CanadianJeff/sampleoutput.txt

## sampleoutput.txt
2016-08-18 20:27:32.607000 New connection: 52.202.215.126:38674 (ec2-52-202-215-126.compute-1.amazonaws.com)
2016-08-18 20:27:32.611000 IP: 52.202.215.126 CITY: Ashburn
2016-08-18 20:27:32.615000 IP: 52.202.215.126 REGION: Virginia
2016-08-18 20:27:32.616000 IP: 52.202.215.126 COUNTRY: US
2016-08-18 20:27:32.618000 IP: 52.202.215.126 ORG: AS14618 Amazon.com, Inc.
2016-08-18 20:27:35.721000 IP: 52.202.215.126 PORT: 80 (open)
2016-08-18 20:27:39.723000 IP: 52.202.215.126 SCAN FINISHED IN 0:00:07.103000 SECONDS

## telnetpot.py
#!/usr/bin/python

import re
import json
from urllib2 import urlopen
import socket
import subprocess
import SocketServer
import sys, os, random, time, socket, thread, binascii
from datetime import datetime

class MyTCPHandler(SocketServer.BaseRequestHandler):

    def handle(self):
        #self.data = self.request.recv(1024)
        puttypath = 'C:\Program Files (x86)\PuTTY\PuTTY.exe'
        remoteip = self.client_address[0]
        remoteport = self.client_address[1]
        url = 'http://ipinfo.io/{}/json/'.format(remoteip)
        response = urlopen(url)
        data = json.load(response)

        org=data['org'].encode('utf-8')
        city=data['city'].encode('utf-8')
        country=data['country'].encode('utf-8')
        region=data['region'].encode('utf-8')
        hostname=data['hostname'].encode('utf-8')

        if hostname == 'No Hostname':
            logger("New connection: {}:{}".format(remoteip, remoteport))
        else:
            logger("New connection: {}:{} ({})".format(remoteip, remoteport, hostname))

        if city != '':
            logger("IP: {} CITY: {}".format(remoteip, city))

        if region != '':
            logger("IP: {} REGION: {}".format(remoteip, region))

        logger("IP: {} COUNTRY: {}".format(remoteip, country))
        logger("IP: {} ORG: {}".format(remoteip, org))

        # port scan remote host
        t1 = datetime.now()
        ports = ['21', '22', '23', '80', '1080', '8000', '8080', '10000']
        for port in ports:
            port = int(port)
            #uncomment next line for verbose log
            #logger("SCANNING PORT {}".format(port))
            sock = None
            if sock is None:
                sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                sock.settimeout(1)
                conn = sock.connect_ex((remoteip, port))
                if (conn == 0):
                    portstate = 'open'
                    sock.close()
                    logger("IP: {} PORT: {} ({})".format(remoteip, port, portstate))
                    if port == int(23):
                        args = "{} {} -telnet".format(puttypath, remoteip)
                        p = subprocess.Popen(args)
            else:
                logger("ERROR CREATING SOCKET!")
        t2 = datetime.now()
        totaltime = t2 - t1

        logger("IP: {} SCAN FINISHED IN {} SECONDS".format(remoteip, totaltime))

if __name__ == "__main__":

    def logger(x):
        now = datetime.now()
        t = now.strftime("%Y-%m-%d %H:%M:%S.%f") + " "
        print (t + x)

    HOST, PORT = "0.0.0.0", 23
    server = SocketServer.TCPServer((HOST, PORT), MyTCPHandler)
    server.serve_forever()
	2016-08-18 20:27:32.607000 New connection: 52.202.215.126:38674 (ec2-52-202-215-126.compute-1.amazonaws.com)
	2016-08-18 20:27:32.611000 IP: 52.202.215.126 CITY: Ashburn
	2016-08-18 20:27:32.615000 IP: 52.202.215.126 REGION: Virginia
	2016-08-18 20:27:32.616000 IP: 52.202.215.126 COUNTRY: US
	2016-08-18 20:27:32.618000 IP: 52.202.215.126 ORG: AS14618 Amazon.com, Inc.
	2016-08-18 20:27:35.721000 IP: 52.202.215.126 PORT: 80 (open)
	2016-08-18 20:27:39.723000 IP: 52.202.215.126 SCAN FINISHED IN 0:00:07.103000 SECONDS
	#!/usr/bin/python

	import re
	import json
	from urllib2 import urlopen
	import socket
	import subprocess
	import SocketServer
	import sys, os, random, time, socket, thread, binascii
	from datetime import datetime

	class MyTCPHandler(SocketServer.BaseRequestHandler):

	def handle(self):
	#self.data = self.request.recv(1024)
	puttypath = 'C:\Program Files (x86)\PuTTY\PuTTY.exe'
	remoteip = self.client_address[0]
	remoteport = self.client_address[1]
	url = 'http://ipinfo.io/{}/json/'.format(remoteip)
	response = urlopen(url)
	data = json.load(response)

	org=data['org'].encode('utf-8')
	city=data['city'].encode('utf-8')
	country=data['country'].encode('utf-8')
	region=data['region'].encode('utf-8')
	hostname=data['hostname'].encode('utf-8')

	if hostname == 'No Hostname':
	logger("New connection: {}:{}".format(remoteip, remoteport))
	else:
	logger("New connection: {}:{} ({})".format(remoteip, remoteport, hostname))

	if city != '':
	logger("IP: {} CITY: {}".format(remoteip, city))

	if region != '':
	logger("IP: {} REGION: {}".format(remoteip, region))

	logger("IP: {} COUNTRY: {}".format(remoteip, country))
	logger("IP: {} ORG: {}".format(remoteip, org))

	# port scan remote host
	t1 = datetime.now()
	ports = ['21', '22', '23', '80', '1080', '8000', '8080', '10000']
	for port in ports:
	port = int(port)
	#uncomment next line for verbose log
	#logger("SCANNING PORT {}".format(port))
	sock = None
	if sock is None:
	sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	sock.settimeout(1)
	conn = sock.connect_ex((remoteip, port))
	if (conn == 0):
	portstate = 'open'
	sock.close()
	logger("IP: {} PORT: {} ({})".format(remoteip, port, portstate))
	if port == int(23):
	args = "{} {} -telnet".format(puttypath, remoteip)
	p = subprocess.Popen(args)
	else:
	logger("ERROR CREATING SOCKET!")
	t2 = datetime.now()
	totaltime = t2 - t1

	logger("IP: {} SCAN FINISHED IN {} SECONDS".format(remoteip, totaltime))

	if __name__ == "__main__":

	def logger(x):
	now = datetime.now()
	t = now.strftime("%Y-%m-%d %H:%M:%S.%f") + " "
	print (t + x)

	HOST, PORT = "0.0.0.0", 23
	server = SocketServer.TCPServer((HOST, PORT), MyTCPHandler)
	server.serve_forever()