HellPot is a portal to endless suffering meant to punish unruly HTTP bots.

Overview

HellPot

GoDoc Go Report Card IRC

Summary

HellPot is an endless honeypot based on Heffalump that sends unruly HTTP bots to hell.

Notably it implements a toml configuration file, has JSON logging, and comes with significant performance gains.

Exploding Heffalump

Grave Consequences

Clients (hopefully bots) that disregard robots.txt and connect to your instance of HellPot will suffer eternal consequences.

HellPot will send an infinite stream of data that is just close enough to being a real website that they might just stick around until their soul is ripped apart and they cease to exist.

Under the hood of this eternal suffering is a markov engine that chucks bits and pieces of The Birth of Tragedy (Hellenism and Pessimism) by Friedrich Nietzsche at the client using fasthttp.

Compilation

HellPot should probably be built with Go version 1.17 or higher.

HellPot uses go modules. This should make it dead simple to build with a stock Go installation.

1 ) git clone https://github.com/yunginnanet/HellPot

2 ) cd HellPot

4 ) go build cmd/HellPot/HellPot.go

5 ) Consider the potential grave consequences of your actions.

Usage

YOLO Method:

In the event of a missing configuration file, HellPot will attempt to place it's default config in $HOME/.config/HellPot/config.toml. This allows irresponsible souls to begin raining hellfire with ease, immediately:

1 ) Download a compiled release

2 ) Run binary and immedidately begin sending clients directly to hell.


Reasonable Method:

1 ) Configure webserver as reverse proxy (see below)

2 ) ./HellPot --genconfig

3 ) Edit your newly generated config.toml as desired.

4 ) Ponder your existence server's ability to handle your chosen performance values.

5 ) ./HellPot -c config.toml

666 ) 𝙏͘͝𝙝̓̓͛𝙚͑̈́̀ 𝙨͆͠͝𝙠͑̾͌𝙮̽͌͆ 𝙞̓̔̔𝙨͒͐͝ 𝙛͑̈́̚𝙖͛͒𝙡͑͆̽𝙡̾̚̚𝙞͋̒̒𝙣̾͛͝𝙜͒̒̀.́̔͝​

Example Config (toml)

[http]
  # TCP Listener (default)
  bind_addr = "127.0.0.1"
  bind_port = "8080"
  paths = ["wp-login.php","wp-login"]

  # Unix Socket Listener (will override default)
  use_unix_socket = false
  unix_socket = "/var/run/hellpot"

[logger]
  debug = true
  directory = "/home/kayos/.config/HellPot/logs/"
  nocolor = false
  use_date_filename = true

[performance]
  # max_workers is only valid if restrict_concurrency is true
  restrict_concurrency = false
  max_workers = 256
  
[deception]
  # Used as "Server: " header (if not proxied)
  server_name = "nginx"

Example Web Server Config (nginx)

location '/robots.txt' {
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_pass http://127.0.0.1:8080$request_uri;
}  

location '/wp-login.php' {
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_pass http://127.0.0.1:8080$request_uri;
}
Comments
  • Logging, hellpot ignores logpath + creates .config folder

    Logging, hellpot ignores logpath + creates .config folder

    Just noticed that by supplying ...

    ..
    ..
    log_directory = "/var/log/hellpot/"
    ..
    ..
    

    for config.toml... outside a user's home directory is ignored and hellpot tries to setup the folder inside the user's home directory.

    A quick check to test everything else is fine (i.e. permissions) I hardcoded the path in logger.go by setting logDir = "<desired path>" which is working fine.

    Also I noticed, even if config.toml is present hellpot tries to create a .config/HellPot folder in the user's home directory.

    bug 
    opened by t3chn0m4g3 8
  • Ability to block wildcard user agents.

    Ability to block wildcard user agents.

    I know this is very obscure but cloudflare keeps trying to "cache" the site which immediately clashes with hellpot (even with robots.txt) so i was wondering if you could add a feature where it ignores certain user agents?

    enhancement 
    opened by Footsiefat 7
  • Add ability to use wildcards

    Add ability to use wildcards

    I wish to effectively respond to all requests (apart from robots.txt) with HellPot as to punish rouge exploit searching botnets. Such a feature would be greatly appreciated.

