forked from LycheeOrg/Lychee
-
Notifications
You must be signed in to change notification settings - Fork 0
/
honeypot.php
119 lines (111 loc) · 1.72 KB
/
honeypot.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<?php
return [
/**
* Enable HoneyPot to return 418 when hitting honey.
*/
'enabled' => true,
/**
* Honey.
*
* Set of possible path.
* Those will be concatenated into a regex.
*/
'paths' => [
'.env',
'.git/config',
'.git/HEAD',
'.well-known/security.txt',
'.well-known/traffic-advice',
'readme.txt',
'pools',
'pools/default/buckets',
'__Additional',
'CSS/Miniweb.css',
'wp-login.php',
'wp-content/plugins/core-plugin/include.php',
'wp-content/plugins/woocommerce/readme.txt',
'Portal/Portal.mwsl',
'Portal0000.htm',
'ads.txt',
'aQQY',
'UEPs',
'HNAP1',
'nmaplowercheck1686252089',
'sdk',
'backup',
'bc',
'bk',
'blog',
'home',
'main',
'new',
'newsite',
'old',
'test',
'testing',
'wordpress',
'wp-admin/install.php',
'wp-admin/setup-config.php',
'wp',
'xmlrpc.php',
'.vscode/sftp.json',
'aws.json',
'awsconfig.json',
'AwsConfig.json',
'client_secrets.json',
'conf.json',
'config/config.json',
'credentials/config.json',
'database-config.json',
'db.json',
'env.json',
'smtp.json',
'ssh-config.json',
'user-config.json',
],
/**
* Because of all the combinations, it is more interesting to do a cross product.
*/
'xpaths' => [
[ // admin, main default etc.
'prefix' => [
'admin',
'base',
'default',
'home',
'indice',
'inicio',
'localstart',
'main',
'menu',
'start',
],
'suffix' => [
'asp',
'aspx',
'cgi',
'cfm',
'html',
'jhtml',
'inc',
'jsa',
'jsp',
'php',
'pl',
'shtml',
],
],
[ // phpinfo sets
'prefix' => [
'',
'_',
'__',
'html/',
],
'suffix' => [
'info.php',
'phpinfo.php',
],
],
],
];