Merge branch 'main' into development

.github/workflows/release-command.yml

@@ -27,7 +27,7 @@ jobs:
             goos: windows
     steps:
     - uses: actions/checkout@v4
-    - uses: wangyoucao577/go-release-action@v1.42
+    - uses: wangyoucao577/go-release-action@v1.47
       with:
         github_token: ${{ secrets.GITHUB_TOKEN }}
         goos: ${{ matrix.goos }}
@@ -40,8 +40,10 @@ jobs:
         pre_command: export CGO_ENABLED=0
         ldflags: -s -w -X main.version=${{ github.event.inputs.tag }}
         release_tag: ${{ github.event.inputs.tag }}
+        md5sum: FALSE
+        sha256sum: TRUE
     - name: Add reaction
-      uses: peter-evans/create-or-update-comment@v3
+      uses: peter-evans/create-or-update-comment@v4
       with:
         token: ${{ secrets.PAT }}
         repository: ${{ github.event.inputs.repository }}

.github/workflows/trigger.yml

@@ -8,7 +8,7 @@ jobs:
     steps:
       - name: Slash Command Dispatch
         id: scd
-        uses: peter-evans/slash-command-dispatch@v3
+        uses: peter-evans/slash-command-dispatch@v4
         with:
           token: ${{ secrets.PAT }}
           commands: |

README.md

@@ -1,20 +1,20 @@
 # HellPot
-   
-   [![GoDoc](https://godoc.org/github.com/yunginnanet/HellPot?status.svg)](https://godoc.org/github.com/yunginnanet/HellPot) [![Go Report Card](https://goreportcard.com/badge/github.com/yunginnanet/HellPot)](https://goreportcard.com/report/github.com/yunginnanet/HellPot) [![IRC](https://img.shields.io/badge/ircd.chat-%23tcpdirect-blue.svg)](ircs://ircd.chat:6697/#tcpdirect) [![Mentioned in Awesome Honeypots](https://awesome.re/mentioned-badge.svg)](https://github.com/paralax/awesome-honeypots)
-   
-## Summary  
-  
+
+[![GoDoc](https://godoc.org/github.com/yunginnanet/HellPot?status.svg)](https://godoc.org/github.com/yunginnanet/HellPot) [![Go Report Card](https://goreportcard.com/badge/github.com/yunginnanet/HellPot)](https://goreportcard.com/report/github.com/yunginnanet/HellPot) [![IRC](https://img.shields.io/badge/ircd.chat-%23tcpdirect-blue.svg)](ircs://ircd.chat:6697/#tcpdirect) [![Mentioned in Awesome Honeypots](https://awesome.re/mentioned-badge.svg)](https://github.com/paralax/awesome-honeypots)
+
+## Summary
+
 HellPot is an endless honeypot based on [Heffalump](https://github.com/carlmjohnson/heffalump) that sends unruly HTTP bots to hell.
 
 Notably it implements a [toml configuration file](https://github.com/spf13/viper), has [JSON logging](https://github.com/rs/zerolog), and comes with significant performance gains.
-  
- ![Exploding Heffalump](https://tcp.ac/i/H8O9M.gif)
+
+![Exploding Heffalump](https://tcp.ac/i/H8O9M.gif)
 
 ## Grave Consequences
 
-Clients (hopefully bots) that disregard `robots.txt` and connect to your instance of HellPot will **suffer eternal consequences**. 
+Clients (hopefully bots) that disregard `robots.txt` and connect to your instance of HellPot will **suffer eternal consequences**.
 
-HellPot will send an infinite stream of data that is *just close enough* to being a real website that they might just stick around until their soul is ripped apart and they cease to exist.
+HellPot will send an infinite stream of data that is _just close enough_ to being a real website that they might just stick around until their soul is ripped apart and they cease to exist.
 
 Under the hood of this eternal suffering is a markov engine that chucks bits and pieces of [The Birth of Tragedy (Hellenism and Pessimism)](https://www.gutenberg.org/files/51356/51356-h/51356-h.htm) by Friedrich Nietzsche at the client using [fasthttp](https://github.com/valyala/fasthttp).
 
@@ -30,15 +30,15 @@ HellPot uses [go modules](https://go.dev/blog/using-go-modules). This should mak
 
 4 ) `make`
 
-5 ) *Consider the potential grave consequences of your actions.*
+5 ) _Consider the potential grave consequences of your actions._
 
 ## Usage
 
 ### YOLO Method:
 
-In the event of a missing configuration file, HellPot will attempt to place it's default config in **$HOME/.config/HellPot/config.toml**. This allows irresponsible souls to begin raining hellfire with ease, ***immediately***:
+In the event of a missing configuration file, HellPot will attempt to place it's default config in **$HOME/.config/HellPot/config.toml**. This allows irresponsible souls to begin raining hellfire with ease, **_immediately_**:
 
-1 ) Download a [compiled release](https://github.com/yunginnanet/HellPot/releases/latest) 
+1 ) Download a [compiled release](https://github.com/yunginnanet/HellPot/releases/latest)
 
 2 ) Run binary and immedidately begin sending clients directly to hell.
 