    enhancement 
    opened by Footsiefat 5
  • 同学,您这个项目引入了208个开源组件,存在1个漏洞,辛苦升级一下

    同学,您这个项目引入了208个开源组件,存在1个漏洞,辛苦升级一下

    检测到 yunginnanet/HellPot 一共引入了208个开源组件,存在1个漏洞

    漏洞标题:Go SSH拒绝服务漏洞
    漏洞编号:CVE-2020-9283
    漏洞描述:Go SSH是一个使用go语言开发的极度简洁的ssh工具,用于远程管理linux、unix等机器。
    Go SSH存在拒绝服务漏洞,该漏洞源于网络系统或产品未对输入的数据进行正确的验证,攻击者可利用该漏洞导致拒绝服务条件,拒绝向合法用户提供服务。
    国家漏洞库信息:https://www.cnvd.org.cn/flaw/show/CNVD-2020-14300
    影响范围:(∞, 0.0.0-20200220183623-bac4c82f6975)
    最小修复版本:0.0.0-20200220183623-bac4c82f6975
    缺陷组件引入路径:github.com/yunginnanet/[email protected]>github.com/spf13/[email protected]>github.com/spf13/[email protected]>golang.org/x/[email protected]
    

    另外还有几个漏洞,详细报告:https://mofeisec.com/jr?p=nbd6a6

    invalid 
    opened by ghost 4
  • Consider removing

    Consider removing "fork status" from this repository

    There are considerable changes to this repository, as well as a name change. Also, the heffalump repository seems to be inactive anyway. Therefore, perhaps the fork status should be removed, especially since hellalump is mentioned in the README anyway.

    opened by kescherCode 3
  • Unix socket fixup: permissions. Also, go.sum

    Unix socket fixup: permissions. Also, go.sum

    Adds a config option for setting socket permissions.

    I also added a go.sum, since it's good practice (and it fails on github.com/fasthttp/router otherwise).

    opened by kescherCode 3
  • go 1.16.6 net/http breaks HellPot

    go 1.16.6 net/http breaks HellPot

    go1.16.6 and higher breaks HellPot with its changes to net/http

    HellPot takes its buffer and begins writing it straight to the http ResponseWriter, but now that ResponseWriter asserts reading the length of the source before it will write the header to our client.

    breaking commit: https://github.com/golang/go/commit/cb4cd9e17753b5cd8ee4cd5b1f23d46241b485f1

    I am working on rewriting HellPot to use a custom HTTP server that uses raw net.Conn handling, if anyone has a better solution let me know.

    bug 
    opened by yunginnanet 3
  • Error writing new config

    Error writing new config

    OS: Ubuntu Server 20.04 LTS

    [email protected]:~# ./HellPot-0.3-linux-amd64 
    error writing new config: mkdir /root/.config/HellPot: no such file or directory
    open /root/.config/HellPot/config.toml: no such file or directory
    

    fix: mkdir -p /root/.config/HellPot

    Tested: HellPot-0.3-linux-386 HellPot-0.3-linux-amd64

    bug good first issue 
    opened by jujisec 2
  • Bump github.com/valyala/fasthttp from 1.36.0 to 1.37.0

    Bump github.com/valyala/fasthttp from 1.36.0 to 1.37.0

    Bumps github.com/valyala/fasthttp from 1.36.0 to 1.37.0.

    Release notes

    Sourced from github.com/valyala/fasthttp's releases.

    v1.37.0

    • 66bc61e Add an option to allow empty root in the fsHandler (#1299) (RW)
    • 9961079 Fix userdata re-use after Remove (Erik Dubbelboer)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Logging: certain fasthttp errors are not using our logger.

    Logging: certain fasthttp errors are not using our logger.

    Behavior: 2021/10/23 02:47:15 error when serving connection "[redacted]:[redacted]"<->"[redacted]:[redacted]": error when reading request headers: cannot find http request method

    Expected: 2:47AM ERR REMOTE_ADDR=[redacted]:[redacted] error when reading request headers: cannot find http request method (roughy)

    This means certain fasthttp errors won't be in our JSON log as well. I'll address this soon.

    bug enhancement 
    opened by yunginnanet 1
  • Add unix domain socket listening support

    Add unix domain socket listening support

    Exactly what it says on the tin. Using this feature reduces the protocol overhead caused by the loopback interface (since we no longer use IP to communicate between HellPot and the reverse proxy).

    opened by kescherCode 1
  • Print bytes sent in human readable format

    Print bytes sent in human readable format

    As seen here the logger that logs to terminal returns the exact amount of bytes, which is well and good for JSON processing by other programs, but this is not ideal for human readers quickly checking the rough amount of data being sent.

    My recommended solution is to automatically format bytes sent in a human readable manor but only when sent to terminal, but keep current style with JSON logging.

    enhancement calls for discussion 
    opened by Footsiefat 0
  • v0.4: investigate potential automatic builds via CD

    v0.4: investigate potential automatic builds via CD

    I've done this with gitlab but never before with github. It would be nice for the master branch to do automatic builds upon successful pushes to master.

    enhancement help welcomed CI/CD 
    opened by yunginnanet 0
Releases(v0.3)
Owner
kayos
you guys come here often?
kayos
Golang Framework for writing Slack bots

hanu - Go for Slack Bots! The Go framework hanu is your best friend to create Slack bots! hanu uses allot for easy command and request parsing (e.g. w

