Sticky Situation: Exploiting Honeypots for DDoS

Repository that stores the code to reproduce our project work from DTU course 02334-Research Topics For CyberSecurity.

Overall

This paper explores how honeypots, decoy systems designed to attract and monitor cyberattacks, serving as critical defensive tools, can be exploited by malicious actors for offensive purposes. We investigate the existence of vulnerable honeypot instances in the wild and explore how their resources can be exploited to orchestrate botnets capable of generating outbound traffic for conducting DDoS attacks. We make a fork of CommunityHoneyNetwork to orchestrate our network of compomised honeypots and a fork of CnC-Botnet to control our botnet and simulate a DDoS under the conditions of local docker networks and dummy target services.

Repository

To clone:

git clone --recurse-submodules git@github.com:Mirtia/02334-Research-Topics-For-CyberSecurity.git

Repository structure:

.
├── CHN-Server
├── CnC-Botnet-in-Python
├── docs
├── LICENSE
└── README.md

In more detail:

• CHN-Server: Orchestration tool to monitor the attacks on the honeypot network. This repository also contains approaches we followed for simulating a DDoS attack using the Cowrie instances.
• CnC-Botnet-in-Python: Botnet built in fabric to execute commands to the compromised honeypots.
• docs: This directory contains the report for the project and additional documentation that may be necessary.

Contributors

• Mirtia
• danae-pan
• iamj4ckie