chrissewell/DECEIVE
1
0
Fork 0
mirror of https://github.com/ChrisSewell/DECEIVE.git synced 2025-07-01 18:47:28 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source 
Added more info about the `details` and `interactive` fields to logging section.
This commit is contained in:
DavidJBianco
2025-02-05 06:41:16 -05:00
committed by GitHub
parent dba537c58f
commit fd0d8a78fc
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -93,8 +93,8 @@ Things to note:
* `Session summary` * `Session summary`
* `SSH connection closed` * `SSH connection closed`
* Several of these message types also feature a `details` field with additional information * Several of these message types also feature a `details` field with additional information
* `User input` messages contain a base64-encoded copy of the entire user input * `User input` messages contain a base64-encoded copy of the entire user input in the `details` field, as well as an `interactive` field (true/false) that tells you whether this was an interactive or non-interactive command (i.e., whether they logged in with a terminal session or provided a command on the SSH command-line).
* `LLM response` messages contain a base64-encoded copy of the entire simulated response * `LLM response` messages contain a base64-encoded copy of the entire simulated response in the `details` field.
* `Session summary` messages contain not only a summary of the commands, but also a guess as to what they might have been intended to accomplish. There will also be a `judgement` field that contains one of "BENIGN", "SUSPICIOUS", or "MALICIOUS" * `Session summary` messages contain not only a summary of the commands, but also a guess as to what they might have been intended to accomplish. There will also be a `judgement` field that contains one of "BENIGN", "SUSPICIOUS", or "MALICIOUS"
* Since this is a honeypot and not intended for use by real users, IT WILL LOG USERNAMES AND PASSWORDS! These are found in the `Authentication success` messages, in the `username` and `password` fields. * Since this is a honeypot and not intended for use by real users, IT WILL LOG USERNAMES AND PASSWORDS! These are found in the `Authentication success` messages, in the `username` and `password` fields.
@ -102,4 +102,4 @@ Things to note:
Contributions are welcome! Please submit pull requests or open issues to discuss any changes or improvements. Contributions are welcome! Please submit pull requests or open issues to discuss any changes or improvements.
### License ### License
This project is licensed under the MIT License. See the LICENSE file for details. This project is licensed under the MIT License. See the LICENSE file for details.