HoneyUp

An uploader honeypot designed to look like poor website security.

Build using cargo build --release.
Log into your server and create a honeyup user with a home directory.
Upload/copy the contents of this repo to your honeyup user's home /home/honeyup.
Copy the honeyup binary from target/release/ to /home/honeyup/.
Edit res/config.env.txt to make it believable (add some canary tokens too).
Upload/copy the systemd service descriptor from conf/honeyup.service to /etc/systemd/system/honeyup.service.
Reload all systemd service descriptors systemctl daemon-reload.
Ensure any currently served sites do not use the /uploads path.
Add the contents of conf/nginx_snippet.conf to your NGiNX config just above your server's location blocks.
Reload the NGiNX config with systemctl reload nginx.
Enable and start the honeyup service systemctl enable honeyup & systemctl start honeyup.
Browse to /uploads on your website and use upload.php to upload some dummy/bait files.

Be sure to check up on the uploaded_files folder often to be sure you aren't hosting somebody's malware.

You will need Docker and docker-compose for this

Clone the repository git clone https://github.com/LogoiLab/honeyup.git
The docker-compose.yml file has a couple of environment variables you will want to set. The APP_ID, AWS_ACCESS_KEY_ID, and AWS_SECRET_ACCESS_KEY will be set with a service like Canary Tokens. The SMTP, ADDRESS, and PASSWORD variables are used to make your honeyup look more reputable as a vulnerable server. Finally, please set the /path/to/uploaded_files as a location outside the container where you would like the uploaded files to be stored
Run docker-compose up -d in the honeyup directory
Done!

The container will listen on port 4000 unless specified otherwise.