I decided to post this file to see what information people could gain from it. It is nothing malicious. Simply a challenge. Feedback would be greatly appreciated. I can't give you guys any hints! It is supposed to be mysterious and difficult!
Hey everyone. For several months now I have tried out a couple of different honeypot solutions. I have been amazed at the kippo honeypot as it keeps awesome logs with a ton of different stats. Kippo allows attackers to brute force SSH by purposely using a weak password. Except, the SSH port (22) is not the real SSH port and the root user is logging into a fake file system. I can see everything the attacker types and downloads in real time in my playback logs. Its like watching a movie. Anyhow. I am more than happy to publish the bad ip list for you all to see and use. I will be creating a new link here shortly and will update the contents from time to time.
Introducing wp-plug! wp-plug is a python script that does two things. It will first crawl the domain for links, it will then crawl those links and search for any plugins . It is meant to be used on wordpress sites. Other tools such as wp-scan use a list of something like 14 thousand plugins. It essentially brute forces the domain using the wordlist to find plugins. For some purposes you may only be concerned with what plugins are active which can be found by scraping the target pages. So instead of sending over 14 thousand requests guessing plugins, you may want to use something like wp-plug to give you fast and immediate results. I think the only other thing im interested in doing is adding proxy support. Other than that, have a great day guys!
Scott "R4v3N", co-founder and trainer for Top-Hat-Sec.