Hey friends! Today we’re taking a second look at ADHD – Active Defense Harbinger Distribution – a cool VM full of tools designed to annoy/attribute/attack pesky attackers! The tools covered today include:

PHP-HTTP-TARPIT

A tool to confuse and waste bot/scanner/hacker time. Grab it here and check out our setup instructions:

sudo git clone https://github.com/msigley/PHP-HTTP-Tarpit.git /opt/tarpit
cd /opt/tarpit
sudo mv la_brea.php /var/www/html/index.php
cd /var/www/html/

# Delete the default HTMLM files that are there
sudo rm DEFAULT .HTML FILES

# Start/restart apache2
sudo service apache2 stop
sudo service apache2 start

# It's easier to see PHP-HTTP-TARPIT in action from command line:
curl -i http://IP.RUNNING.THE.TARPIT

Spidertrap

This tool tangles Web visitors in a never-ending maze of pages with links!

sudo git clone https://github.com/adhdproject/spidertrap.git /opt/spidertrap
cd /opt/spidertrap

# Open spidertrap.py and change listening port from 8080 to 80
sudo nano spidertrap.py

# Run the trap
sudo python3 spidertrap.py

Weblabyrinth

This tool presents visitors with a blurb of text from Alice in Wonderland. That text has links that takes them to…you guessed it…more Alice in Wonderland excerpts! I especially like that if you visit ANY folder or link inside Weblabyrinth, content is served (return code 200 for anything and everything).

I had problems getting this running on a fresh Kali box so it’s probably better to run right off the ADHD distro using their instructions.

Tags: blue team, honeypot

Written by: Brian Johnson

Share on socials:

7MS #575: Annoying Attackers with ADHD – Part 2

PHP-HTTP-TARPIT

Spidertrap

Weblabyrinth

Recent Posts:

7MS #621: Eating the Security Dog Food – Part 6

7MS #620: Securing Your Mental Health – Part 5

7MS #619: Tales of Pentest Pwnage – Part 56

About Us

Services

Resources