /var/lib/docker/volumes/cowrie_cowrie-etc/_data
$ cp cowrie.cfg.dist cowrie.cfg
$ cp userdb.example userdb.txt
$ cd /var/lib/docker/volumes/cowrie_cowrie-var/_data
$ tail -f log/cowrie/cowrie.json

$ wget -P /usr/local/bin/ https://github.com/cowrie/cowrie/raw/master/bin/asciinema
$ wget -P /usr/local/bin/ https://github.com/cowrie/cowrie/raw/master/bin/playlog
$ chmod +x /usr/local/bin/{asciinema,playlog}
$ playlog -c lib/cowrie/tty/xxxxxx

client

$ ssh -p 2222 root@server
$ telnet server 2223

You can login as root with any password except root or 123456.