2021-09-15 19:55:48 +00:00
# HellPot
2021-10-16 09:07:19 +00:00
## Summary
2021-09-15 19:55:48 +00:00
2021-10-16 09:07:19 +00:00
HellPot is an endless honeypot based on [Heffalump ](https://github.com/carlmjohnson/heffalump ) that sends unruly HTTP bots to hell.
Notably it implements a [toml configuration file ](https://github.com/spf13/viper ), has [JSON logging ](https://github.com/rs/zerolog ), and comes with significant performance gains.
[](https://godoc.org/github.com/yunginnanet/HellPot) [](https://goreportcard.com/report/github.com/yunginnanet/HellPot) [](ircs://ircd.chat:6697/#tcpdirect)
2021-06-11 23:25:45 +00:00
2021-10-16 09:07:19 +00:00
2021-06-11 23:25:45 +00:00
2021-10-16 09:07:19 +00:00
## Grave Consequences
2021-06-11 23:25:45 +00:00
2021-10-16 09:07:19 +00:00
Clients (hopefully bots) that disregard `robots.txt` and connect to your instance of HellPot will **suffer eternal consequences** .
2021-06-11 23:25:45 +00:00
2021-10-16 09:07:19 +00:00
HellPot will send an infinite stream of data that is *just close enough* to being a real website that they might just stick around until their soul is ripped apart and they cease to exist.
2021-06-12 00:48:01 +00:00
2021-10-16 09:07:19 +00:00
Under the hood of this eternal suffering is a markov engine that chucks bits and pieces of [The Birth of Tragedy (Hellenism and Pessimism) ](https://www.gutenberg.org/files/51356/51356-h/51356-h.htm ) by Friedrich Nietzsche at the client using [fasthttp ](https://github.com/valyala/fasthttp ).
2016-12-11 01:38:18 +00:00
2021-10-16 09:07:19 +00:00
## Compilation
2016-12-11 01:38:18 +00:00
2021-10-16 09:07:19 +00:00
HellPot should probably be built with Go version 1.17 or higher.
HellPot uses [go modules ](https://go.dev/blog/using-go-modules ). This should make it dead simple to build with a stock Go installation.
1 ) `git clone https://github.com/yunginnanet/HellPot`
2 ) `cd HellPot`
4 ) `go build cmd/HellPot/HellPot.go`
5 ) *Consider the potential grave consequences of your actions.*
## Usage
### YOLO Method:
In the event of a missing configuration file, HellPot will attempt to place it's default config in
* ) ** $HOME/.config/HellPot/config.toml** (*nix)
or
* ) ** ./** (windows).
This allows irresponsible souls to begin raining hellfire with ease, ** *immediately***.
The fastest, *spookiest* way to do so:
1 ) Download a [compiled release ](https://github.com/yunginnanet/HellPot/releases/latest )
2 ) Run binary and immedidately begin sending clients directly to hell.
### Reasonable Method:
1 ) Configure webserver as reverse proxy (see below)
2 ) `./HellPot --genconfig `
3 ) Edit your newly generated `config.toml` as desired.
4 ) Ponder your ~~existence~~ server's ability to handle your chosen performance values.
5 ) *...* Edit `config.toml` again and probably lower concurrency limits.
6 ) ./HellPot -c config.toml
7 ) The sky is falling.
## Example Config (toml)
2021-06-12 00:15:02 +00:00
```
2021-09-15 19:33:42 +00:00
[http]
2021-09-15 19:55:48 +00:00
# TCP Listener (default)
2021-09-15 19:33:42 +00:00
bind_addr = "127.0.0.1"
bind_port = "8080"
paths = ["wp-login.php","wp-login"]
2021-09-15 19:55:48 +00:00
# Unix Socket Listener (will override default)
2021-09-15 19:33:42 +00:00
use_unix_socket = false
2021-09-15 19:55:48 +00:00
unix_socket = "/var/run/hellpot"
2021-06-12 00:15:02 +00:00
[logger]
2021-09-15 19:33:42 +00:00
debug = true
directory = "/home/kayos/.config/HellPot/logs/"
nocolor = false
use_date_filename = true
[performance]
# max_workers is only valid if restrict_concurrency is true
restrict_concurrency = false
max_workers = 256
2021-09-15 19:55:48 +00:00
[deception]
# Used as "Server: " header (if not proxied)
server_name = "nginx"
2021-06-12 00:15:02 +00:00
```
2021-10-16 09:07:19 +00:00
## Example Web Server Config (nginx)
```
location '/robots.txt' {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8080$request_uri;
}
location '/wp-login.php' {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8080$request_uri;
}
```
