Daniel Miessler

Some Basic Credential and Country Analysis of Incoming Mirai (IoT Botnet) Traffic

October 30, 2016
#technology
screen-shot-on-2016-10-30-at-15_05_44

I’ve been messing with Robert Graham’s TelnetLogger project today and captured some IPs and credentials over around two hours.

I was curious of two things:

  1. Which credentials would be most popular

  2. Which were the most common source IPs

The listener has options for capturing both via:

telnetlogger -p passwds.txt -i ips.txt

What I did was create a simple script (HoneyCredIPTracker) that processes the output. It basically summons the all-powerful combo of:

sort | uniq -c | sort -nr

Fascinating to see which countries are trying most often, and what credentials they’re trying the most.

You can get the script here.

CONTINUE EXPLORING
search 3060 pieces of content
years
TAGS (CURRENT TAGS HIGHLIGHTED, CLICK TO CHOOSE OTHERS)
#technology (2171) #ai (1790) #future (1360) #personal (689) #ethics (356) #politics (346) #cybersecurity (266) #society (245) #culture (202) #writing (198) #creativity (171) #innovation (114) #productivity (71) #meaning (63) #business (60) #science (36) #philosophy (36) #art (1) #nationalsecurity (1) #tutorial (1)
Latest Content
CONTINUE ON:
HOME|BLOG|ARCHIVES