An Information Security Community
On the 23th of July I started with the SSH honeypot kippo. So after a good two months I decided to collect all the urls/locations
those “1337 h4x0rs” are wgetting all their files from.
I came up with the following list:
Now, I am not saying that these sites are “evil”. Chances are most likely that they are compromised themselves. So, just simply putting them on a blacklist isn't a good idea.
Some of these links contain open directories, including all sorts of files, while other sites simply may have disappeared into thin air.
It's purely a list I extracted from the database my kippo is writing
it's results to.
As kippo also stores the obtained files, I have a copy of every single one of them for further analysis.
Use this information and/or containing files at you own risk.
Kippo also keeps track of every typed command in every “session”
One particular session I found too funny not sharing it:
Thanks to Justin Elze, for helping me out with the video.