Dionaea 0.6.0 has been released with new features and some bugfixes.
The main focus of this release is the MySQL service. A new variable handler has been introduced to make responses more realistic. Also the query parser has been improved to find and extract download URLs and to extract hex encoded binaries
Some times the first stage of an exploit is just an simple download script in VBScript or PowerShell. Dionaea can detect the type of the script and tries to extract and download all URLs.
Template for HTTP
Dionaea already has an HTTP service but from time to time it is to unflexible to emulate different kinds of services. Thats why it is now possible to use Jinja2 templates to customize the look and feel of your HTTP service.
This is a very basic service. It just opens a new port and listens for incoming data.
- Website: dionaea on GitHub (English)