Diniz Martins
Oct 28, 20201 min
What is a honeypot?
A honeypot is a computer or computer system intended to mimic likely targets of cyberattacks. It can be used to detect attacks or deflect them from a legitimate target. It can also be used to gain information about how cybercriminals operate.
How honeypots work?
The honeypot looks like a real computer system, with applications and data, fooling cybercriminals into thinking it's a legitimate target. Honeypots are made attractive to attackers by building in deliberate security vulnerabilities. For instance, a honeypot might have ports that respond to a port scan or weak passwords. Vulnerable ports might be left open to entice attackers into the honeypot environment, rather than the more secure live network.
About BAP:
BAP is a webservice honeypot that logs HTTP basic authentication credentials in a "parser friendly format"™.
The webservice handles HEAD and GET requests, to which it always responds with 401 WWW-Authenticate: Basic realm="ADMIN". HTTP request methods other than HEAD or GET will result in an error response generated by BaseHTTPServer.
There is no valid username / password for the service. Credentials are only decoded and logged.
Install:
Running:
Web Browser Check:
Logging:
Logfiles are written to the same directory as bap.py - stdout and stderr ends up here.