mirror of https://github.com/yunginnanet/HellPot
Merge pull request #32 (development -> master)
This commit is contained in:
commit
41c6a0a3dd
13
README.md
13
README.md
|
@ -8,7 +8,7 @@ HellPot is an endless honeypot based on [Heffalump](https://github.com/carlmjohn
|
|||
|
||||
Notably it implements a [toml configuration file](https://github.com/spf13/viper), has [JSON logging](https://github.com/rs/zerolog), and comes with significant performance gains.
|
||||
|
||||
![Exploding Heffalump](hellgif.gif)
|
||||
![Exploding Heffalump](https://tcp.ac/i/H8O9M.gif)
|
||||
|
||||
## Grave Consequences
|
||||
|
||||
|
@ -58,8 +58,8 @@ In the event of a missing configuration file, HellPot will attempt to place it's
|
|||
|
||||
666 ) 𝙏͘͝𝙝̓̓͛𝙚͑̈́̀ 𝙨͆͠͝𝙠͑̾͌𝙮̽͌͆ 𝙞̓̔̔𝙨͒͐͝ 𝙛͑̈́̚𝙖͛͒𝙡͑͆̽𝙡̾̚̚𝙞͋̒̒𝙣̾͛͝𝙜͒̒̀.́̔͝
|
||||
|
||||
## Example Config (toml)
|
||||
|
||||
## Configuration Reference
|
||||
|
||||
```toml
|
||||
[deception]
|
||||
# Used as "Server" HTTP header. Note that reverse proxies may hide this.
|
||||
|
@ -70,6 +70,10 @@ In the event of a missing configuration file, HellPot will attempt to place it's
|
|||
bind_addr = "127.0.0.1"
|
||||
bind_port = "8080"
|
||||
|
||||
# this contains a list of blacklisted useragent strings. (case sensitive)
|
||||
# clients with useragents containing any of these strings will receive "Not found" for any requests.
|
||||
uagent_string_blacklist = ["Cloudflare-Traffic-Manager", "curl"]
|
||||
|
||||
# Unix Socket Listener (will override default)
|
||||
unix_socket_path = "/var/run/hellpot"
|
||||
unix_socket_permissions = "0666"
|
||||
|
@ -88,8 +92,11 @@ In the event of a missing configuration file, HellPot will attempt to place it's
|
|||
debug = true
|
||||
# extra verbose (-vv)
|
||||
trace = false
|
||||
# JSON log files will be storn in the below directory.
|
||||
directory = "/home/kayos/.config/HellPot/logs/"
|
||||
# disable all color in console output. when using Windows this will default to true.
|
||||
nocolor = false
|
||||
# toggles the use of the current date as the names for new log files.
|
||||
use_date_filename = true
|
||||
|
||||
[performance]
|
||||
|
|
|
@ -158,7 +158,8 @@ func processOpts() {
|
|||
}
|
||||
// string slice options and their exported variables
|
||||
strSliceOpt := map[string]*[]string{
|
||||
"http.router.paths": &Paths,
|
||||
"http.router.paths": &Paths,
|
||||
"http.uagent_string_blacklist": &UseragentBlacklistMatchers,
|
||||
}
|
||||
// bool options and their exported variables
|
||||
boolOpt := map[string]*bool{
|
||||
|
|
|
@ -2,7 +2,7 @@ package config
|
|||
|
||||
const (
|
||||
// Version roughly represents the applications current version.
|
||||
Version = "0.3.1"
|
||||
Version = "0.4.0"
|
||||
// Title is the name of the application used throughout the configuration process.
|
||||
Title = "HellPot"
|
||||
)
|
||||
|
@ -38,6 +38,11 @@ var (
|
|||
// if UseUnixSocket, also defined via our toml configuration file, is set to true.
|
||||
UnixSocketPath = ""
|
||||
UnixSocketPermissions uint32
|
||||
|
||||
// UseragentBlacklistMatchers contains useragent matches checked for with strings.Contains() that
|
||||
// prevent HellPot from firing off.
