Script to install Thug honeypot on Ubuntu 12.04
Thug is a Python low-interaction honeyclient aimed at mimicking the behaviour of a web browser in order to detect and emulate malicious contents. It based on Python + V8 JS engine. You can go to the website or google to understands more about this awesome application.
So, here I share to you a script that automate the building and compiling Thug honeypot + V8 on Ubuntu machine:
#!/bin/bash #Install some dependencies for the building process sudo apt-get install -y autoconf build-essential git-core scons subversion libboost-dev libboost-python-dev libboost-thread-dev libboost-system-dev libtool mongodb python-bs4 python-chardet python-cssutils python-dev python-html5lib python-httplib2 python-zope.interface python-pymongo python-pefile python-setuptools sudo easy_install beautifulsoup4 #Obtaining libemu via Git cd /tmp/ git clone git://git.carnivore.it/libemu.git #Configure and install cd /tmp/libemu/ autoreconf -v -i ./configure --enable-python-bindings --prefix=/opt/libemu sudo make install sudo ldconfig -n /opt/libemu/lib #Obtaining pylibemu via Git cd /tmp/ git clone https://github.com/buffer/pylibemu.git #Build and install cd /tmp/pylibemu/ sudo sh -c "echo /opt/libemu/lib > /etc/ld.so.conf.d/pylibemu.conf" python setup.py build sudo python setup.py install #Obtain the codes via svn and git cd ~ git clone https://github.com/buffer/thug.git cd ~/thug/ svn checkout http://v8.googlecode.com/svn/trunk/ v8 #Apply the Thug’s patch for V8 cp patches/V8-patch* . patch -p0 < V8-patch1.diff rm V8-patch* #Build and compile python wrapper for V8. This process will compile the V8 engine at the same time cd /tmp/ svn checkout http://pyv8.googlecode.com/svn/trunk/ pyv8 export V8_HOME=$HOME/thug/v8 cd pyv8 python setup.py build sudo python setup.py install
I really appreciate if you can share with me your experience using this software in production/real-life. :)blog comments powered by Disqus