mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-10-24 01:04:43 +00:00
104 lines
2.6 KiB
TOML
104 lines
2.6 KiB
TOML
[deception]
|
|
# Used as "Server" HTTP header. Note that reverse proxies may hide this.
|
|
server_name = "nginx"
|
|
|
|
[http]
|
|
# TCP Listener (default)
|
|
bind_addr = "0.0.0.0"
|
|
bind_port = "8080"
|
|
|
|
# header name containing clients real IP, for reverse proxy deployments
|
|
real_ip_header = 'X-Real-IP'
|
|
|
|
# this contains a list of blacklisted useragent strings. (case sensitive)
|
|
# clients with useragents containing any of these strings will receive "Not found" for any requests.
|
|
uagent_string_blacklist = ["Cloudflare-Traffic-Manager", "curl"]
|
|
|
|
# Unix Socket Listener (will override default)
|
|
unix_socket_path = "/var/run/hellpot"
|
|
unix_socket_permissions = "0666"
|
|
use_unix_socket = false
|
|
|
|
[http.router]
|
|
# Toggling this to true will cause all GET requests to match. Forces makerobots = false.
|
|
catchall = true
|
|
# Toggling this to false will prevent creation of robots.txt handler.
|
|
makerobots = true
|
|
# Handlers will be created for these paths, as well as robots.txt entries. Only valid if catchall = false.
|
|
paths = [
|
|
"wp-json/omapp/v1/support",
|
|
"wp-login.php",
|
|
"wp-login",
|
|
"admin",
|
|
"admin.php",
|
|
"admin/login.php",
|
|
"admin/login",
|
|
"admin.asp",
|
|
"admin.aspx",
|
|
"wp-admin",
|
|
"login",
|
|
"xmlrpc.php",
|
|
".env",
|
|
"config.php",
|
|
"config.yaml",
|
|
"config.json",
|
|
"db.php",
|
|
"db.yaml",
|
|
"db.json",
|
|
"admin.yaml",
|
|
"admin.json",
|
|
"user.yaml",
|
|
"user.json",
|
|
"site.yaml",
|
|
"site.json",
|
|
"mysql.php",
|
|
"mysql.yaml",
|
|
"mysql.json",
|
|
"mongodb.php",
|
|
"mongodb.yaml",
|
|
"mongodb.json",
|
|
"sql.php",
|
|
"sql.yaml",
|
|
"sql.json",
|
|
"install.php",
|
|
"setup.php",
|
|
"main.php",
|
|
"test.php",
|
|
"README.md",
|
|
"LICENSE",
|
|
".git",
|
|
".htaccess",
|
|
".htpasswd",
|
|
"server-status",
|
|
"phpinfo.php",
|
|
"info.php",
|
|
"env",
|
|
"config/",
|
|
"admin/config/",
|
|
"admin.php/config/",
|
|
"admin.asp/config/",
|
|
"admin.aspx/config/",
|
|
"phpmyadmin",
|
|
"pma",
|
|
"dbadmin",
|
|
"mysql",
|
|
"myadmin",
|
|
"phpmyadmin2"
|
|
]
|
|
|
|
[logger]
|
|
# verbose (-v)
|
|
debug = true
|
|
# extra verbose (-vv)
|
|
trace = false
|
|
# JSON log files will be stored in the below directory.
|
|
directory = "/var/log/hellpot/"
|
|
# disable all color in console output. when using Windows this will default to true.
|
|
nocolor = true
|
|
# toggles the use of the current date as the names for new log files.
|
|
use_date_filename = false
|
|
|
|
[performance]
|
|
# max_workers is only valid if restrict_concurrency is true
|
|
max_workers = 256
|
|
restrict_concurrency = false
|