OctoWe've made some bugfixes to the Haxplorer honeypot. We have also begun heavy development into a GHH honeynet. NovemBugfix made to the php-ping honeypot. (Available on the SourceForge download page) We have also released an updated set of tools to go with the paper release, which includes remote logging for honeynets over XML-RPC and SSL, malware collection, and improved logging of browser headers. GHDB Signatures are maintained by the community.įebruary 23, 2007- We have released a "Know Your Enemy" paper with the Honeynet Project. GHDB Signature #1122 (wwwboard WebAdmin inurl:passwd.txt GHDB Signature #734 ("File Upload Manager v1.3" "rename to") GHDB Signature #937 (filetype:blt "buddylist") GHDB Signature #1064 (filetype:sql ("passwd values" | "password values" | "pass values" )) GHDB Signature #162 (allinurl: admin mdb) GHDB Signature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php) GHDB Signature #161 (inurl:phpSysInfo/ "created by phpsysinfo") GHDB Signature #361 ("Powered by PHPFM" filetype:php -username) GHDB Signature #935 (inurl:"install/install.php") GHDB Signature #365 (intitle:"PHP Shell *" "Enable stderr" filetype:php) GHDB Signature #733 ("Enter ip" inurl:"php-ping.php") GHDB Signature #833 (filetype:php HAXPLORER "Server Files Browser") GHDB Signature #365 Emulated (intitle:"PHP Shell *" "Enable stderr" filetype:php) You can view research done with GHH in the Honeynet Project's "Know Your Enemy" paper on web application honeypots. GHH is powered by the Google search engine index and the Google Hacking Database (GHDB) maintained by the community. These insecure tools, when combined with the power of a search engine and index which Google provides, results in a convenient attack vector for malicious users. Mirroring the growth of the Google index, the spread of web-based applications such as message boards and remote administrative tools has resulted in an increase in the number of misconfigured and vulnerable web apps available on the Internet. The Google index has swelled past 8 billion pages and continues to grow daily. The search engine that Google has implemented allows for searching on an immense amount of information. GHH implements honeypot theory to provide additional security to your web presence. It is designed to provide reconaissance against attackers that use search engines as a hacking tool against your resources. Google Hack Honeypot is the reaction to a new type of malicious web traffic: search engine hackers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |