Home

Awesome

HoneyUp

An uploader honeypot designed to look like poor website security.

Requirements

Installation

  1. Build using cargo build --release.
  2. Log into your server and create a honeyup user with a home directory.
  3. Upload/copy the contents of this repo to your honeyup user's home /home/honeyup.
  4. Copy the honeyup binary from target/release/ to /home/honeyup/.
  5. Edit res/config.env.txt to make it believable (add some canary tokens too).
  6. Upload/copy the systemd service descriptor from conf/honeyup.service to /etc/systemd/system/honeyup.service.
  7. Reload all systemd service descriptors systemctl daemon-reload.
  8. Ensure any currently served sites do not use the /uploads path.
  9. Add the contents of conf/nginx_snippet.conf to your NGiNX config just above your server's location blocks.
  10. Reload the NGiNX config with systemctl reload nginx.
  11. Enable and start the honeyup service systemctl enable honeyup & systemctl start honeyup.
  12. Browse to /uploads on your website and use upload.php to upload some dummy/bait files.

Notes

Be sure to check up on the uploaded_files folder often to be sure you aren't hosting somebody's malware.

Docker Installation

You will need Docker and docker-compose for this

  1. Clone the repository git clone https://github.com/LogoiLab/honeyup.git
  2. The docker-compose.yml file has a couple of environment variables you will want to set. The APP_ID, AWS_ACCESS_KEY_ID, and AWS_SECRET_ACCESS_KEY will be set with a service like Canary Tokens. The SMTP, ADDRESS, and PASSWORD variables are used to make your honeyup look more reputable as a vulnerable server. Finally, please set the /path/to/uploaded_files as a location outside the container where you would like the uploaded files to be stored
  3. Run docker-compose up -d in the honeyup directory
  4. Done!

The container will listen on port 4000 unless specified otherwise.