| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Switch to useing XMLReader to parse XML payloads. | Harald Eilertsen | 2024-07-07 | 2 | -27/+54 |
| | | | | | | | | | | | | | | | XMLParser would expand entities by default, which could make us susceptible both to XXE attacks, and the billion laughs attack. By default XMLReader does _not_ expand entities, so it's a safer choice. This also changes the XmlRpcMethod::parse() function to throw a runtime exception if the XML payload could not be parsed, and to return null if the payload does not contain a valid <methodName> element. In cases where we're unable to parse the payload as a valid XML-RPC request, we fall back to saving the full request info as before. | ||||
| * | Also include originating IP address and timestamp in creds list. | Harald Eilertsen | 2024-07-06 | 1 | -3/+3 |
| | | |||||
| * | Refactoring, make function to save credentials. | Harald Eilertsen | 2024-07-06 | 1 | -4/+9 |
| | | |||||
| * | Process XML-RPC requests separately. | Harald Eilertsen | 2024-07-06 | 1 | -0/+16 |
| | | | | | | | | | | | | If the XML-RPC method is wp.getUsersBlogs, we just save submitted credentials and otherwise ignore the request. We get a lot of these, and they're not really that interesting, so we don't need to save the full payload. But let's keep the credentials, so that we can build a list of passwords and user names. Other requests will be saved in full as before. | ||||
| * | Add class for representing XML-RPC payloads. | Harald Eilertsen | 2024-07-06 | 1 | -0/+75 |
| | | |||||
| * | Whitespace only. | Harald Eilertsen | 2024-07-06 | 1 | -11/+11 |
| | | |||||
| * | Rename trap-post-payload.php and call it from index.php. | Harald Eilertsen | 2024-07-04 | 1 | -0/+25 |
 |
index : volse-webtrap.git | |
| A minimal WordPress/Web honeypot in PHP | Harald Eilertsen |
| aboutsummaryrefslogtreecommitdiffstats |