Hey, it’s me again! I’m back for another article about my favorite
mini-computer; the Raspberry Pi. This time I’ll be demonstrating some
cool DIY projects that I found on the net, which are very easy to setup
and apply. Some require a lot of patience and hardware though. The
purpose of this article is to present projects which you can try, to
give you brand new ideas for using your $35 mini-computer. You can turn
yourself into a Raspberry Pi hobbyist, just like me and other hardware
hackers out there.
Glastopf Pi
Glastopf Pi is my very own DIY setup which maximizes Glastopf, a web
application honeypot project lead by Lukas Rist a.k.a glaslos of the
Honeynet Project. The Glastopf project started in the year 2009. It’s a
simple and minimalistic web server written in Python, that records
information of web-based application attacks like Structured Query
Language Injection (SQLI), Remote Code Execution (RCE), Local File
Inclusion (LFI), Remote File Inclusion (RFI), and many more. It emulates
web application vulnerabilities by tricking attackers or scanners into
thinking that it’s a vulnerable web server.
Here are some snippets of the README file for this project, in order to understand this web application honeypot better:
“The adversaries usually use search engines and special crafted
search requests to find their victims. In order to attract them,
Glastopf provide those keywords (aka dork) and extracts them also from
request and extends its attack surface automatically. So, over time and
with a growing number of attacks, the honeypot gets more and more
attractive. In the feature we will make the SQL injection emulator
pubic, provide IP profiling for crawler recognition and intelligent dork
selection.”
Here’s my guide on how to set up this web honeypot on your very own Raspberry Pi:
==>
Read More
No comments:
Post a Comment