Jump to content

Webserver Logging, ErrorReporting & HoneyPot Fun

Werezwolf

By Werezwolf
in Miscellaneous

Recommended Posts

Werezwolf Newbie

Werezwolf

Posted
Posted

This is basically a Show off your Logging, Error Reporting and/or Honeypot scripts for Web servers.

 

Summary

This is a php version that includes various features including randomized fake error reporting to the client and detailed logging (that is part of an ongoing project and is inspired by a few online resources).

 

Useful for slowing down scanners, and generally seeing what happens to your server while your away.

 

You will probably will need to change example.com to something.

 

./global.php

<?php
  if(!session_id()){session_start();}
   $_SERVER['logdate'] = date('Dd_M_Y');

    Function TarPit() {
    /* Send to Tarpit */
        $responce = array(204,300,301,302,303,304,404,406,409,410,418,500);
        $array_select = array_rand($responce,1);
        http_response_code($responce[$array_select]);
        Exit(Require_once './custerr/en.php');
    }

    Function Logging($state,$name,$message,$script){
    //Int,String,String,Bool
    if(isset($_SERVER['HTTP_USER_AGENT'])){$_SERVER['HTTP_USER_AGENT'] = 'UserAgent Not Set';}
    //Logging Method
        $logstr = "=========================================================\r\n";
    //Other,Success, Failed, Error
    If($state = 0){$logstr .=  $name  . "\r\n";}//Other
    elseif($state = 1){$logstr .= 'Success: '. $name  . "\r\n";}//Success
    elseif($state = 2){$logstr .= 'Failed: '. $name  . "\r\n";}//Failed
    elseif($state = 3){$logstr .= 'Error: '. $name  . "\r\n";}//Error
        $logstr .= "=========================================================\r\n";
        $logstr .= $_SERVER['REQUEST_TIME_FLOAT'] . "\r\n";
        $logstr .= $_SERVER['date']  . "\r\n";
        $logstr .= $_SERVER['HTTP_USER_AGENT']  . "\r\n";
        
        if(isset($username)){
        $logstr .= "---- User Authenticating ---- \r\n";
        $logstr .= $_SERVER['REMOTE_ADDR'] . ' - ' . $username .": Attempted Login result \r\n";}
        
        elseif(isset($_SESSION['username'])){
        $logstr .= "---- User Authenticated ---- \r\n";
        $logstr .= $_SERVER['REMOTE_ADDR'] . ' - ' . $_SESSION['username']. "\r\n";}
        else{$logstr .= $_SERVER['REMOTE_ADDR'] . "\r\n";}
        
        if($script !== 0){
            $logstr .= "---- Powershell ---- \r\n";
            $logstr .= 'powershell.exe -ExecutionPolicy ByPass -command "' . $psScriptPath . '" < NUL  -rand "' . $rand . '" < NUL -base64_username "' . $base64_username . '" < NUL -base64_password "' . $base64_password . '" < NUL'."\r\n";}
            
        if(!empty($GLOBALS['php_errormsg'])){
        $logstr .= "---- php_errormsg ---- \r\n";
        $logstr .= $GLOBALS['php_errormsg']."\r\n";}
        
        if(!isset($message)){
        $logstr .= "---- Additional Information ----\r\n";
        $logstr .= $message."\r\n";}
        
        $logstr .= "---- Session ----\r\n";
        foreach ($_SESSION as $key => $value) {
            if(is_array($_SESSION[$key])){
            foreach ($_SESSION[$key] as $key2 => $value2) {
                $logstr .= '$_SESSION['.$key.']['.$key2.'] = '.print_r($_SESSION[$key][$key2],true)."\r\n";}
            }else{$logstr .= '$_SESSION[\'' . $key . '\'] = ' . $value ."\r\n";}
        }
        
        $logstr .= "\r\n";
        // '../Logging/'.$_SERVER['logdate'].'.txt' should preferably be outside the website root or protected by .htaccess or cmod
        file_put_contents('../Logging/'.$_SERVER['logdate'].'.txt', $logstr, FILE_APPEND | LOCK_EX);
        RETURN $logstr;
    }
    
    Function ErrorHandle($message,$tarpit){
        //Critical Error
        //EXIT(ErrorHandle(Logging($state,$name,$message,$script),$tarpit)); Is Suggested
        //String, bool, Int
        //Report to Administration
        $headers = "From: [email protected] \r\n" .
        "Reply-To: [email protected] \r\n" .
        "X-Mailer: PHP/" . phpversion();
        
        mail('[email protected]', "Error Handle" . $message, $headers);
        $_SESSION['MSG'] = NULL;
        if($tarpit == 1){exit(TarPit());}
        else{exit(/*Destroy Session Data maybe*/);}
    }
?>

./custerr/en.php

<?php
    $http_response_code = array(204,300,301,302,303,304,404,406,409,410,418,500);
    $http_response_name = array('No Content','Multiple Choices','Moved Permanently','Found','See Other','Not Modified','Not Found','Not Acceptable','Conflict','Gone','I am a Teapot','Internal Server Error');
    $http_response_discription = array('','Just letting you know this is actually a questionnaire?','Moved permanently somewhere else. Definitely not here although','Don\'t Panic! The monkeys have found it','Go see the other guy.','This page is Definitely not modified in anyway.',' The requested URL ' . $_SERVER['REQUEST_URI'] . ' was not found by the monkeys on this server.','This is Unacceptable','Just couldn\'t decide on what to give you','It\'s Gone. Just Gone?','I am a Teapot','Internal Server Error');

    $key = array_search(http_response_code(),$http_response_code);

    Print('<!DOCTYPE html>
    <html><head>
    <title>' . http_response_code() .' '. $http_response_name[$key] .'</title>
    <h1>' . http_response_code() .' '. $http_response_name[$key] .'</h1>
    <p>' . $http_response_discription[$key] . '</p>
    </body></html>');
?>

./Test.php

<?php
  require_once 'global.php';
  $serverarray = array($_SERVER['SERVER_ADDR'],'example.com');
   if(!array_search($_SERVER['SERVER_NAME'],$serverarray)){EXIT(ErrorHandle(Logging(0,'Other Server Request','Requested Server'.$_SERVER['SERVER_NAME'],0),1));}
?>

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.