Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

services: add WordPress #256

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

CapacitorSet
Copy link
Contributor

Fixes #255, depends on honeytrap/honeytrap-services-wordpress#1.

Implements a dummy WordPress blog with a homepage and a /wp-login.php, and logs login attempts. Can be expanded in the future to implement many specific vulnerabilities.

@sammynx
Copy link
Collaborator

sammynx commented Mar 17, 2018

@CapacitorSet Regarding your commit, services: pass data dir , there is a key value store to use in storage/storage.go

Giving different services acces to the same directory will become an issue sooner or later.

@CapacitorSet
Copy link
Contributor Author

CapacitorSet commented Mar 17, 2018 via email

@sammynx
Copy link
Collaborator

sammynx commented Mar 17, 2018

I didn't know this was discussed already, just wanted to point you to the kv store.

But I still think this is an accident waiting to happen. What if you configure multiple services of the same type, like service.smtp01, service.smtp02, etc.?

@CapacitorSet
Copy link
Contributor Author

For the time being I don't expect such an issue to occur with WordPress, since I think one would rarely need to have two different WordPress honeypots running on the same server. Even then, one might add a key in the configuration to specify a different root folder (eg. root="/var/www/wordpress01"?).

Ping @nl5887 for additional feedback on the issue

@sammynx
Copy link
Collaborator

sammynx commented Mar 17, 2018

I agree that is not a big issue for now. But making this directory available to all services will make it the goto place to store things in the future.

Having a filesystem to play with would be a nice feature though.
I would want to point you to services/filesystem which gives you a private piece of diskspace. But I am working now on a virtual filesystem, so the interface might change.

@codecov-io
Copy link

codecov-io commented Jul 10, 2018

Codecov Report

❗ No coverage uploaded for pull request base (master@674ac4f). Click here to learn what that means.
The diff coverage is 4%.

Impacted file tree graph

@@            Coverage Diff            @@
##             master     #256   +/-   ##
=========================================
  Coverage          ?   43.41%           
=========================================
  Files             ?       71           
  Lines             ?     8365           
  Branches          ?        0           
=========================================
  Hits              ?     3632           
  Misses            ?     4317           
  Partials          ?      416
Impacted Files Coverage Δ
services/tftp.go 0% <0%> (ø)
services/eos/eos.go 79.1% <0%> (ø)
services/http.go 0% <0%> (ø)
services/ldap/ldap.go 0% <0%> (ø)
services/copy.go 0% <0%> (ø)
server/honeytrap.go 3.18% <0%> (ø)
services/cwmp-tr069.go 0% <0%> (ø)
services/counterstrike.go 0% <0%> (ø)
services/ipp/ipp.go 0% <0%> (ø)
services/dns-proxy.go 0% <0%> (ø)
... and 11 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 674ac4f...8d5e2eb. Read the comment docs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants