This week only. Pastebin PRO Accounts Christmas Special! Don't miss out!Want more features on Pastebin? Sign Up, it's FREE!
Guest

Untitled

By: a guest on Feb 13th, 2013  |  syntax: PHP  |  size: 1.39 KB  |  views: 220  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
This paste has a previous version, view the difference. Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. /*
  2.  * .htaccess
  3.  */
  4. <FilesMatch "^honeypot_image.png$">
  5.         AddType application/x-httpd-php .png
  6. </FilesMatch>
  7.  
  8. /*
  9.  * honeypot_image.png
  10.  */
  11. <?php
  12. // We're an image. Really!
  13. header("Content-type: image/png");
  14.  
  15. // Only do the logging for the desired IP.
  16. if ($_SERVER['REMOTE_ADDR'] == "1.2.3.4") {
  17.  
  18.         // Log file location - use pid as name.
  19.         $log = "path/to/log/" . getmypid() . ".log";
  20.  
  21.         // When?
  22.         $result = date("d.m.Y H:i:s T") . "\n\n";
  23.        
  24.         // From where?
  25.         $result .= "Client Port: {$_SERVER['REMOTE_PORT']}\n\n";
  26.        
  27.         // Maybe whatever it is handles cookies, then it might have interesting session data
  28.         session_start();
  29.         $result .= "Current Session: " . print_r($_SESSION, true) . "\n\n";
  30.         // ... and interesting cookies, too. :)
  31.         $result .= "Cookies: " . print_r($_COOKIE, true) . "\n\n";
  32.  
  33.         // Catch all running processes
  34.         $result .= shell_exec("ps aux") . "\n\n";
  35.        
  36.         // Get all connections including handling processes.
  37.         // (Requires netstat to be run as root, a temporary suid root helps)
  38.         $result .= shell_exec("netstat -anp") . "\n\n";
  39.        
  40.         // Grab the server status. If it's an apache process, we get the script that way.
  41.         // (needs mod_status)
  42.         $result .= shell_exec("lynx -dump http://1.2.3.4/server-status"). "\n\n";
  43.  
  44.         // Write to disk.
  45.         file_put_contents($log, $result, FILE_APPEND);
  46. }
  47.  
  48. // Didn't I say we're an image? :)
  49. echo file_get_contents("the_real_image.png");
clone this paste RAW Paste Data