Skip to content

My little SQLi HoneyPot

License

Notifications You must be signed in to change notification settings

punkeel/honeysql

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SQL HoneyPot

Introduction

A read-only honeypot that gets pwned easily. I use it to track automated behaviours, harvest common requests and detect patterns. Once an user has given me enough data, he wins a permanent IP ban.

Project Status

I won't be updating this project, I just wanted to open-source it.

It sould not be valuable anyway, so .... who cares? :D

Features

  • Read only database using SQLite
  • Detects wrong amount of lines or strange values, thanks to Reproducible Builds™
  • Uses Docker! Uses Node.js! Uses SQLite! Doesn't use Bitcoin yet 😢

Installation

To install:

$ docker run --rm --name my-honeysql -d -p 127.0.0.1:9000:8080 punkeel/honeysql

This exposes an HTTP server on your local address, port 9000. Feel free to redirect requests to it :-)

To follow the logs in real-time:

$ docker logs -f my-honeysql
npm info it worked if it ends with ok
npm info using [email protected]
npm info using [email protected]
npm info lifecycle [email protected]~prestart: [email protected]
npm info lifecycle [email protected]~start: [email protected]

> [email protected] start /usr/src/app
> node index.js

Unexpected rows.length:20, expected 1 with id=<1 or id<20> from ::ffff:10.8.0.4
Unexpected rows.length:1000, expected 1 with id=<1 or 1> from ::ffff:10.8.0.4
...

To stop it: (you shouldn't, really. HoneySQL is great for your health.)

$ rm -rf /

If the latter command did not work, try this one:

$ docker stop my-honeysql

About

My little SQLi HoneyPot

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published