Thug-Vagrant

Thug-Vagrant provides a Vagrant configuration file (Vagrantfile) and shell script to automate the setup of a Thug honeyclient in a virtual machine. The need for this project comes from the lengthy and somewhat difficult installation procedure of Thug which can be discouraging.

REQUIREMENTS:

  1. VirtualBox
  2. Vagrant

DOWNLOAD & INSTALL Thug-Vagrant:

git clone https://github.com/ikoniaris/thug-vagrant && cd thug-vagrant
vagrant up

This will download (only the first time) a virtual disk, it will create a new Ubuntu 12.04 LTS VM on the fly and start it using VirtualBox. Then Thug and all of its dependencies will be installed on it. And that’s it!

You can then login into the machine by typing “vagrant ssh” or using an SSH client (e.g. PuTTY) and connect to localhost:2222 — username: vagrant, password: vagrant. Once inside the VM, you will find Thug in the /opt/thug/ directory and the main script located at: /opt/thug/src/thug.py. If you want to stop the machine type “vagrant halt” (on the outer terminal, not inside the machine).

Every time you want to start the honeypot VM a simple “vagrant up” issued inside the thug-vagrant directory is enough!

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

  • Stepan Mark Pietrek

    Hi,
    I get this error when run ‘vagrant up’ command:

    ” The guest machine entered an invalid state while waiting for it
    to boot. Valid states are ‘starting, running’. The machine is in the
    ‘poweroff’ state. Please verify everything is configured
    properly and try again.

    If the provider you’re using has a GUI that comes with it,
    it is often helpful to open that and watch the machine, since the
    GUI often has more helpful error messages than Vagrant can retrieve.
    For example, if you’re using VirtualBox, run `vagrant up` while the
    VirtualBox GUI is open. ”

    Box “precise32” downloaded but doesn’t work.

    Windows 7 Ultimate SP1 64Bit

    • Ion

      Hi Stepan, can you open VirtualBox and see if the machine is there? If yes, just delete it from the GUI. And then run `vagrant up` inside the thug-vagrant folder again. Good luck.

      • Stepan Mark Pietrek

        The problem was in the VirtualBox version! With VirtualBox 4.3.* doesn’t work but with VirtualBox 4.2.* works fine (in my case VirtualBox 4.2.12).
        Anyway thanks alot! =)

      • Ion

        It works for me with VirtualBox 4.3 though. But since you’ve solved it, everything is good.

      • Stepan Mark Pietrek

        The 4.3.14 VirtualBox version has some problem, so this was the problem maybe. You can see in VirtualBox forum. =)

  • Ken Pryor

    This is excellent, my friend! I did find that in Win 7, I had to open cmd as Administrator before typing the command vagrant up. It works very well, though! Thank you!

    • Ion

      Hi Ken!

      Great news 🙂 Let me know how it goes. Another suggestion is to also take a look at Docker after Vagrant. There is even a Docker container for Thug around.

      Best regards, Ion.

  • User

    Please include flex as required package otherwise yara build will fail.

Read previous post:
Kippo-Graph 1.2: pull master or re-download
Kippo-Graph 1.2 released!
Honeypots workshop at BSidesLV 2014!
Dionaea-Vagrant demo
The Bulgarian and Soviet Virus Factories
Close