Shlomi Ruder / W7500-honeypot

Simple Honeypot server based on Wiznet W7500, support 7 different sockets

Dependencies:   HoneyPot SDFileSystem WIZnetInterface mbed-src

Fork of W7500-honeypot by Shlomi Ruder

Honeypot Server Example w7500 Wiznet

/media/uploads/proxytype/honeypot.png

Simple example of Honeypot server for detecting unwanted network behaviors over the network and report it to the administrator, for example, when the attacker scan the network and try to detect all the machines and services.

the honeypot is the dark corner of the network, is a place that nobody should visit and if some one does, it's not for legitimate reasons.

Configuration

first setup is define the honeypot server and the master address that will be access to administrator panel,

//honeypot address - static
char ip_addr[] = "192.168.1.111";

//master address - static
char master_addr[] = "192.168.1.6";

char subnet_mask[] = "255.255.255.0";
char gateway_addr[] = "192.168.1.1";

copy the html files inside html folder directly to root folder of the SD card.

Sockets

we can define up to 7 different ports (sockets) for detecting,

  int  ports[7] = {80, 22, 138, 21, 23, 35, 3306};
    
    
    if (!svr.start(ports, 7, master_addr, &eth)) {

        printf("Server not starting !");
        exit(0);
    }
    
    while(1) {
        svr.poll();
    }

Http Response

there is two different modes when setting socket on port 80, one for ordinary users and another for the master of the device.

Visitor

/media/uploads/proxytype/visitor.png

Master

/media/uploads/proxytype/administrator_panel.jpg

Files at this revision

API Documentation at this revision

Revision 2:2c1e0056bb9d, committed 2017-09-03

Comitter:
proxytype
Date:
Sun Sep 03 14:44:19 2017 +0000
Parent:
1:496ea8c93386
Commit message:

Changed in this revision

html/index.html Show annotated file Show diff for this revision Revisions of this file
main.cpp Show annotated file Show diff for this revision Revisions of this file 
diff -r 496ea8c93386 -r 2c1e0056bb9d html/index.html
--- a/html/index.html	Sat Sep 02 13:20:40 2017 +0000
+++ b/html/index.html	Sun Sep 03 14:44:19 2017 +0000
@@ -9,7 +9,7 @@
     <div style="color:#FFCC00;padding:5px">
          Just Sniffing Around?, this is wrong place to be... :(
          <br />
-         Message send to Administraotr
+         Message send to Administrator
     </div>
     <div style="position:fixed; bottom:0px; width:100%;background-color:#474747; padding:5px">Powered by WizNet</div> 
     </body>

diff -r 496ea8c93386 -r 2c1e0056bb9d main.cpp
--- a/main.cpp	Sat Sep 02 13:20:40 2017 +0000
+++ b/main.cpp	Sun Sep 03 14:44:19 2017 +0000
@@ -20,7 +20,7 @@
 
 
 char ip_addr[] = "192.168.1.111";
-char master_addr[] = "192.168.1.6";
+char master_addr[] = "192.168.1.7";
 char subnet_mask[] = "255.255.255.0";
 char gateway_addr[] = "192.168.1.1";