7h331337 Posted February 7, 2009 Posted February 7, 2009 (edited) this is a simple app that lets you open up ports and if any one trys to connect to it it sets of a siren and adds the details to the loghacker_trapper_2.5.rarnew_hacker_trapper_2.6.rar Edited February 8, 2009 by 7h331337
7h331337 Posted February 7, 2009 Author Posted February 7, 2009 Manadar said: Very cool, .ty i hope to add more features tonight like automatic isp abuse forwarding any one have a idea of any features i should add
7h331337 Posted February 8, 2009 Author Posted February 8, 2009 hacker trapper 2.6 now availably now has automatic isp emailing only works with gmail right now but you can still use it like normal without email to use email click set email if you want to test it just change the value of $to in intruder() please tell me what u thinknew_hacker_trapper_2.6.rar
Developers Jos Posted February 8, 2009 Developers Posted February 8, 2009 You will hardly be portscanned when behind a LAT Router unless you define your PC as a DMZ host. When defined like that you probably will go crazy with the number of hits you get ofcourse depending which port you open the trap for. Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
Developers Jos Posted February 8, 2009 Developers Posted February 8, 2009 7h331337 said: i ormly portfward to the internet and i will add some more script to it and make it so you have to type in to it something like a login and the alarm will only go off iff thay try o login so scanningshould not affect itsure... that too.... (not the foggiest idea what you are saying here) SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
7h331337 Posted February 8, 2009 Author Posted February 8, 2009 Jos said: sure... that too.... (not the foggiest idea what you are saying here)soz about that wireless keyboard lol ran out of power
James Posted February 8, 2009 Posted February 8, 2009 Wireless keyboard ran out of power so you typed half a sentence with no power erm ok... Blog - Seriously epic web hosting - Twitter - GitHub - Cachet HQ
7h331337 Posted February 8, 2009 Author Posted February 8, 2009 (edited) JamesBrooks said: Wireless keyboard ran out of power so you typed half a sentence with no power erm ok...it was running out of power any way what i was trying to saying is if you scan the ports it will set it off now it will only go off if someone types something in to it here is the update: expandcollapse popup#include <GUIConstants.au3> #include <inet.au3> #include <String.au3> Global $lis[100][100], $list[100], $ip, $sockaddr, $exit = False,$recv,$p $lis[0][1] = 0 $email = 0 $Form1 = GUICreate("The Hacker Trapped BY 7H331337", 652, 314, 225, 63) $input1 = GUICtrlCreateInput("you have been trapped by the hacker trapper 2.6 by 7h331337 and your ip has been logged and your isp has been notified", 72, 16, 289, 21) $Label1 = GUICtrlCreateLabel("message", 8, 16, 46, 17) $Group1 = GUICtrlCreateGroup("Ports listening", 8, 56, 353, 105) $ListView1 = GUICtrlCreateListView("NAME|PORT|STATE", 16, 72, 329, 81) GUICtrlCreateGroup("", -99, -99, 1, 1) $Group2 = GUICtrlCreateGroup("PORTS", 368, 16, 273, 281) $Checkbox1 = GUICtrlCreateCheckbox("FTP", 384, 48, 97, 17) $Checkbox2 = GUICtrlCreateCheckbox("TELNET", 384, 80, 97, 17) $Checkbox3 = GUICtrlCreateCheckbox("SSH", 384, 112, 97, 17) $Checkbox4 = GUICtrlCreateCheckbox("HTTP", 384, 144, 97, 17) $Checkbox5 = GUICtrlCreateCheckbox("SNMP", 384, 176, 97, 17) $Checkbox6 = GUICtrlCreateCheckbox("POP3", 488, 48, 97, 17) $Checkbox7 = GUICtrlCreateCheckbox("SMTP", 488, 80, 97, 17) $Checkbox8 = GUICtrlCreateCheckbox("SOCKSPROXY", 488, 112, 97, 17) $Checkbox9 = GUICtrlCreateCheckbox("FINGER", 488, 144, 97, 17) $Checkbox10 = GUICtrlCreateCheckbox("DNS", 488, 176, 97, 17) $Input2 = GUICtrlCreateInput("", 480, 224, 153, 21) $Label2 = GUICtrlCreateLabel("ADD PORT (139)", 384, 224, 87, 25) $Button4 = GUICtrlCreateButton("add port", 480, 256, 81, 17, 0) GUICtrlCreateGroup("", -99, -99, 1, 1) $Button1 = GUICtrlCreateButton("start", 8, 280, 97, 17, 0) $Button2 = GUICtrlCreateButton("stop", 112, 280, 89, 17, 0) $Button3 = GUICtrlCreateButton("set email (optional)", 216, 280, 89, 17, 0) $Group3 = GUICtrlCreateGroup("log", 8, 176, 353, 97) $ListView2 = GUICtrlCreateListView("Time |ip |name |port", 16, 192, 329, 73) GUICtrlCreateGroup("", -99, -99, 