If there is something you miss,
it's always the ! behind the #
Create ssl keys for apache2
Description:
The apache2 installation does not generate the needed keys to use https.
You will get an error: SSL_ERROR_RX_RECORD_TO_LONG
You have to generate them by yourself.
Please visit the page thomas-leister.de
honeyd is a low-interaction-honeypot. Please visit http://honeyd.org.
The script is based on apache.sh (by Fabian Bieker) and simulates a vulnerable webmin server.
It sends "/etc/passwd" and "/etc/shadow" if requested.
New: "/session_login.cgi" and "/shell/index.cgi"
stripped images to reduce the number_of_requests ANY comments would be helpful... please write to 'nep ÄT grospolina D0t org'
I still have not solved the problem how to handle the POST "data".
..may be you are able to push me up onto the right way :) thx.
nepenthes collects autonomously spreading malware. Please visit http://nepenthes.sf.net.
The nep_sym_addon.tar.gz archive holds all files needed to implement sym06-10.
The svn release at https://svn.mwcollect.org only binds to port 2967.
This release binds to all ports mentioned in "vuln-sav.conf".
target : DownloadManager.cpp
nepenthes cares about ports > 65535... but why ?
A worm using this issue would not be downloaded by nepenthes
This patch uses modulo to calculate the port.
target : Utilities.cpp
nepenthes stores unknown requests in ./var/hexdumps as binary
All 172 bytes binaries are just logins (bruting or password list based)
I was looking for a way to get rid of them.
My solution adds a few lines below the "zero length ignore" into the ./nepenthes-core/src/Utilities.cpp
All patches or files are for educational purposes only.
We had tested them but nobody is perfect ;).
We will not instruct you how to patch or overwrite.
