npm - honeyweb-core - Versions diffs - 1.0.2 → 1.0.3 - Mend

honeyweb-core 1.0.2 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/index.js CHANGED Viewed

@@ -156,6 +156,10 @@ function honeyWeb() {
         if (TRAP_PATHS.includes(req.path)) {
             if (await banIP(clientIP, "Trap Triggered")) {
                 generateThreatReport(clientIP, userAgent, "Reconnaissance", `Accessed trap: ${req.path}`);
+                // detect browser of attacker and other info (hardware?) for logging
             }
             return res.status(403).send('<h1>403 Forbidden</h1>');
         }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "honeyweb-core",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "",
   "main": "index.js",
   "scripts": {

package/index V1.js DELETED Viewed

@@ -1,85 +0,0 @@
-// honeyweb-core/index.js
-const fs = require('fs-extra');
-const path = require('path');
-const cheerio = require('cheerio');
-// File path for storing banned IPs automatically
-const DB_FILE = path.join(__dirname, 'blocked-ips.json');
-// Ensure the JSON file exists on startup
-if (!fs.existsSync(DB_FILE)) {
-    fs.writeJsonSync(DB_FILE, []);
-}
-// Configuration: List of fake trap paths
-// These look like real admin pages to a bot
-const TRAP_PATHS = [
-    '/admin-backup-v2',
-    '/wp-login-hidden',
-    '/db-dump-2024',
-    '/auth/root-access',
-    '/sys/config-safe'
-];
-/**
- * HoneyWeb Middleware
- * Usage: app.use(honeyWeb());
- */
-function honeyWeb() {
-    return async (req, res, next) => {
-        const clientIP = req.ip || req.connection.remoteAddress;
-        // 1. LOAD BANNED LIST
-        let bannedIPs = [];
-        try {
-            bannedIPs = await fs.readJson(DB_FILE);
-        } catch (err) {
-            console.error("HoneyWeb: Error reading blocklist", err);
-        }
-        // 2. CHECK IF IP IS ALREADY BANNED
-        if (bannedIPs.includes(clientIP)) {
-            console.log(`[HoneyWeb] BLOCKED access from banned IP: ${clientIP}`);
-            return res.status(403).send('<h1>403 Forbidden</h1><p>Your IP has been flagged for suspicious activity.</p>');
-        }
-        // 3. CHECK IF TRAP ACCESSED
-        if (TRAP_PATHS.includes(req.path)) {
-            console.log(`[HoneyWeb] 🚨 TRAP TRIGGERED by ${clientIP} on ${req.path}`);
-            // Ban the IP immediately
-            if (!bannedIPs.includes(clientIP)) {
-                bannedIPs.push(clientIP);
-                await fs.writeJson(DB_FILE, bannedIPs);
-            }
-            return res.status(403).send('<h1>403 Forbidden</h1><p>You have accessed a restricted area.</p>');
-        }
-        // 4. INJECT TRAPS INTO HTML RESPONSES
-        const originalSend = res.send;
-        res.send = function (body) {
-            // Only inject if the content is HTML
-            if (typeof body === 'string' && (body.includes('<html') || body.includes('<body'))) {
-                const $ = cheerio.load(body);
-                // Pick a random trap
-                const trapUrl = TRAP_PATHS[Math.floor(Math.random() * TRAP_PATHS.length)];
-                // Create invisible link (Hidden by CSS)
-                const trapLink = `<a href="${trapUrl}" style="opacity:0; position:absolute; z-index:-999; left:-9999px;">Admin Panel</a>`;
-                // Inject into body
-                $('body').append(trapLink);
-                body = $.html();
-            }
-            originalSend.call(this, body);
-        };
-        next();
-    };
-}
-module.exports = honeyWeb;