Add README.md

2024-07-17 11:38:19 +07:00 · 2024-07-17 11:38:19 +07:00 · 56abf7dc91
parent a59d57cf0d
commit 56abf7dc91
1 changed files with 71 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,71 @@
+# Honeypot Cowrie
+# ssh
+apt install openssh-server
+sudo nano /etc/ssh/sshd_config (ganti port ssh)
+systemctl restart sshd
+# honeypot
+sudo apt update && sudo apt upgrade -y
+sudo apt-get install git python3-virtualenv libssl-dev libffi-dev build-essential libpython3-dev python3-minimal authbind virtualenv
+sudo apt install python3-venv && sudo apt install python-is-python3
+sudo adduser --disabled-password cowrie
+sudo su – cowrie
+git clone http://github.com/cowrie/cowrie
+cd cowrie
+python -m venv cowrie-env
+source cowrie-env/bin/activate
+python -m pip install --upgrade pip & python -m pip install --upgrade -r requirements.txt
+# konfigurasi
+cd /home/cowrie/cowrie/etc
+cp cowrie.cfg.dist cowrie.cfg && cp /cowrie/etc/userdb.example userdb.txt
+nano cowrie.cfg (ganti hostname, tambahkan api telegram dan chat id)
+exit
+sudo apt-get install authbind
+sudo touch /etc/authbind/byport/22
+sudo chown cowrie:cowrie /etc/authbind/byport/22
+sudo chmod 770 /etc/authbind/byport/22
+sudo  apt  install supervisor -y 
+nano /etc/supervisor/conf.d/cowrie.conf
+# Port Knocking
+apt install knockd
+nano /etc/default/knockd (ganti menjadi seperti ini. start knockd=1 knockd_opt"- (interface network)")
+nano /etc/knockd.conf (ganti --dport 22 menjadi port ssh)
+systemctl start knockd && systemctl enable knockd
+sudo   iptables   -A   INPUT   -m   conntrack   --ctstate ESTABLISHED,RELATED -j ACCEPT
+sudo iptables -A INPUT -p tcp --dport (port ssh) -j REJECT
+apt install iptables-persistent
+iptables-save -c > /etc/iptables/rules.v4
+# Snort
+mkdir snort && cd snort
+apt install -y gcc libpcre3-dev zlib1g-dev libluajit-5.1-dev libpcap-dev openssl libssl-dev libnghttp2-dev libdumbnet-dev bison flex libdnet autoconf libtool
+wget https://snort.org/downloads/snort/daq-2.0.7.tar.gz
+tar -xvzf daq-2.0.7.tar.gz && cd daq-2.0.7
+autoreconf -f -i
+./configure && make && sudo make install
+apt install snort -y
+sudo nano /etc/snort/snort.conf
+sudo nano /etc/snort/rules/local.rules
+sudo nano /etc/snort/rules/nmap.rules
+sudo nano /etc/snort/snort.debian.conf
+sudo snort -T -c /etc/snort/snort.conf
+# telegram
+Buat bot telegram dengan bot father dan chat bot yang sudah dibuat untuk mendapatkan chat id
+https://api.telegram.org/bot(token bot anda)/getUpdates
+https://api.telegram.org/bot(token bot)/sendMessage?chat_id=(chat id)&text=Coba aja
+# konfigurasi telegram
+git   clone   https://github.com/gagaltotal/Snort-Bot- Telegram-Shell
+cd Snort-Bot-Telegram-Shell
+chmod 777 bot-tele.sh
+nano bot-tele.sh
+nano src/cowrie/output/telegram.py
+cd /home/(user)/ Snort-Bot-Telegram-Shell
+./bot-tele.sh
+sudo  snort  -i  enp0s3  -c  /etc/snort/snort.conf  -l /var/log/snort -d -A console > /home/kz/log-tele.txt
+sudo apt install cockpit
+systemctl start cockpit && systemctl enable cockpit
+ufw allow 9090/tcp
+# mikrotik
+konfigurasi awal mikrotik (cari aja di google)
+# open vpn mikrotik
+https://web.tunnel.my.id/
+buat akun dan buat profil vpn
+konfigurasi nat buat port forwarding