mirror of https://github.com/yunginnanet/HellPot synced 2024-06-27 08:18:03 +00:00

HellPot is an endless honeypot that sends bots to hell. Based on Heffalump.

Go to file

kayos@tcp.direct a8681365a9 Update license		2022-04-08 18:32:25 -07:00
.github	Create dependabot.yml	2021-11-16 22:32:07 -08:00
cmd/HellPot	Ease of Suffering: rename main.go	2021-10-16 02:13:54 -07:00
config	Fix: silly syntax fail	2022-03-06 12:17:38 -08:00
extra	Clean up	2021-11-14 14:06:15 -08:00
heffalump	Clean up	2021-11-14 14:06:15 -08:00
http	Logging: implement trace level	2022-03-06 12:15:17 -08:00
.gitignore	Update README.md & .gitignore	2022-03-06 12:15:17 -08:00
go.mod	Bump github.com/fasthttp/router from 1.4.7 to 1.4.8	2022-04-06 23:01:13 +00:00
go.sum	Bump github.com/fasthttp/router from 1.4.7 to 1.4.8	2022-04-06 23:01:13 +00:00
hellgif.gif	update readme, implement new configuration directives	2021-06-11 16:25:56 -07:00
LICENSE	Update license	2022-04-08 18:32:25 -07:00
README.md	Update README.md & .gitignore	2022-03-06 12:15:17 -08:00

README.md

HellPot

Summary

HellPot is an endless honeypot based on Heffalump that sends unruly HTTP bots to hell.

Notably it implements a toml configuration file, has JSON logging, and comes with significant performance gains.

Grave Consequences

Clients (hopefully bots) that disregard robots.txt and connect to your instance of HellPot will suffer eternal consequences.

HellPot will send an infinite stream of data that is just close enough to being a real website that they might just stick around until their soul is ripped apart and they cease to exist.

Under the hood of this eternal suffering is a markov engine that chucks bits and pieces of The Birth of Tragedy (Hellenism and Pessimism) by Friedrich Nietzsche at the client using fasthttp.

Compilation

HellPot should probably be built with Go version 1.17 or higher.

HellPot uses go modules. This should make it dead simple to build with a stock Go installation.

1 ) git clone https://github.com/yunginnanet/HellPot

2 ) cd HellPot

4 ) go build cmd/HellPot/HellPot.go

5 ) Consider the potential grave consequences of your actions.

Usage

YOLO Method:

In the event of a missing configuration file, HellPot will attempt to place it's default config in $HOME/.config/HellPot/config.toml. This allows irresponsible souls to begin raining hellfire with ease, immediately:

1 ) Download a compiled release

2 ) Run binary and immedidately begin sending clients directly to hell.

Reasonable Method:

1 ) Configure webserver as reverse proxy (see below)

2 ) ./HellPot --genconfig

3 ) Edit your newly generated config.toml as desired.

4 ) Ponder your ~~existence~~ server's ability to handle your chosen performance values.

5 ) ./HellPot -c config.toml

666 ) 𝙏͘͝𝙝̓̓͛𝙚͑̈́̀ 𝙨͆͠͝𝙠͑̾͌𝙮̽͌͆ 𝙞̓̔̔𝙨͒͐͝ 𝙛͑̈́̚𝙖͛͒𝙡͑͆̽𝙡̾̚̚𝙞͋̒̒𝙣̾͛͝𝙜͒̒̀.́̔͝

Example Config (toml)

[http]
  # TCP Listener (default)
  bind_addr = "127.0.0.1"
  bind_port = "8080"
  paths = ["wp-login.php","wp-login"]

  # Unix Socket Listener (will override default)
  use_unix_socket = false
  unix_socket = "/var/run/hellpot"

[logger]
  debug = true
  directory = "/home/kayos/.config/HellPot/logs/"
  nocolor = false
  use_date_filename = true

[performance]
  # max_workers is only valid if restrict_concurrency is true
  restrict_concurrency = false
  max_workers = 256
  
[deception]
  # Used as "Server: " header (if not proxied)
  server_name = "nginx"

Example Web Server Config (nginx)

location '/robots.txt' {
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_pass http://127.0.0.1:8080$request_uri;
}  

location '/wp-login.php' {
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_pass http://127.0.0.1:8080$request_uri;
}