Hey friends! Today we're taking a second look at ADHD - Active Defense Harbinger Distribution - a cool VM full of tools designed to annoy/attribute/attack pesky attackers! The tools covered today include:

PHP-HTTP-TARPIT

A tool to confuse and waste bot/scanner/hacker time. Grab it here and check out our setup instructions:

 sudo git clone https://github.com/msigley/PHP-HTTP-Tarpit.git /opt/tarpit cd /opt/tarpit sudo mv la_brea.php /var/www/html/index.php cd /var/www/html/  # Delete the default HTMLM files that are there sudo rm DEFAULT .HTML FILES  # Start/restart apache2 sudo service apache2 stop sudo service apache2 start  # It's easier to see PHP-HTTP-TARPIT in action from command line: curl -i http://IP.RUNNING.THE.TARPIT 

Spidertrap

This tool tangles Web visitors in a never-ending maze of pages with links!

 sudo git clone https://github.com/adhdproject/spidertrap.git /opt/spidertrap cd /opt/spidertrap  # Open spidertrap.py and change listening port from 8080 to 80 sudo nano spidertrap.py  # Run the trap sudo python3 spidertrap.py 

Weblabyrinth

This tool presents visitors with a blurb of text from Alice in Wonderland. That text has links that takes them to...you guessed it...more Alice in Wonderland excerpts! I especially like that if you visit ANY folder or link inside Weblabyrinth, content is served (return code 200 for anything and everything).

I had problems getting this running on a fresh Kali box so it's probably better to run right off the ADHD distro using their instructions.

Further episodes of 7 Minute Security

Further podcasts by Brian Johnson

Website of Brian Johnson