- Site Template
- WordPress Theme
- Blogging Theme
- CMS Theme
- Marketing Template
- eCommerce Theme
- Forum Theme
- Flash Template
- PSD Web Template
- .NET Script
- PHP Script
- HTML5 Code
- CSS Style
- Edge Animate Template
- Muse Template
- TypeEngine Theme
- Static Site Generator
- Sketch Template
CodeCanyon Fake Admin Honeypot 324637
PHP Script \ Miscellaneous
Injection \ Intruder \ Protect \ Protection \ Security \ Honeypot \ Hacker
PHP Script - Fake Admin Honeypot 324637 by WebPro @ CodeCanyon
PHP Script \ Miscellaneous
Last Update: 4 July 11; Compatible Browsers: IE6, IE7, IE8, IE9, FireFox 2, FireFox 3, Firefox 3.5, Firefox 3.6, Firefox 4, Safari 4, Safari 5, Opera, Chrome 4, Chrome 5; Software Version: PHP 4.x, PHP 5.x, PHP 5.0 - 5.2, PHP 5.3; Files Included: HTML, CSS, PHP.
Fake ADmin Honeypot is a fake /admin directory in your server that mimics a real admin directory (login screen)..
Attackers usually try by trial and error to guess the directory of administration panels (Control panels) in websites. The most common directory being “Admin” or “admin” but you can have as many fake directories as you wish (or use rewrite rules in your htaccess file if you know how to do that).
Attackers will “guess” your admin directory and will be prompted to enter Username and Password. They will try to guess the username and password or even use a bruteforce tool which will run for hours or even days to guess your username and password. They could also try to inject sql sentences in order to gain access.
However, this login screen is a fake login sreen. What it actually does is log everyhing the attacker enters into a log file, including ip address, time date, data, etc. After X times (you can configure the value of X) that the attacker tries to guess the username and password you will receive an email notification with a link to the log file. Moreover, the attacker will be redirected to your website, as if he/she has gained access into your administration zone. However, the attacker will be confused because the site will still look the same, he/she will try to find additional (administrative) options, that won’t be there.
If the attacker tries to go to the admin directory again, the Honeypot is smart enough to know that this attacker is already “logged” into the honeypot so he will be redirected to your main page again and you won’t receive the same notification over and over but just once.
To see this in action, here you can see a photographer portfolio.
if you add “admin” at the end of the url you will be playing the role of the attacker, and you will access to the fake admin area.
Envato Payment Widget; Vote It Up ; AJAX Contact Form Pro + AJAX Admin Panel; Search Term Tracker & Tag Cloud Generator (SEO).
Keywords: Attacker, admin, administration, backend, control panel, fake, hacker, honeypot, injection, intruder, log, protect, protection, security, sql injection.
Android, Builder, Business, Clean, Corporate, Creative, Design, Ecommerce, Email, Fashion, Gallery, Image, Iphone, Jquery, Landing, Magazine, Magento, Marketing, Minimal, Mobile, Modern, Multi, Multipurpose, Parallax, Personal, Photography, Plugin, Portfolio, Product, Responsive, Retina, Simple, Slider, Social, Store, Template, Theme, Video, Woocommerce, Wordpress
Show all tags
Show all tags
- ThemeForest Nomad Business & Coworking Space Theme 18447575
- ThemeForest Pokemgo WordPress Theme for tutorials learning guides tips and tricks 17689202
- CodeCanyon Math Genius 2 Educational HTML5 Game 18438204
- ThemeForest Giraffe Kid Education Learning PSD Template 18417130
- ThemeForest Apolo Premium Photography & Portfolio PSD Template 18422911
- ThemeForest Aviato Multipurpose PSD Template 18420950
- ThemeForest Agora AJAX WooCommerce Theme 17504300
- ThemeForest ZIZOU A Minimalistic Personal Blog 18409050
- ThemeForest Logistic Pro Transport Cargo Online Tracking Booking Portfolio WordPress Theme 17622346
- ThemeForest Kodium Professional Portfolio & Agency Theme 16572789