Comments (4)
adarshdinesh
commented on July 4, 2024
Can you please provide some more information regarding this issue ?
from glastopf.
glaslos
commented on July 4, 2024
An attack against a web application usually has a path that reveals the application targeted. E.g. if we see something like /wp_admin/index.php?user=<script>alert("foo");</script> we can tell that the attacker is targeting a Wordpress vulnerability.
As I see Glastopf more as a data collection tool, we might also think about implementing this on top of hpfeeds or mnemosyne.
A good starting point would be to look at tools doing web application recognition. They usually crawl the web app and look for known path names.
from glastopf.
adarshdinesh
commented on July 4, 2024
My ideas ....
- glastopf/modules/HTTP has got all the functions to extract contents from request.
- check whether the request type is GET , parse all the data fields and the headers from GET request.
- get the url and split it till the '=' .
- either search the google with some dorks(use urllib2 to automate the search) or make a crawler which check the web apps for the specific urls.
- suppose we found the attacker is aiming the wordpress app then we use a wordpress login template as honeypot to fool the attacker .
Please correct me if i am on the wrong path :-)
- here i consider GET request only because u use a GET request as an example "/wp_admin/index.php?user=<script>alert("foo");</script>" , should we check the same for POST request ?
from glastopf.
glaslos
commented on July 4, 2024
Hm, I wouldn't reinvent the wheel. Maybe something like this: http://blindelephant.sourceforge.net/
from glastopf.
Related Issues (20)
- hpfeeds wont shut off HOT 2
- How to make my own web template? HOT 8
- php-dev HOT 1
- error [98] Address already in use HOT 1
- Bugged behavior of wsgi_wrapper.py HOT 3
- row size too large HOT 1
- make && make install error HOT 2
- Glastop does not work with HTTPS traffic HOT 5
- there is a vulnerability of Server-Side Request Forgery HOT 13
- sql injection HOT 1
- How to disenable s3 log ?
- Install Glastopf failed HOT 4
- Help! Where does glastopf store comments? HOT 6
- Potential dependency conflicts between glastopf and chardet HOT 3
- Giving ImportError : No module named ordered_dict HOT 2
- Segmentation Fault on glastopf-runner HOT 2
- not work with docker...GPG with invalid signatures... HOT 1
- Does this glastopf provide for sql injection attack detection? HOT 3
- Dockerfile Error HOT 2
- Filtering Non-Invasive Behaviors in Glastopf Reports to MHN HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from glastopf.