mirror of https://github.com/yunginnanet/HellPot
Implement useragent blacklisting as per #23
This commit is contained in:
parent
bbc1ac368e
commit
b6473d3593
11
README.md
11
README.md
|
@ -58,8 +58,8 @@ In the event of a missing configuration file, HellPot will attempt to place it's
|
|||
|
||||
666 ) 𝙏͘͝𝙝̓̓͛𝙚͑̈́̀ 𝙨͆͠͝𝙠͑̾͌𝙮̽͌͆ 𝙞̓̔̔𝙨͒͐͝ 𝙛͑̈́̚𝙖͛͒𝙡͑͆̽𝙡̾̚̚𝙞͋̒̒𝙣̾͛͝𝙜͒̒̀.́̔͝
|
||||
|
||||
## Example Config (toml)
|
||||
|
||||
## Configuration Reference
|
||||
|
||||
```toml
|
||||
[deception]
|
||||
# Used as "Server" HTTP header. Note that reverse proxies may hide this.
|
||||
|
@ -70,6 +70,10 @@ In the event of a missing configuration file, HellPot will attempt to place it's
|
|||
bind_addr = "127.0.0.1"
|
||||
bind_port = "8080"
|
||||
|
||||
# this contains a list of blacklisted useragent strings. (case sensitive)
|
||||
# clients with useragents containing any of these strings will receive "Not found" for any requests.
|
||||
uagent_string_blacklist = ["Cloudflare-Traffic-Manager", "curl"]
|
||||
|
||||
# Unix Socket Listener (will override default)
|
||||
unix_socket_path = "/var/run/hellpot"
|
||||
unix_socket_permissions = "0666"
|
||||
|
@ -88,8 +92,11 @@ In the event of a missing configuration file, HellPot will attempt to place it's
|
|||
debug = true
|
||||
# extra verbose (-vv)
|
||||
trace = false
|
||||
# JSON log files will be storn in the below directory.
|
||||
directory = "/home/kayos/.config/HellPot/logs/"
|
||||
# disable all color in console output. when using Windows this will default to true.
|
||||
nocolor = false
|
||||
# toggles the use of the current date as the names for new log files.
|
||||
use_date_filename = true
|
||||
|
||||
[performance]
|
||||
|
|
|
@ -158,7 +158,8 @@ func processOpts() {
|
|||
}
|
||||
// string slice options and their exported variables
|
||||
strSliceOpt := map[string]*[]string{
|
||||
"http.router.paths": &Paths,
|
||||
"http.router.paths": &Paths,
|
||||
"http.uagent_string_blacklist": &UseragentBlacklistMatchers,
|
||||
}
|
||||
// bool options and their exported variables
|
||||
boolOpt := map[string]*bool{
|
||||
|
|
|
@ -38,6 +38,11 @@ var (
|
|||
// if UseUnixSocket, also defined via our toml configuration file, is set to true.
|
||||
UnixSocketPath = ""
|
||||
UnixSocketPermissions uint32
|
||||
|
||||
// UseragentBlacklistMatchers contains useragent matches checked for with strings.Contains() that
|
||||
// prevent HellPot from firing off.
|
||||
// See: https://github.com/yunginnanet/HellPot/issues/23
|
||||
UseragentBlacklistMatchers []string
|
||||
)
|
||||
|
||||
// "performance"
|
||||
|
|
|
@ -32,6 +32,7 @@ var defOpts = map[string]map[string]interface{}{
|
|||
"unix_socket_permissions": "0666",
|
||||
"bind_addr": "127.0.0.1",
|
||||
"bind_port": "8080",
|
||||
|
||||
"router": map[string]interface{}{
|
||||
"catchall": false,
|
||||
"makerobots": true,
|
||||
|
@ -40,6 +41,9 @@ var defOpts = map[string]map[string]interface{}{
|
|||
"wp-login",
|
||||
},
|
||||
},
|
||||
"uagent_string_blacklist": []string{
|
||||
"Cloudflare-Traffic-Manager",
|
||||
},
|
||||
},
|
||||
"performance": {
|
||||
"restrict_concurrency": false,
|
||||
|
|
|
@ -3,7 +3,9 @@ package http
|
|||
import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"runtime"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/fasthttp/router"
|
||||
|
@ -31,11 +33,20 @@ func hellPot(ctx *fasthttp.RequestCtx) {
|
|||
}
|
||||
|
||||
remoteAddr := getRealRemote(ctx)
|
||||
|
||||
slog := log.With().
|
||||
Str("USERAGENT", string(ctx.UserAgent())).
|
||||
Str("REMOTE_ADDR", remoteAddr).
|
||||
Interface("URL", string(ctx.RequestURI())).Logger()
|
||||
|
||||
for _, denied := range config.UseragentBlacklistMatchers {
|
||||
if strings.Contains(string(ctx.UserAgent()), denied) {
|
||||
slog.Trace().Msg("Ignoring useragent")
|
||||
ctx.Error("Not found", http.StatusNotFound)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if config.Trace {
|
||||
slog = slog.With().Str("caller", path).Logger()
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue