Awesome
HoneyUp
An uploader honeypot designed to look like poor website security.
Requirements
- Linux server
- NGiNX
- Rust toolchain (build only)
Installation
- Build using
cargo build --release
. - Log into your server and create a
honeyup
user with a home directory. - Upload/copy the contents of this repo to your honeyup user's home
/home/honeyup
. - Copy the
honeyup
binary fromtarget/release/
to/home/honeyup/
. - Edit
res/config.env.txt
to make it believable (add some canary tokens too). - Upload/copy the systemd service descriptor from
conf/honeyup.service
to/etc/systemd/system/honeyup.service
. - Reload all systemd service descriptors
systemctl daemon-reload
. - Ensure any currently served sites do not use the
/uploads
path. - Add the contents of
conf/nginx_snippet.conf
to your NGiNX config just above your server'slocation
blocks. - Reload the NGiNX config with
systemctl reload nginx
. - Enable and start the
honeyup
servicesystemctl enable honeyup
&systemctl start honeyup
. - Browse to
/uploads
on your website and useupload.php
to upload some dummy/bait files.
Notes
Be sure to check up on the uploaded_files
folder often to be sure you aren't hosting somebody's malware.
Docker Installation
You will need Docker and docker-compose for this
- Clone the repository
git clone https://github.com/LogoiLab/honeyup.git
- The docker-compose.yml file has a couple of environment variables you will want to set. The
APP_ID
,AWS_ACCESS_KEY_ID
, andAWS_SECRET_ACCESS_KEY
will be set with a service like Canary Tokens. TheSMTP
,ADDRESS
, andPASSWORD
variables are used to make your honeyup look more reputable as a vulnerable server. Finally, please set the/path/to/uploaded_files
as a location outside the container where you would like the uploaded files to be stored - Run
docker-compose up -d
in the honeyup directory - Done!
The container will listen on port 4000 unless specified otherwise.