{"id":13481770,"url":"https://github.com/betheroot/sticky_elephant","last_synced_at":"2025-03-27T12:31:29.943Z","repository":{"id":59156492,"uuid":"84689839","full_name":"betheroot/sticky_elephant","owner":"betheroot","description":"medium interaction postgresql honeypot","archived":false,"fork":false,"pushed_at":"2024-08-06T17:17:05.000Z","size":67,"stargazers_count":10,"open_issues_count":0,"forks_count":5,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-10-06T22:19:05.033Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/betheroot.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-03-12T00:44:19.000Z","updated_at":"2024-09-21T11:29:26.000Z","dependencies_parsed_at":"2022-09-13T20:11:10.302Z","dependency_job_id":null,"html_url":"https://github.com/betheroot/sticky_elephant","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/betheroot%2Fsticky_elephant","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/betheroot%2Fsticky_elephant/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/betheroot%2Fsticky_elephant/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/betheroot%2Fsticky_elephant/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/betheroot","download_url":"https://codeload.github.com/betheroot/sticky_elephant/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222251892,"owners_count":16955922,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T17:00:55.445Z","updated_at":"2024-10-30T15:31:25.121Z","avatar_url":"https://github.com/betheroot.png","language":"Ruby","readme":"# Sticky Elephant\n\nSticky Elephant is a [medium-interaction](https://pdfs.semanticscholar.org/9d46/8fa983b844c76a07b1e3ea63d6f7a9cae294.pdf)\nPostgreSQL honeypot.\n\n```\nsticky_elephant [options]\n    -c, --config CONFIG              Configuration file to read\n    -h, --help                       Display this screen\n```\n\n## Usage\n\nEither install the gem and\n```\n% sticky_elephant\n```\n\nor clone the repo and\n\n```\n% ./bin/sticky_elephant\n```\n\n## Configuration\n`sticky_elephant.conf` is a YAML file that defines Sticky Elephant's behavior.\nYou can tell Sticky Elephant what configuration file to use with `-c`.  The\nconfiguration file looks like this:\n\n```\n:log_path: \"./sticky_elephant.log\"\n:port: 5432\n:host: 0.0.0.0\n:debug: true\n:abort_on_exception: false\n:use_hpf: true\n:hpf_host: 127.0.0.1\n:hpf_port: 10000\n:hpf_ident: 24b6875e-03f1-4c2a-b5b0-11af1f49e2bb\n:hpf_secret: woofwoofcharlesisagooddog\n```\n`host` and `port` define the host address and port to which Sticky Elephant\nshould bind.  `log_path` is the log to which Sticky Elephant will write.  Do\nnote that HPFeeds logs go to `stdout` and are separate from Sticky Elephant\napplication logs.  `debug` turns on debug-level logging; `abort_on_exception`\nkills threads when they encounter an exception.  The `hpf`-prefixed options are\nfor configuring the HPFeeds server to which Sticky Elephant should report\nqueries and connections.\n\n## Installation\n\nYou can just run sticky_elephant in a tmux session, that certainly works. If you\nprefer to set things up a bit nicer, make a `sticky_elephant` user and give them\na home directory.  Put your config file in\n`/etc/sticky_elephant/sticky_elephant.conf` and ensure that the\n`sticky_elephant` user can read it.  Then you can use this systemd service\ndefinition to run sticky_elephant at boot:\n```\n[Unit]\nDescription=sticky_elephant postgres honeypot\nDocumentation=https://github.com/ffleming/sticky_elephant\nAfter=network.target\n\n[Service]\nWorkingDirectory=/home/sticky_elephant/\nUser=sticky_elephant\nExecStart=/usr/local/bin/sticky_elephant -c /etc/sticky_elephant/sticky_elephant.conf\nSyslogIdentifier=sticky_elephant\nStandardOutput=syslog\nStandardError=syslog\nExecReload=/bin/kill -HUP $MAINPID\nRestart=on-failure\nKillMode=process\n\n[Install]\nWantedBy=default.target\nAlias=sticky_elephant.service\n```\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.\n\nTo install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at https://github.com/betheroot/sticky_elephant.\n\n## To do\n* Support [md5 authentication](https://www.postgresql.org/docs/9.6/static/auth-methods.html)\n* Anti-fingerprinting\n    * Mimic commands\n        * `\\l`\n        * `\\d`\n        * `\\dt`\n* Log user-selected database in handshake\n* Remove argument to `Payload#to_s`\n* Break up `Payload` into separate objects\n","funding_links":[],"categories":["Honeypots","\u003ca id=\"a53d22b9c5d09dc894413453f4755658\"\u003e\u003c/a\u003e未分类"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbetheroot%2Fsticky_elephant","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbetheroot%2Fsticky_elephant","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbetheroot%2Fsticky_elephant/lists"}