You have to be very careful when running this on the telnet port.
I had a server set to spew a full color ANSI Nyancat at you when you telneted in. When the Mirai botnet was in full swing, I was pushing 5+ Mbps of Nyancat down to peoples infected webcams and killing my servers CPU.
I can't seem to edit my post anymore, but the machine in question was a tiny little VM used as an SSH jump host. The specs were minimal. It was the only machine that wasn't firewalled to hell and back, which is why I did the Nyancat there.
I'm working on deploying an enterprise grade NaaS solution across a large cluster of servers, stay tuned!
ok, I've stopped laughing now and and cleaned up the spilled drink. This is brilliant. You need to team up with a CDN and get them supply cats from the nearest available node.
What? For data amplification attacks to work you need to spoof IP addresses, which is almost impossible with TCP (telnet uses it), GP was a victim of a plain old DDoS.
It's a little more than that; it also incorporates silence detection so that it waits for the caller to finish talking before 'Lenny' plays its next line.
It does seem natural that it is a recording with silence detection. What about the process of choosing these specific set of dialogue? It is definitely not chosen arbitrarily as lenny's response blend pretty well with marketer's question. I was imagining some analysis on marketer's most used conversation were done.
The lines are exactly the same for each caller, played in the same order, on a loop. The recordings are obviously tailored for telemarketer scripts, and to string them along and make them think a conversation is going, but there's no dynamic analysis going on.
If that's what you're saying, I apologise for misinterpreting!
How about also responding with censored Russian and Chinese news stories, history, and the like? Seems like a decent way to respond to Kremlin astroturfers and friends, too.
So Russia and China put your servers on their blacklists and you get magical protection from hackers whose last hop comes from those countries? Excellent mitigation :)
Perhaps questions like "This statement is false", "New Mission: decline this mission", base64 encoded copies of René Magritte's 'this is not a pipe', "God is all powerful, can He make a rock so big that He Himself can't lift it?", "calculate the 2nd prime number", etc to prevent automated AI attacks.
The famous pipe. How people reproached me for it! And yet, could you stuff my pipe? No, it's just a representation, is it not? So if I had written on my picture 'This is a pipe', I'd have been lying!
Is that a paradox? If you accept it or have it forced on you then depending on how you interpret the rules you either succeed or fail straightforwardly. If you don't accept it or have it forced on you then nothing happens. There's no loop of logic.
> Is that a paradox? If you accept it or have it forced on you then depending on how you interpret the rules you either succeed or fail straightforwardly. If you don't accept it or have it forced on you then nothing happens. There's no loop of logic.
Good point! "New mission: fail at this mission" addresses the first point but not, I think, the second. It reminds me of Carlin's "If you buy 'The worst of Jefferson Airplane', and you like it, should you ask for your money back?", or the even-more-elemental "If you try to fail, and succeed, what happened?"
What happened is that the world is flat state, and you are free to displace models in violation of any perceived hierarchy because any such hierarchy is entirely artificial.
It's the same reason recursive function calls don't kill your computer in a puff of contradiction.
If you accept the mission, you must decline the mission. If you decline the mission, you have successfully completed the mission. Either way, your final status is contradictory.
Yeah.. Everybody always lies.. The only way to get or transfer the truth is to hook up(or read) brains (ideally neuron by neuron, and change the receiver's brains to reflect the same. :-P
If anyone is planning to use this they might want to review and clean up the dataset. It contains many fake spoilers, as well as non-sequitor obscenities and racist epithets.
If the file gets executed as a script, then __name__ == "__main__", hence L43:53 get executed in the top-level scope, which is also available in the lower levels. This isn't very good writing, since this code will throw exceptions when __name__ != "__main__" (i.e. when import-ing the file as a module), which misleadingly defeats the purpose of having that conditional there.
Ok, thanks, that makes sense. I knew that top-level variables are global, but didn't know that variables in __main__ share this property (which is e.g. different in the C language).
Usually people write an actual function called main(), and call it from the global level conditional, to avoid this oddness. The actual function called main() has no special meaning in python.
I'm always wondering why people prefix a question with the statement "quick question". Now is my chance to ask. Is the question typed quickly? Should I imagine you speaking it in a quick manner? Is it meant as "off topic question"? Do you expect an answer quickly? What does it mean when you prefix your question with the words "quick question"?
IME it's often used as a sort of sarcastic parody, to emphasise that the element of the person's statement being questioned hasn't been resolved and the whole situation is contingent on the answer.
For example, when PM May had finished presenting her new manifesto before the election one might ask "Quick question: how are you going to pay for all that?" to highlight the fact that no costings had been included and suggest you thought it was unrealistic (or hiding tax rises, or whatever).
"Quick question" is used genuinely too. One use appears to be "don't go too deep, give me a superficial answer".
In German you would use it to get a short answer to a short question, for example a yes/no question or when you ask about the time.
In practice the shortest answer possible with the notice that you are just looking for a quick answer without explanations. Normally you use it to let the other know that it will not take long and you don't want to disturb.
Now NMAP has to be rewriten to detect this crazy honey-potting style, by utilising "spoilers.json" file :) I love Python, I just implemented this in my HoneyPot added some connections-counters, statistic and alterting... Anyone want to have as free open-source on github? Let me know.
In an effort to explain what this does, I'd just like to point out how the grammar of the title is meant to be interpreted: [Avoid being scanned] [by spoiling movies] [on all your ports].
I have tried to parse this sentence 10 times and do not understand. Reading the Github README did not help at all. Can someone explain what is happening?
This is a short program that listens on a port and responds to any attempt to connect to that port by sending back movie spoilers. The idea being that anyone that tries to port-scan your machine will be punished by having all the twists in all the best movies revealed.
I did a killclient which would send back a malformed packet to any ssh handshake and kill the connecting client. This made the pentesters mad. Sending them spoilers will just make the sad, and not so mad.
It was a hack, I was getting a nice regular supply of probes from Brazillian addresses, connect to port 22, try 5 different passwords on several different ids ad naseum. So I hacked the openssh server to start mutating the response packets. (very trivial genetic programming where the 'fitness' function value was time to respond between calls, longer = better) That went on for a while until the mutated response was somewhere around 10K bytes and then the call would just stop. A couple of weeks after that I got DDOS'd from a Brazilian botnet. Fail2ban cleaned that up but in practical terms it was easier to just use fail2ban on all of that.
I think it sounds more complicated than it is, think of it as response fuzzing. It is exactly like trying to find vulnerabilities in servers by sending them fuzzed packets except in this case you're trying to find vulnerabilities in clients by returning a fuzzed packet.
Somewhat tangentially related: a long time ago, certain scanning tools would crash or otherwise not react well to getting a stream of /dev/urandom. You could consider this the more human version.
Looks like the service returns spoiler for movies when contacted on any port. The attacker would get annoyed if all they see is movie spoilers in the logs.
I had a server set to spew a full color ANSI Nyancat at you when you telneted in. When the Mirai botnet was in full swing, I was pushing 5+ Mbps of Nyancat down to peoples infected webcams and killing my servers CPU.