honeyweb-core 2.0.4 → 2.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/detection/whitelist.js
CHANGED
|
@@ -6,7 +6,7 @@ const DNSVerifier = require('../utils/dns-verify');
|
|
|
6
6
|
// Known legitimate bots with their domain patterns
|
|
7
7
|
const KNOWN_BOTS = {
|
|
8
8
|
'Googlebot': {
|
|
9
|
-
patterns: [/Googlebot/i],
|
|
9
|
+
patterns: [/Googlebot/i, /Google-InspectionTool/i],
|
|
10
10
|
domains: ['googlebot.com', 'google.com']
|
|
11
11
|
},
|
|
12
12
|
'Bingbot': {
|
|
@@ -78,6 +78,7 @@ class BotWhitelist {
|
|
|
78
78
|
}
|
|
79
79
|
|
|
80
80
|
// Verify with DNS
|
|
81
|
+
let lastError = null;
|
|
81
82
|
for (const domain of botInfo.domains) {
|
|
82
83
|
const verification = await this.dnsVerifier.verify(ip, domain);
|
|
83
84
|
|
|
@@ -89,14 +90,17 @@ class BotWhitelist {
|
|
|
89
90
|
hostname: verification.hostname
|
|
90
91
|
};
|
|
91
92
|
}
|
|
93
|
+
lastError = verification.error;
|
|
92
94
|
}
|
|
93
95
|
|
|
94
96
|
// User-Agent claims to be bot but DNS verification failed
|
|
97
|
+
console.warn(`[BotWhitelist] DNS verification failed for ${botName} (IP: ${ip}): ${lastError}`);
|
|
95
98
|
return {
|
|
96
99
|
isLegitimate: false,
|
|
97
100
|
botName: `Fake ${botName}`,
|
|
98
101
|
verified: false,
|
|
99
|
-
reason: 'DNS verification failed'
|
|
102
|
+
reason: 'DNS verification failed',
|
|
103
|
+
dnsError: lastError
|
|
100
104
|
};
|
|
101
105
|
}
|
|
102
106
|
}
|
package/middleware/dashboard.js
CHANGED
|
@@ -90,6 +90,7 @@ function createDashboard(config, storage, botTracker, detector, events) {
|
|
|
90
90
|
const stats = await storage.getStats();
|
|
91
91
|
const detectionStats = detector.getStats();
|
|
92
92
|
const botVisits = botTracker.getAllVisits();
|
|
93
|
+
console.log('[Debug] Current Bot Visits:', botVisits);
|
|
93
94
|
const botStats = botTracker.getStats();
|
|
94
95
|
|
|
95
96
|
const html = `<!DOCTYPE html>
|
|
@@ -3,6 +3,7 @@ function createRequestAnalyzer(config, storage, botTracker, detector, aiAnalyzer
|
|
|
3
3
|
|
|
4
4
|
return async function analyzeRequest(req, res, next) {
|
|
5
5
|
const clientIP = req.ip || req.connection.remoteAddress;
|
|
6
|
+
console.log(`[RequestAnalyzer] ${req.method} ${req.path} | IP: ${clientIP} | UA: ${req.headers['user-agent']}`);
|
|
6
7
|
const analysis = await detector.analyze(req, clientIP);
|
|
7
8
|
|
|
8
9
|
// Legitimate bots skip all checks
|
package/package.json
CHANGED
package/utils/dns-verify.js
CHANGED
|
@@ -9,12 +9,15 @@ class DNSVerifier {
|
|
|
9
9
|
}
|
|
10
10
|
|
|
11
11
|
async verify(ip, expectedDomain) {
|
|
12
|
-
|
|
12
|
+
// Normalize IPv4-mapped IPv6 addresses (::ffff:x.x.x.x -> x.x.x.x)
|
|
13
|
+
const normalizedIP = ip.replace(/^::ffff:/i, '');
|
|
14
|
+
|
|
15
|
+
const cacheKey = `${normalizedIP}:${expectedDomain}`;
|
|
13
16
|
if (this.cache.has(cacheKey)) return this.cache.get(cacheKey);
|
|
14
17
|
|
|
15
18
|
try {
|
|
16
19
|
// Reverse DNS: IP -> hostname
|
|
17
|
-
const hostnames = await dns.reverse(
|
|
20
|
+
const hostnames = await dns.reverse(normalizedIP);
|
|
18
21
|
|
|
19
22
|
if (!hostnames || hostnames.length === 0) {
|
|
20
23
|
const result = { verified: false, hostname: null, error: 'No reverse DNS record found' };
|
|
@@ -33,7 +36,7 @@ class DNSVerifier {
|
|
|
33
36
|
// Forward DNS: hostname -> IP (verification)
|
|
34
37
|
const addresses = await dns.resolve4(hostname);
|
|
35
38
|
|
|
36
|
-
if (!addresses.includes(
|
|
39
|
+
if (!addresses.includes(normalizedIP)) {
|
|
37
40
|
const result = { verified: false, hostname, error: 'Forward DNS does not match original IP' };
|
|
38
41
|
this.cache.set(cacheKey, result);
|
|
39
42
|
return result;
|