Replies: 5 comments
-
|
@bob3rocks have you been able to get the binaries out of dionaea and if so how I havent had any luck getting the binaries to my local machine any help greatly appreciated |
Beta Was this translation helpful? Give feedback.
-
|
The only way I have found to do it is to download the binaries to my local
machine, then upload to Cyberchef.
It works great, but you can't do that in Windows (YMMV)
I have a Kali machine running within Windows Subsystem for Linux using the
" kex --esm" option which gives me seamless full-screen functionality.
(That tidbit is outside the scope of this thread, I know)
Hope this helps!
…On Wed, May 10, 2023 at 9:33 AM Rocco-Hash1 ***@***.***> wrote:
@bob3rocks <https://github.com/bob3rocks> have you been able to get the
binaries out of dionaea and if so how I havent had any luck getting the
binaries to my local machine any help greatly appreciated
—
Reply to this email directly, view it on GitHub
<#1240 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AFPYFAWT7BTDITXBGNPPOITXFO7NJANCNFSM6AAAAAATUXAZVY>
.
You are receiving this because you were mentioned.Message ID:
***@***.***
com>
--
Bob Wachunas
1(707) 536-1182
the state of the world really makes me want to {uke}==*::*
|
Beta Was this translation helpful? Give feedback.
-
|
@bob3rocks yes but how are you downloading the binaries, I use scp -p 64295 tsec@ip:/data/dionaea/bianries and it gives me a permission denied i have tried to add the user to tpot group no luck, so how are you downloading the binaries? i am running tpot in the cloud and attempting to connect to it on a kali vm running locally |
Beta Was this translation helpful? Give feedback.
-
|
oh - I see what you are saying!
And now I recall (that was quite a few months ago at this point) I had the
same problem.
The way I worked around that was to install VNC server on the t-pot
instance, then VNC to t-pot and grab the files locally.
…On Wed, May 10, 2023 at 9:49 AM Rocco-Hash1 ***@***.***> wrote:
@bob3rocks <https://github.com/bob3rocks> yes but how are you downloading
the binaries, I use scp -p 64295 ***@***.***:/data/dionaea/bianries and it
gives me a permission denied i have tried to add the user to tpot group no
luck, so how are you downloading the binaries?
—
Reply to this email directly, view it on GitHub
<#1240 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AFPYFAWDJB6UWNQ4GOT3GS3XFPBLDANCNFSM6AAAAAATUXAZVY>
.
You are receiving this because you were mentioned.Message ID:
***@***.***
com>
--
Bob Wachunas
1(707) 536-1182
the state of the world really makes me want to {uke}==*::*
|
Beta Was this translation helpful? Give feedback.
-
|
@bob3rocks thank you I will try it tonight and let you know but thank you so much been stuck here for days will report back tomorrow |
Beta Was this translation helpful? Give feedback.
-
tpotce is by far the best honeynet platform I've used in 15 years of honeypot deployment.
And, it's cool having my own Cyberchef instance to analyze malicious binaries.
And, Dionaea is good at collecting maclicious binaries...
Is having both Cyberchef and Dionaea built in T-Pot a mere coincidence?
Wouldn't it be cool if there was a way to open a malicious binary directly from Dionaea in Cyberchef?
Has anyone found a way to do this (without downloading malicious binaries to their local machine first) ?
Beta Was this translation helpful? Give feedback.
All reactions