Sebastian Müller 141 Sep 26, 2022
its the same idea as bruh-bot, but with golang, and add more bots

bruh-bot but more powerful! requirements python go you can used on mac and linux the idea its really simple, can make a lot of bots with the same task

pai 12 Jul 7, 2021
A Telegram Repo For Bots Under Maintenance Which Gives Faster Response To Users

Maintenance Bot A Telegram Repo For Bots Under Maintenance Which Gives Faster Response To Users Requests » Report a Bug | Request Feature Table of Con

HEIMAN PICTURES 9 Mar 21, 2022
A set of mastodon (fediverse) bots written in Go

Mastodon Bot Bots Hagh Hagh reblogs certain toots to itself creating a Hagh page. Users from local instance are able to make a toot hagh. Setup Have g

Ebrahim 4 Sep 17, 2021
A fast responsive, machine learning, conversational dialog engine for creating chat bots, written in Go.

chatbot English | 简体中文 项目说明 chatbot 是一个通过已知对话数据集快速生成回答的 Go 问答引擎。比 ChatterBot 快非常多,我们在1.2亿对话上的对比结果是:ChatterBot 回答需要21秒,chatbot 只需要18毫秒。 bot 问答引擎 cli tr

Kevin Wan 341 Sep 29, 2022
Automated Trader (at). Framework for building trading bots.

Automated Trader (at) Purpose: Framework for building automated trading strategies in three steps: Build your own strategy. Verify it with the backtes

Simon Klinkert 55 Sep 12, 2022
Wrapper library for github.com/tucnak/telebot to create simple text-based Telegram bots

tbwrap Wrapper library for github.com/tucnak/telebot to create simple text-based Telegram bots Installation go get github.com/enrico5b1b4/tbwrap Exam

null 0 Dec 7, 2021
Make discord bots to drain discriminators

allthebotses make discord bots to drain discriminators a stupid idea You can only make ~5 bots before getting ratelimited, and it gets tougher every t

null 1 Dec 12, 2021
Help developer to sync between local file and remote apollo portal web since portal web is so messy to use

apollo-synchronizer Help developer to sync between local file and remote apollo portal web since portal web is so messy to use Features download names

yeqown 3 May 16, 2022
🐿️ Revoltgo is a go package for writing bots / self-bots in revolt easily.

Revoltgo Revoltgo is a go package for writing bots / self-bots in revolt easily. NOTE: This package is still under development and not finished. Creat

Kedi 17 Jul 25, 2022
Go Http Proxy with Authentication, Schedule Control, and Portal Control

goproxy Go Http Proxy with Authentication, Schedule Control, and Portal Control Why this tool? You may need to restrict my kids's youtube watch time i

Wu Shilin 2 Mar 27, 2022
Simple Go/Chi powered http server meant for ad hoc use such as exposing a file system for testing HTML.

httphere httphere is a simple Go/Chi powered http server for ad hoc use such as testing HTML or temporarily exposing a local file system at the curren

Mike Watkins 0 Dec 10, 2021
The portal gates to coverage reports

Covergates - Portal Gates to Coverage Reports Purpose Covergates is to make the easiest way to setup a self-hosted coverage report service. It's an al

Covergates 50 Aug 4, 2022
The Single Sign-On Multi-Factor portal for web apps

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for your applications

Authelia 14.2k Sep 26, 2022
LEO (Low Ethereum Orbit) is an Ethereum Portal Network client.

LEO LEO (Low Ethereum Orbit) is an Ethereum Portal Network client. What makes LEO different from other Portal Network clients is that it uses libp2p f

Valist, Inc. 10 Apr 19, 2022
Portal is a quick and easy command-line file transfer utility from any computer to another 🖥️ 🌌 💻

Portal is a quick and easy command-line file transfer utility from any computer to another ??️ ?? ??

Zino Kader 215 Sep 20, 2022
Reverse-engineered API + SDK for the Amizone Student Portal.

go-amizone go-amizone is a simple and robust Go library and API server for the Amizone student portal. This library is intended to be used as a self-h

Tushar 8 Sep 23, 2022
A codename generator meant for naming software releases.

codename-generator This library written in Golang generates a random code name meant for naming software releases if you run short of inspiration. Cur

Jonathan Gautheron 22 Jun 26, 2022
A BPMN engine, meant to be embedded in Go applications with minim hurdles, and a pleasant developer experience using it.

A BPMN engine, meant to be embedded in Go applications with minim hurdles, and a pleasant developer experience using it. This approach can increase transparency for non-developers.

Martin W. Kirst 62 Sep 20, 2022
Incomplete CRUD/RBAC service meant to be a practice for Go

Incomplete CRUD / RBAC Service in Go The repository name means nothing. But your task is to complete this repository on your own to be a functional CR

Teknologi Umum 5 Nov 9, 2021