1
0
mirror of https://github.com/vimagick/dockerfiles.git synced 2024-12-23 01:39:27 +02:00
dockerfiles/cowrie
2020-11-05 19:22:21 +08:00
..
arm update cowrie 2020-11-05 19:22:21 +08:00
data/etc update cowrie 2020-11-05 19:22:21 +08:00
docker-compose.yml update cowrie 2020-11-05 19:22:21 +08:00
README.md update cowrie 2020-11-05 19:22:21 +08:00

cowrie

Cowrie is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.

Cowrie is directly based on Kippo by Upi Tamminen (desaster).

docker-compose.yml

version: "3.8"

services:
  cowrie:
    image: cowrie/cowrie
    ports:
      - "2222:2222"
      - "2223:2223"
    volumes:
      - cowrie-etc:/cowrie/cowrie-git/etc
      - cowrie-var:/cowrie/cowrie-git/var
    restart: unless-stopped

volumes:
  cowrie-etc:
  cowrie-var:

server

$ docker-compose up -d
$ docker volume ls
$ docker volume inspect cowrie_cowrie-var
$ cd /var/lib/docker/volumes/cowrie_cowrie-etc/_data
$ cp cowrie.cfg.dist cowrie.cfg
$ cp userdb.example userdb.txt
$ cd /var/lib/docker/volumes/cowrie_cowrie-var/_data
$ tail -f log/cowrie/cowrie.json

client

$ ssh -p 2222 root@server
$ telnet server 2223

You can login as root with any password except root or 123456.