|
||||
// See: https://github.com/yunginnanet/HellPot/issues/23
|
||||
UseragentBlacklistMatchers []string
|
||||
)
|
||||
|
||||
// "performance"
|
||||
|
|
|
@ -32,6 +32,7 @@ var defOpts = map[string]map[string]interface{}{
|
|||
"unix_socket_permissions": "0666",
|
||||
"bind_addr": "127.0.0.1",
|
||||
"bind_port": "8080",
|
||||
|
||||
"router": map[string]interface{}{
|
||||
"catchall": false,
|
||||
"makerobots": true,
|
||||
|
@ -40,6 +41,9 @@ var defOpts = map[string]map[string]interface{}{
|
|||
"wp-login",
|
||||
},
|
||||
},
|
||||
"uagent_string_blacklist": []string{
|
||||
"Cloudflare-Traffic-Manager",
|
||||
},
|
||||
},
|
||||
"performance": {
|
||||
"restrict_concurrency": false,
|
||||
|
|
4
go.mod
4
go.mod
|
@ -4,10 +4,10 @@ go 1.18
|
|||
|
||||
require (
|
||||
git.tcp.direct/kayos/common/squish v0.0.0-20220210125455-40e3d2190a52
|
||||
github.com/fasthttp/router v1.4.8
|
||||
github.com/fasthttp/router v1.4.9
|
||||
github.com/rs/zerolog v1.26.1
|
||||
github.com/spf13/viper v1.11.0
|
||||
github.com/valyala/fasthttp v1.35.0
|
||||
github.com/valyala/fasthttp v1.36.0
|
||||
)
|
||||
|
||||
require (
|
||||
|
|
9
go.sum
9
go.sum
|
@ -60,15 +60,14 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m
|
|||
github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po=
|
||||
github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
|
||||
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
||||
github.com/fasthttp/router v1.4.8 h1:4zj4sAzXibjA6ZW19MdMe3GaYD1SM+TXrMLzHcVMBOI=
|
||||
github.com/fasthttp/router v1.4.8/go.mod h1:UUtJdXFYlqYRQ32EAtWOvNYIZ1XfyC5JJIknWai6foI=
|
||||
github.com/fasthttp/router v1.4.9 h1:8s1HEqP+GvsC2B8vPdLAPHJegs4s28z7UsraPuHM1K8=
|
||||
github.com/fasthttp/router v1.4.9/go.mod h1:oWPrQCi9QOrzxKC+rZuliS1+JhYj2bpR01J6T8vUDUQ=
|
||||
github.com/fsnotify/fsnotify v1.5.1 h1:mZcQUHVQUQWoPXXtuf9yuEXKudkV2sx1E06UadKWpgI=
|
||||
github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU=
|
||||
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
|
||||
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||
github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
|
||||
github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
|
||||
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
||||
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||
|
@ -181,8 +180,8 @@ github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s
|
|||
github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
|
||||
github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
|
||||
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
|
||||
github.com/valyala/fasthttp v1.35.0 h1:wwkR8mZn2NbigFsaw2Zj5r+xkmzjbrA/lyTmiSlal/Y=
|
||||
github.com/valyala/fasthttp v1.35.0/go.mod h1:t/G+3rLek+CyY9bnIE+YlMRddxVAAGjhxndDB4i4C0I=
|
||||
github.com/valyala/fasthttp v1.36.0 h1:NhqfO/cB7Ajn1czkKnWkMHyPYr5nyND14ZGPk23g0/c=
|
||||
github.com/valyala/fasthttp v1.36.0/go.mod h1:t/G+3rLek+CyY9bnIE+YlMRddxVAAGjhxndDB4i4C0I=
|
||||
github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc=
|
||||
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
|
|
BIN
hellgif.gif
BIN
hellgif.gif
Binary file not shown.
Before Width: | Height: | Size: 935 KiB |
|
@ -3,7 +3,9 @@ package http
|
|||
import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"runtime"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/fasthttp/router"
|
||||
|
@ -31,11 +33,20 @@ func hellPot(ctx *fasthttp.RequestCtx) {
|
|||
}
|
||||
|
||||
remoteAddr := getRealRemote(ctx)
|
||||
|
||||
slog := log.With().
|
||||
Str("USERAGENT", string(ctx.UserAgent())).
|
||||
Str("REMOTE_ADDR", remoteAddr).
|
||||
Interface("URL", string(ctx.RequestURI())).Logger()
|
||||
|
||||
for _, denied := range config.UseragentBlacklistMatchers {
|
||||
if strings.Contains(string(ctx.UserAgent()), denied) {
|
||||
slog.Trace().Msg("Ignoring useragent")
|
||||
ctx.Error("Not found", http.StatusNotFound)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if config.Trace {
|
||||
slog = slog.With().Str("caller", path).Logger()
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue