Jon Heise jheise

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                jheise
                / keybase.md
            
            
              Created
              August 22, 2016 19:55
            
          
    Keybase proof

I hereby claim:

I am jheise on github.
I am jheise (https://keybase.io/jheise) on keybase.
I have a public key ASC3toAaqW_TUaYXJTqrtDIN86bFrcg7KOCGytrbUxE6Nwo

To claim this, I am signing this object:

  
## simple-http-server.go
import (
  "net/http"
  "fmt"
)

func handleIndex(w http.ResponseWriter, req *http.Request) {
  fmt.Fprintf(w, "hello\n")
}

func main() {

## req_data.go
type Record struct {
  RemoteAddr string `json:"remoteaddr"`
  Method string `json:"method"`
  RequestURI string `json:"requesturi"`
  Headers http.Header `json:"headers"`
  UserAgent string `json:"UserAgent"`
  PostForm url.Values `json:"postform"`
  EventTime uint64 `json:"eventtime"`
  HoneypotName string `json:"honeypotname"`
}

## log_req.go
func LogRecord(r Record) error {
  r_json, err := json.Marshal(r)
  if err != nil {
    return err
  }
  logger.Println(string(r_json))

  return nil
}

## honeypot.go
package main

import (
	"encoding/json"
	"fmt"
	"log"
	"net/http"
	"net/url"
	"os"
	"time"

## top10ip.csv

          
            IP Address
             Number of hits
             OTX info

            
              156.200.107.242
              998
               https://otx.alienvault.com/indicator/ip/156.200.107.242

            
              185.254.196.115
              986
               https://otx.alienvault.com/indicator/ip/185.254.196.115

            
              193.106.191.48
              370
               https://otx.alienvault.com/indicator/ip/193.106.191.48

            
              109.237.103.38
              240
               https://otx.alienvault.com/indicator/ip/109.237.103.38

            
              135.125.246.110
              234
               https://otx.alienvault.com/indicator/ip/135.125.246.110.234

            
              135.125.217.54
              224
               https://otx.alienvault.com/indicator/ip/135.125.217.54

            
              109.237.103.123
              222
               https://otx.alienvault.com/indicator/ip/109.237.103.123

            
              18.223.43.198
              160
               https://otx.alienvault.com/indicator/ip/18.223.43.198

            
              18.207.141.57
              160
               https://otx.alienvault.com/indicator/ip/18.207.141.57

## top10url.csv

          
            URL
             Number of hits

            
              /
              2179

            
              /.env
              1253

            
              /.aws/credentials
              112

            
              /.aws/config
              102

            
              /editBlackAndWhiteList
              89

            
              /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
              69

            
              /public/.env
              58

            
              /public/.aws/credentials
              50

            
              /aws/credentials
              50

## wlan1
allow-hotplug wlan1

iface wlan1 inet static
  address 10.13.37.1
  netmask 255.255.255.0

## hostapd.conf
interface=wlan1

#If this fails, try rt1871xdrv a
#driver=rtl8821au

# Name of the new network: best use the hostname
ssid=DefCon-Open

# Pick a channel not already in use
channel=6

## dhcpd.conf
# dhcpd.conf

option domain-name-servers 10.13.37.1;
default-lease-time 600;
max-lease-time 7200;
ddns-update-style none;
authoritative;
log-facility local7;

subnet 10.13.37.0 netmask 255.255.255.0 {
	import (
	"net/http"
	"fmt"
	)

	func handleIndex(w http.ResponseWriter, req *http.Request) {
	fmt.Fprintf(w, "hello\n")
	}

	func main() {
	type Record struct {
	RemoteAddr string `json:"remoteaddr"`
	Method string `json:"method"`
	RequestURI string `json:"requesturi"`
	Headers http.Header `json:"headers"`
	UserAgent string `json:"UserAgent"`
	PostForm url.Values `json:"postform"`
	EventTime uint64 `json:"eventtime"`
	HoneypotName string `json:"honeypotname"`
	}
	func LogRecord(r Record) error {
	r_json, err := json.Marshal(r)
	if err != nil {
	return err
	}
	logger.Println(string(r_json))

	return nil
	}
	package main

	import (
	"encoding/json"
	"fmt"
	"log"
	"net/http"
	"net/url"
	"os"
	"time"
IP Address	Number of hits	OTX info
156.200.107.242	998	https://otx.alienvault.com/indicator/ip/156.200.107.242
185.254.196.115	986	https://otx.alienvault.com/indicator/ip/185.254.196.115
193.106.191.48	370	https://otx.alienvault.com/indicator/ip/193.106.191.48
109.237.103.38	240	https://otx.alienvault.com/indicator/ip/109.237.103.38
135.125.246.110	234	https://otx.alienvault.com/indicator/ip/135.125.246.110.234
135.125.217.54	224	https://otx.alienvault.com/indicator/ip/135.125.217.54
109.237.103.123	222	https://otx.alienvault.com/indicator/ip/109.237.103.123
18.223.43.198	160	https://otx.alienvault.com/indicator/ip/18.223.43.198
18.207.141.57	160	https://otx.alienvault.com/indicator/ip/18.207.141.57
	URL	Number of hits
	/	2179
	/.env	1253
	/.aws/credentials	112
	/.aws/config	102
	/editBlackAndWhiteList	89
	/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php	69
	/public/.env	58
	/public/.aws/credentials	50
	/aws/credentials	50
	allow-hotplug wlan1

	iface wlan1 inet static
	address 10.13.37.1
	netmask 255.255.255.0
	interface=wlan1

	#If this fails, try rt1871xdrv a
	#driver=rtl8821au

	# Name of the new network: best use the hostname
	ssid=DefCon-Open

	# Pick a channel not already in use
	channel=6
	# dhcpd.conf

	option domain-name-servers 10.13.37.1;
	default-lease-time 600;
	max-lease-time 7200;
	ddns-update-style none;
	authoritative;
	log-facility local7;

	subnet 10.13.37.0 netmask 255.255.255.0 {