Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/pwnlandia/shockpot

WebApp Honeypot for detecting Shell Shock exploit attempts
https://github.com/pwnlandia/shockpot

Last synced: 3 months ago
JSON representation

WebApp Honeypot for detecting Shell Shock exploit attempts

Lists

README 

        
# Shockpot



Shockpot is a web app honeypot designed to find attackers attempting to exploit the

Bash remote code vulnerability, CVE-2014-6271.



Shockpot can be run as a standalone honypot or easily deployed by Modern Honey Network (MHN): http://github.com/Pwnlandia/mhn



## Installation



```

virtualenv env

. env/bin/activate

pip install -r requirements.txt 

```



## Configuration



Edit shockpot.conf



```

[server]

host = 0.0.0.0

port = 8080



[headers]

server = Apache/2.0.55 (Debian) PHP/5.1.2-1+b1 mod_ssl/2.0.55 OpenSSL/0.9.8b



[hpfeeds]

enabled = True

host = your.mhn.server.com

port = 10000

identity = shockpot

secret = secret

channel = shockpot.events

```



## Running



```

python shockpot.py

```



## Deployment



See the [wiki](https://github.com/Pwnlandia/shockpot/wiki).



## LICENSE



This program free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.



This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.



You should have received a copy of the GNU Lesser General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA