Setting the environment and running the application requires intermmediate Linux administration knowledge. The whole deployment process can be found "step-by-step" inside the deploy.txt file. Configuration settings can be found and modified inside the hontel.py itself. For example, authentication credentials can be changed from default root:123456
to some arbitrary values (options AUTH_USERNAME
and AUTH_PASSWORD
), custom Welcome message can be changed from default (option WELCOME
), custom hostname (option FAKE_HOSTNAME
), architecture (option FAKE_ARCHITECTURE
), location of log file (inside the chroot environment) containing all telnet commands (option LOG_PATH
), location of downloaded binary files dropped by connected users (option SAMPLES_DIR
), etc.
Note: Some botnets tend to delete the files from compromised hosts (e.g. /bin/bash
) in order to harden itself from potential attempts of cleaning and/or attempts of installation coming from other (concurent) botnets. In such cases either the whole chroot environment has to be reinstalled or host directory where the chroot directory resides (e.g. /srv/chroot/
) should be recovered from the previously stored backup (recommended).
Download Link
https://github.com/stamparm/hontel
This article was published on Hack Hex website, under Tools section, written by Dawood Khan on 11th February 2019. Share & leave us some comments on what you think about this topic or if you like to add something.
Tags: #brute force tools #Computer Security #ethical hacking #Honeypot #Hontel #linux security testing #malware analysis tools #password brute force #Penetration Testing #penetration testing distribution #penetration testing linux #pentest android #pentest linux #pentest toolkit #pentest tools #security tool kit #spy tool kit #spyware #Telnet #web application testing tools #web malware detection