Cdaprod · February 15, 2025 21:59
diff --git a/tarpit.py b/tarpit.py
 import socket
 import time
 import threading
 from collections import defaultdict

 # Settings
 HOST = '0.0.0.0'  # Listen on all interfaces
 PORT = 22         # SSH default port
 LOG_FILE = "attackers.log"
 BLOCK_THRESHOLD = 5  # Number of attempts before blocking
 ATTACKERS = defaultdict(int)  # Dictionary to track attacker IPs

 def log_attempt(ip):
    """ Log attacker IP and increment their attempt count """
    ATTACKERS[ip] += 1
    timestamp = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
    
    log_entry = f"[{timestamp}] Attack from {ip} (Attempt #{ATTACKERS[ip]})\n"
    print(log_entry.strip())

    with open(LOG_FILE, "a") as log:
        log.write(log_entry)

    if ATTACKERS[ip] >= BLOCK_THRESHOLD:
        block_ip(ip)

 def block_ip(ip):
    """ Block attacker IP using iptables (Linux only) """
    print(f"[!] Blocking {ip} after {BLOCK_THRESHOLD} attempts")
    cmd = f"sudo iptables -A INPUT -s {ip} -j DROP"
    try:
        import os
        os.system(cmd)
    except Exception as e:
        print(f"Failed to block {ip}: {e}")

 def tarpit(conn, ip):
    """ Hold the attacker's connection open indefinitely """
    conn.send(b"SSH-2.0-OpenSSH_8.6\r\n")  # Fake SSH handshake
    time.sleep(10000)  # Keep connection open for a long time

 def start_tarpit():
    """ Start the tar pit server """
    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as server:
        server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
        server.bind((HOST, PORT))
        server.listen(10)
        print(f"[*] Tar pit running on {HOST}:{PORT}")

        while True:
            conn, addr = server.accept()
            ip = addr[0]
            log_attempt(ip)

            # Handle each connection in a separate thread
            threading.Thread(target=tarpit, args=(conn, ip), daemon=True).start()

 if __name__ == "__main__":
    start_tarpit()
	import socket
	import time
	import threading
	from collections import defaultdict

	# Settings
	HOST = '0.0.0.0' # Listen on all interfaces
	PORT = 22 # SSH default port
	LOG_FILE = "attackers.log"
	BLOCK_THRESHOLD = 5 # Number of attempts before blocking
	ATTACKERS = defaultdict(int) # Dictionary to track attacker IPs

	def log_attempt(ip):
	""" Log attacker IP and increment their attempt count """
	ATTACKERS[ip] += 1
	timestamp = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())

	log_entry = f"[{timestamp}] Attack from {ip} (Attempt #{ATTACKERS[ip]})\n"
	print(log_entry.strip())

	with open(LOG_FILE, "a") as log:
	log.write(log_entry)

	if ATTACKERS[ip] >= BLOCK_THRESHOLD:
	block_ip(ip)

	def block_ip(ip):
	""" Block attacker IP using iptables (Linux only) """
	print(f"[!] Blocking {ip} after {BLOCK_THRESHOLD} attempts")
	cmd = f"sudo iptables -A INPUT -s {ip} -j DROP"
	try:
	import os
	os.system(cmd)
	except Exception as e:
	print(f"Failed to block {ip}: {e}")

	def tarpit(conn, ip):
	""" Hold the attacker's connection open indefinitely """
	conn.send(b"SSH-2.0-OpenSSH_8.6\r\n") # Fake SSH handshake
	time.sleep(10000) # Keep connection open for a long time

	def start_tarpit():
	""" Start the tar pit server """
	with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as server:
	server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
	server.bind((HOST, PORT))
	server.listen(10)
	print(f"[*] Tar pit running on {HOST}:{PORT}")

	while True:
	conn, addr = server.accept()
	ip = addr[0]
	log_attempt(ip)

	# Handle each connection in a separate thread
	threading.Thread(target=tarpit, args=(conn, ip), daemon=True).start()

	if __name__ == "__main__":
	start_tarpit()