Skip to content

Simple honeypot that logs access attempts on web server directories

License

Notifications You must be signed in to change notification settings

urbanware-org/honeypot-wasp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 

Repository files navigation

honeypot-wasp

Table of contents


Definition

Simple honeypot that logs access attempts on web server directories.

For an enhanced version with a fake username and password prompt see honeypot-hornet.

Top

Details

Many websites provide administrative access to a management interface for the webmaster, mostly via a sub-directory called /admin and also /login.

In case your website does not have such a directory (or with a different name), you can create a fake one and use this honeypot to see the access attempts.

Top

Usage

Installation

Installing the honeypot is simple.

  1. Edit honeypot-wasp.php and change the name of the log file to something less guessable than logfile.txt.

    $file = 'logfile.txt';
  2. Create an empty text file with that name.

  3. Rename honeypot-wasp.php to index.php or index.html.

  4. Create the desired directory where you want to install the honeypot on your web server, e.g. /admin.

  5. Upload the renamed file as well as the empty text file into that directory.

Function test

Use your web browser to navigate to the directory on your website which contains the honeypot file. The page will return code 500 (Internal server error).

After that, the attempted access has been logged into the given log file. For example:

[2018-04-28 - 09:42:10] Attempt to access 'https://www.foo.bar/admin'
[2018-04-28 - 09:42:10] IP address: 192.168.1.2
[2018-04-28 - 09:42:10] User agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36

Top

Contact

Any suggestions, questions, bugs to report or feedback to give?

You can contact me by sending an email to [email protected].

Top

About

Simple honeypot that logs access attempts on web server directories

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages