Sticky Elephant is a medium-interaction PostgreSQL honeypot.
sticky_elephant [options] -c, --config CONFIG Configuration file to read -h, --help Display this screen
Either install the gem and
or clone the repo and
sticky_elephant.conf is a YAML file that defines Sticky Elephant's behavior.
You can tell Sticky Elephant what configuration file to use with
configuration file looks like this:
:log_path: "./sticky_elephant.log" :port: 5432 :host: 0.0.0.0 :debug: true :abort_on_exception: false :use_hpf: true :hpf_host: 127.0.0.1 :hpf_port: 10000 :hpf_ident: 24b6875e-03f1-4c2a-b5b0-11af1f49e2bb :hpf_secret: woofwoofcharlesisagooddog
port define the host address and port to which Sticky Elephant
log_path is the log to which Sticky Elephant will write. Do
note that HPFeeds logs go to
stdout and are separate from Sticky Elephant
debug turns on debug-level logging;
kills threads when they encounter an exception. The
hpf-prefixed options are
for configuring the HPFeeds server to which Sticky Elephant should report
queries and connections.
After checking out the repo, run
bin/setup to install dependencies. Then, run
rake spec to run the tests. You can also run
bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run
bundle exec rake install. To release a new version, update the version number in
version.rb, and then run
bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the
.gem file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/betheroot/sticky_elephant.
- Support md5 authentication
- Mimic commands
- Mimic commands
- Log user-selected database in handshake
- Remove argument to
- Break up
Payloadinto separate objects