1, 1) GUISetState(@SW_SHOW) While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $Checkbox1 If GUICtrlRead($Checkbox1) = 1 Then $lis[0][1] = 1 $lis[$lis[0][1]][1] = "ftp" $lis[$lis[0][1]][0] = 21 $list[0] = $list[0] + 1 $list[1] = GUICtrlCreateListViewItem("ftp|21|stopped!!!", $ListView1) Else GUICtrlDelete($list[1]) EndIf Case $Checkbox2 If GUICtrlRead($Checkbox2) = 1 Then $lis[0][1] = 2 $lis[$lis[0][1]][1] = "telnet" $lis[$lis[0][1]][0] = 23 $list[0] = $list[0] + 1 $list[2] = GUICtrlCreateListViewItem("telnet|23|stopped!!!", $ListView1) Else GUICtrlDelete($list[2]) EndIf Case $Checkbox3 If GUICtrlRead($Checkbox3) = 1 Then $lis[0][1] = 3 $lis[$lis[0][1]][1] = "ssh" $lis[$lis[0][1]][0] = 22 $list[0] = $list[0] + 1 $list[3] = GUICtrlCreateListViewItem("ssh|22|stopped!!!", $ListView1) Else GUICtrlDelete($list[3]) EndIf Case $Checkbox4 If GUICtrlRead($Checkbox4) = 1 Then $lis[0][1] = 4 $lis[$lis[0][1]][1] = "http" $lis[$lis[0][1]][0] = 80 $list[0] = $list[0] + 1 $list[4] = GUICtrlCreateListViewItem("http|80|stopped!!!", $ListView1) Else GUICtrlDelete($list[4]) EndIf Case $Checkbox5 If GUICtrlRead($Checkbox5) = 1 Then $lis[0][1] = 5 $lis[$lis[0][1]][1] = "snmp" $lis[$lis[0][1]][0] = 161 $list[0] = $list[0] + 1 $list[5] = GUICtrlCreateListViewItem("snmp|161|stopped!!!", $ListView1) Else GUICtrlDelete($list[5]) EndIf Case $Checkbox6 If GUICtrlRead($Checkbox6) = 1 Then $lis[0][1] = 6 $lis[$lis[0][1]][1] = "pop3" $lis[$lis[0][1]][0] = 110 $list[0] = $list[0] + 1 $list[6] = GUICtrlCreateListViewItem("pop3|110|stopped!!!", $ListView1) Else GUICtrlDelete($list[6]) EndIf Case $Checkbox7 If GUICtrlRead($Checkbox7) = 1 Then $lis[0][1] = 7 $lis[$lis[0][1]][1] = "smtp" $lis[$lis[0][1]][0] = 25 $list[0] = $list[0] + 1 $list[7] = GUICtrlCreateListViewItem("smtp|25|stopped!!!", $ListView1) Else GUICtrlDelete($list[7]) EndIf Case $Checkbox8 If GUICtrlRead($Checkbox8) = 1 Then $lis[0][1] = 8 $lis[$lis[0][1]][1] = "socksproxy" $lis[$lis[0][1]][0] = 1080 $list[0] = $list[0] + 1 $list[8] = GUICtrlCreateListViewItem("socksproxy|1080|stopped!!!", $ListView1) Else GUICtrlDelete($list[8]) EndIf Case $Checkbox9 If GUICtrlRead($Checkbox9) = 1 Then $lis[0][1] = 9 $lis[$lis[0][1]][1] = "finger" $lis[$lis[0][1]][0] = 79 $list[0] = $list[0] + 1 $list[9] = GUICtrlCreateListViewItem("finger|79|stopped!!!", $ListView1) Else GUICtrlDelete($list[9]) EndIf Case $Checkbox10 If GUICtrlRead($Checkbox10) = 1 Then $lis[0][1] = 10 $lis[$lis[0][1]][1] = "dns" $lis[$lis[0][1]][0] = 53 $list[0] = $list[0] + 1 $list[10] = GUICtrlCreateListViewItem("dns|53|stopped!!!", $ListView1) Else GUICtrlDelete($list[10]) EndIf Case $Button4 $lis[0][1] = $lis[0][1] + 1 $lis[$lis[0][1]][1] = "user" & GUICtrlRead($Input2) $lis[$lis[0][1]][0] = GUICtrlRead($Input2) $list[0] = $list[0] + 1 $list[$list[0]] = GUICtrlCreateListViewItem("user" & GUICtrlRead($Input2) & "|" & GUICtrlRead($Input2) & "|stopped!!!", $ListView1) Case $Button1 start() Case $Button3 $username = InputBox("username", "type gmail username (me@gmail;.com)") $password = InputBox("password", "type gmail password") $email = 1 EndSwitch WEnd Func start() TCPStartup() For $i = 1 To $lis[0][1] + 1 $lis[$i][3] = TCPListen(@IPAddress1, $lis[$i][0]) If $lis[$i][3] < 0 Then GUICtrlSetData($list[$i], "||cant start") Else GUICtrlSetData($list[$i], "||ok") EndIf Next Do For $i = 1 To $lis[0][1] $acc = TCPAccept($lis[$i][3]) If $acc >= 0 Then intruder($i, $acc) EndIf Next $msg = GUIGetMsg() If $msg = $Button2 Then $exit = True EndIf Until $exit = True $exit = False For $i = 1 To $lis[0][1] + 1 GUICtrlSetData($list[$i], "||stoped!!!") Next TCPShutdown() EndFunc ;==>start Func intruder($num, $acc) TCPSend($acc, "Username: ") do $recv = $recv & TCPRecv($acc, 100) sleep(5) $p = $p +1 Until $recv > " " or $p >= 1000 If $recv > " " Then TCPSend($acc,@crlf & GUICtrlRead($input1)) $ip = SocketToIP($acc) $name = _TCPIpToName($ip) $data = @HOUR & ":" & @MIN & "|" & $ip & "|" & $name & "|" & $lis[$num][0] & " " & $lis[$num][1] GUICtrlCreateListViewItem($data, $ListView2) FileWriteLine("hacker traper log" & @HOUR, $data) SoundPlay("intruder.wav") SoundSetWaveVolume(100) $str = StringSplit(_TCPIpToName($ip), ".") $to = "abuse@" & $str[0] - 1 & $str[0] If $email = 1 Then _INetSmtpMailCom("smtp.gmail.com", @ComputerName, $username, $to, "hacking