{"id":13481822,"url":"https://github.com/bjeborn/basic-auth-pot","last_synced_at":"2025-03-27T12:31:36.008Z","repository":{"id":25606036,"uuid":"29041093","full_name":"bjeborn/basic-auth-pot","owner":"bjeborn","description":"bap - http Basic Authentication honeyPot","archived":false,"fork":false,"pushed_at":"2015-01-15T05:45:18.000Z","size":144,"stargazers_count":45,"open_issues_count":0,"forks_count":5,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-08-01T17:30:35.611Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bjeborn.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-01-10T00:05:44.000Z","updated_at":"2024-07-03T13:26:26.000Z","dependencies_parsed_at":"2022-07-26T09:48:10.201Z","dependency_job_id":null,"html_url":"https://github.com/bjeborn/basic-auth-pot","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bjeborn%2Fbasic-auth-pot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bjeborn%2Fbasic-auth-pot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bjeborn%2Fbasic-auth-pot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bjeborn%2Fbasic-auth-pot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bjeborn","download_url":"https://codeload.github.com/bjeborn/basic-auth-pot/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222251940,"owners_count":16955930,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T17:00:56.214Z","updated_at":"2024-10-30T15:31:27.239Z","avatar_url":"https://github.com/bjeborn.png","language":"Python","funding_links":[],"categories":["Honeypots","\u003ca name=\"honeypots\"\u003e\u003c/a\u003e Honeypots","\u003ca id=\"a53d22b9c5d09dc894413453f4755658\"\u003e\u003c/a\u003e未分类"],"sub_categories":[],"readme":"# bap - http Basic Authentication honeyPot\n\n## About\nbap is a webservice honeypot that logs HTTP basic authentication credentials in a \"parser friendly format\"\u0026trade;.\n\nThe webservice handles HEAD and GET requests, to which it always responds with 401 WWW-Authenticate: Basic realm=\"ADMIN\".  \nHTTP request methods other than HEAD or GET will result in an error response generated by BaseHTTPServer.  \nThere is no valid username / password for the service. Credentials are only decoded and logged.  \n\n## Configuration\nConfigure HTTP_ADDR and HTTP_PORT in bap.py.  \nLeaving HTTP_ADDR as empty string binds to all interfaces and addresses.  \nDefault is to bind to *:8080  \n\n## Running\n`bap.py` starts bap in the foreground.  \n`start-bap-debian.sh` uses `start-stop-daemon` to start bap in the background.  \n`stop-bap-debian.sh` stops the background service.  \n\nDo not run bap as root.  \nTo listen on a privileged port (80), use port redirection.  \n\n## Logging\nLogfiles are written to the same directory as bap.py.\n\n### pot.log - Authentication honeypot log\n`Format:  [Date Time] Client_address:Client_port Auth_method Decoded_auth_string`  \n`Ex: [2015-01-09 19:59:43,516] 192.168.99.99:12345 Basic user:pass`  \nClient_address and Client_port: Source of the request.  \nAuth_method: Parameter 1 from the authenticate request header. Is always Basic.  \nDecoded_auth_string: Base64 decoded version of parameter 2 from the authenticate request header.  \n\n### access.log - Server access log\n`Format: [Date Time] Client_address:Client_port \"Request_string\" Response_code \"User-Agent_string\"`  \n`Ex: [2015-01-09 19:59:43,508] 192.168.99.99:12345 \"GET / HTTP/1.1\" 401 \"curl/7.38.0\"`  \nClient_address and Client_port: Source of the request.  \nRequest_string: Request received from the client, enclosed by `\"`.  \nResponse_code: Response code sent to the client.  \nUser-agent_string: User-agent header received from the client, enclosed by `\"`.  \n*Note: Double quotes received from clients are escaped with `\\`.*\n\n### error.log - Server error log\n`Format: [Date Time] Client_address:Client_port Error_message`  \n`Ex 1: [2015-01-09 19:59:45,406] 192.168.99.99:12346 code 501, message Unsupported method ('TRACE')`  \n`Ex 2: [2015-01-09 19:59:46,350] 192.168.99.99:12347 DecodeFailure abc123`  \nClient_address and Client_port: Source of the request.  \nError_message: Description of the error.  \nUnsupported method occurs when the client request method is anything else than GET or HEAD.  \nDecodeFailure occurs when the client send basic authenticate and parameter 2 is not valid base64 encoded data.  \n\n### bap.log - Program output log\nstdout and stderr ends up here.\n\n## Notes\n- A Request that trigger an error will receive the error code + message in the response header, for example \"501 Unsupported method ('TRACE')\".  \n  It would be sufficent to send the code + a generic message, or just the code without any message.\n- The value user:pass in pot.log can contain multiple ':' chars. This could lead to parsing issues when trying to separate user and pass.\n- Logs can contain escaped double quotes. Double quotes received from clients are escaped with `\\` before being logged.\n- bap.log has no time of log events. Logging of exceptions make timestamping a bit complicated. Use traceback class to fix this?\n- Logfiles are not rotated.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbjeborn%2Fbasic-auth-pot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbjeborn%2Fbasic-auth-pot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbjeborn%2Fbasic-auth-pot/lists"}