This is another side project, with the goal of creating a script that will download all malicious files stored as URLs in a Kippo SSH honeypot database (and help me learn some Python during the process). This is useful in situations where you have lost your files or something happened to your VPS/server but you still have your DB intact.
You can download it from: https://github.com/ikoniaris/kippo-malware
The script uses the following packages: MySQL-python, pony, requests, and clint. Installing those is trivial via pip. Your only problem might be with MySQL-python under Windows but you can use this precompiled binary.
# python kippo-malware.py -h usage: kippo-malware.py [-h] [--directory DIRECTORY] [--hostname HOSTNAME] [--port PORT] [--username USERNAME] [--password PASSWORD] [--database DATABASE] [--debug] optional arguments: -h, --help show this help message and exit --directory DIRECTORY Dir to save the files -- DEFAULT: <current>/downloads --hostname HOSTNAME MySQL server hostname -- DEFAULT: 127.0.0.1 --port PORT MySQL server port -- DEFAULT: 3306 --username USERNAME MySQL server username -- DEFAULT: kippo --password PASSWORD MySQL server password -- DEFAULT: kippo --database DATABASE MySQL server database -- DEFAULT: kippo --debug Enable debugging
For comments, suggestions, fixes, please use the Kippo-Malware page: http://bruteforce.gr/kippo-malware