attempt from " & _TCPIpToName($ip), _TCPIpToName($ip) & " tried to hack in to my network at " & @HOUR & ":" & @MIN & " please resolve this issue asap " & @CRLF & "full description:" & @CRLF & $data, $username, $password) EndIf EndIf TCPCloseSocket($acc) EndFunc ;==>intruder Func SocketToIP($SHOCKET) Local $sockaddr = DllStructCreate("short;ushort;uint;char[8]") Local $aRet = DllCall("Ws2_32.dll", "int", "getpeername", "int", $SHOCKET, _ "ptr", DllStructGetPtr($sockaddr), "int*", DllStructGetSize($sockaddr)) If Not @error And $aRet[0] = 0 Then $aRet = DllCall("Ws2_32.dll", "str", "inet_ntoa", "int", DllStructGetData($sockaddr, 3)) If Not @error Then $aRet = $aRet[0] Else $aRet = 0 EndIf $sockaddr = 0 Return $aRet EndFunc ;==>SocketToIP Func _INetSmtpMailCom($s_SmtpServer, $s_FromName, $s_FromAddress, $s_ToAddress, $s_Subject = "", $s_Body = "", $s_Username = "", $s_Password = "") $objEmail = ObjCreate("CDO.Message") $objEmail.From = '"' & $s_FromName & '" <' & $s_FromAddress & '>' $objEmail.To = $s_ToAddress $objEmail.Subject = $s_Subject $objEmail.Textbody = $s_Body & @CRLF $objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 $objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = $s_SmtpServer $objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25 $objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1 $objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusername") = $s_Username $objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendpassword") = $s_Password $objEmail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpusessl") = True $objEmail.Configuration.Fields.Update $objEmail.Send If @error Then SetError(2) EndIf EndFunc ;==>_INetSmtpMailCom Edited February 8, 2009 by 7h331337
Zachlr Posted March 27, 2009 Posted March 27, 2009 Jos said: You will hardly be portscanned when behind a LAT Router unless you define your PC as a DMZ host.When defined like that you probably will go crazy with the number of hits you get ofcourse depending which port you open the trap for.JosI agree. First off, there is really no point for this if you are using a firewall (90% of everyone here) unless you set yourself as the DMZ which I don't recommend. Automatic abuse reporting won't really help unless someone actually gains unauthorized access to a service running on that port, in which case there would most likely be a port conflict. While it is illegal to port scan a node without its permission, as well as attempt to gain unauthorized access to one, the ISP will probably not do anything unless any real damage is done. And a lot of port scanners are web based, giving inaccurate reports, of them most are ISP's themselves. An ISP can detect if someone on its network is port scanning, it doesn't need the help of a hack trapper. Like Jos said, you will go crazy with the number of hits, and if there is an email being sent to the ISP for each one of them, you will be spamming the heck out of them, and they won't be happy. Just imagine a full port scan. 65535 emails in a few minutes (Obviously depends on listening ports, but you get the idea). I have a connection log and I get a few connections on each open port per day. Additionally, hack trappers are usually said to be less secure than a firewall, since it's like holding up a big sign "Come get me, hackers." Now if you haven't shouted "Flamer alert!" and banned me by now, I want to say I think this script could be very useful in an environment such as a LAN cafe, hotel, or other public WiFi area where you are not behind a firewall. Imagine their reaction if a siren goes off when someone sitting next to you tries to NetBus you. I also think that it is a cool idea (minus the abuse reports and sirens) if you are just curious about who is out there. Really, no flaming intended. If I may make a contribution, here are some ports you might want to add: Built in, widely scanned for:Windows Remote Desktop 3389 (obvious one)Windows file sharing 445NetBIOS 137-139Trojans / Back doors:Sub7 Spy 54283Sub7 Screen Capture 2772Sub7 Keylogger 2773Sub7 general 6711Mastersparadise 3129Deepthroat 6670NetBus 12345Back Orifice 31337Radmin 4899Windows tini 7777Other:Alternate http 8080 (This is usually the default remote management port for routers)
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now