PHP-ShockPot is a small honeypot aimed at showing you the interesting attempts made trying to exploit your host using the now famous "Shellshock" (also known as bashbug) bug.
The 'honeypot' itself is simply a Laravel 4 application, listening on any url, checking the request headers for the presence of () {. Once this is present, its logged to a sqlite database. You can easily change this to a different database instance, provided that you configure app/config/database.php accordingly.
Installation should be relatively fast. Most of the steps are very well documented elsewhere on the interwebz, but this should serve as small guideline:
- Clone the repository with
git clone https://github.com/leonjza/PHP-ShockPot.git. - Setup a web server (Apache/Nginx doesn't matter) to serve the contents of the
public/folder to the world. - Ensure the web server can write to the
storage/directory. - Run the database migrations with
php artisan migrate. - Get composer installed and run
composer installto install all of the required dependencies. - Test by browsing to your instance!