-
Learning is never done
I’ve been using PHP for a while now and thought that I knew the available functions (at least the generic ones) pretty well, but recently I got surprised: a recent entry on the Me and My Database blog pointed me towards http_build_query and in the same category I found parse_url. This is significant to me,…
-
The state of web security
If you are a busy (wo)man, I save you the time it would take to read this blogpost: it is deplorable. Now to elaborate on it: Yesterday I was putting together some new templates for the webhoneypot project with a focus on PHP shells. Things like r57, c99 and their derivatives. Then I looked at…
-
Updates for Webhoneypot
The development of the webhoneypot is back in swing again. We are aiming for the date of May the 15th as the release date for a beta version. A cool new feature which got committed recently is the possibility to “emulate” RFI vulnerabilities. How does it work (idea taken from the glastopf project): When a…
-
Installing the webhoneypot on OpenWrt
This is a raw tutorial for installing webhoneypot on a router running OpenWrt. The used version is Kamikaze 8.09 (this can be important because commands change between version). The tutorial is not 100% complete and I will update it in the future when I learn new information. An other assumption I make is that you…
-
Webhoneypot
In the last couple of months I’ve been helping out with the webhoneypot project. From the Google code website: DShield.org is offering this honeypot for users to capture automated web application exploits. It is a very simple "semi interactive" honeypot implemented in PHP. The core idea is the following: you install it on a webserver…