bump hellpot to 0.3 and train config for CVE-2021-39341

2025-07-02 01:27:27 -04:00 · 2021-11-01 13:36:44 +00:00
parent ea624351b5
commit db74c610ad
3 changed files with 27 additions and 37 deletions
--- a/docker/hellpot/dist/config.toml
+++ b/docker/hellpot/dist/config.toml
@ -1,10 +1,23 @@
-name = "HellPot 0.1"
-
 [http]
  bind_addr = "0.0.0.0"
  bind_port = "8080"
-  paths = ["wp-login.php","wp-login"]
+  paths = ["wp-login.php","wp-login","wp-json/omapp/v1/support"]
+
+  # Unix Socket Listener (will override default)
+  use_unix_socket = false
+  unix_socket = "/var/run/hellpot"

 [logger]
  debug = true
  log_directory = "/var/log/hellpot/"
+  nocolor = true
+  use_date_filename = false
+
+[performance]
+  # max_workers is only valid if restrict_concurrency is true
+  restrict_concurrency = false
+  max_workers = 256
+  
+[deception]
+  # Used as "Server: " header (if not proxied)
+  server_name = "nginx"