@@ -58,7 +58,7 @@ In the event of a missing configuration file, HellPot will attempt to place it's
 
 666 ) 𝙏͘͝𝙝̓̓͛𝙚͑̈́̀ 𝙨͆͠͝𝙠͑̾͌𝙮̽͌͆ 𝙞̓̔̔𝙨͒͐͝ 𝙛͑̈́̚𝙖͛͒𝙡͑͆̽𝙡̾̚̚𝙞͋̒̒𝙣̾͛͝𝙜͒̒̀.́̔͝​
 
-## Configuration Reference 
+## Configuration Reference
 
 ```toml
 [deception]
@@ -70,7 +70,7 @@ In the event of a missing configuration file, HellPot will attempt to place it's
   bind_addr = "127.0.0.1"
   bind_port = "8080"
 
-  # header name containing clients real IP, for reverse proxy deployments  
+  # header name containing clients real IP, for reverse proxy deployments
   real_ip_header = 'X-Real-IP'
 
   # this contains a list of blacklisted useragent strings. (case sensitive)
@@ -95,7 +95,7 @@ In the event of a missing configuration file, HellPot will attempt to place it's
   debug = true
   # extra verbose (-vv)
   trace = false
-  # JSON log files will be stored in the below directory. 
+  # JSON log files will be stored in the below directory.
   directory = "/home/kayos/.local/share/HellPot/logs/"
   # disable all color in console output. when using Windows this will default to true.
   nocolor = false
@@ -107,31 +107,31 @@ In the event of a missing configuration file, HellPot will attempt to place it's
   max_workers = 256
   restrict_concurrency = false
 ```
-
 
-## Example Web Server Config (nginx)  
-    
+## Example Web Server Config (nginx)
+
 ```nginx
 location '/robots.txt' {
 	proxy_set_header Host $host;
 	proxy_set_header X-Real-IP $remote_addr;
 	proxy_pass http://127.0.0.1:8080$request_uri;
-}  
+}
 
 location '/wp-login.php' {
 	proxy_set_header Host $host;
 	proxy_set_header X-Real-IP $remote_addr;
 	proxy_pass http://127.0.0.1:8080$request_uri;
 }
 ```
-## Example Web Server Config (apache)  
+
+## Example Web Server Config (apache)
 
 All nonexisting URLs are being reverse proxied to a HellPot instance on localhost, which is set to catchall. Traffic served by HellPot is rate limited to 5 KiB/s.
 
-* Create your normal robots.txt and usual content. Also create the fake Errordocument directory and files (files can be empty). In the example, the directory is "/content/"
-* A request on a URL with an existing handler (f.e. a file) will be handled by apache
-* Requests on nonexisting URLs cause a HTTP Error 404, which content is served by HellPot
-* URLs under the "/.well-known/" suffix are excluded.
+- Create your normal robots.txt and usual content. Also create the fake Errordocument directory and files (files can be empty). In the example, the directory is "/content/"
+- A request on a URL with an existing handler (f.e. a file) will be handled by apache
+- Requests on nonexisting URLs cause a HTTP Error 404, which content is served by HellPot
+- URLs under the "/.well-known/" suffix are excluded.
 
 ```apache
 <VirtualHost yourserver>
@@ -160,3 +160,8 @@ All nonexisting URLs are being reverse proxied to a HellPot instance on localhos
 
 </VirtualHost>
 ```
+
+## Related Suffering
+
+- https://github.com/ginger51011/pandoras_pot
+  - A HellPot inspired HTTP honeypot to punish and educate unruly web crawlers, written in Rust (🚀)

go.mod

@@ -3,13 +3,13 @@ module github.com/yunginnanet/HellPot
 go 1.19
 
 require (
-	git.tcp.direct/kayos/common v0.9.6
+	git.tcp.direct/kayos/common v0.9.7
 	github.com/fasthttp/router v1.4.22
-	github.com/rs/zerolog v1.31.0
+	github.com/rs/zerolog v1.32.0
 	github.com/spf13/afero v1.11.0
 	github.com/spf13/viper v1.18.2
 	github.com/valyala/fasthttp v1.51.0
-	golang.org/x/term v0.16.0
+	golang.org/x/term v0.17.0
 )
 
 require (
@@ -33,7 +33,7 @@ require (
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
 	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
-	golang.org/x/sys v0.16.0 // indirect
+	golang.org/x/sys v0.17.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect

go.sum

@@ -1,5 +1,5 @@
-git.tcp.direct/kayos/common v0.9.6 h1:EITtktxZF/zkzqAhZZxvm6cZpFYoZ0P/gLB9RPatKUY=
-git.tcp.direct/kayos/common v0.9.6/go.mod h1:8y9b+PN1+ZVaQ/VugD9dkKe+uqhE8jH7a64RyF7h2rM=
+git.tcp.direct/kayos/common v0.9.7 h1:k2k3fvvEFN9JV+0nyVWLoV8cGRDAhS/8ECO9tEKN+to=
+git.tcp.direct/kayos/common v0.9.7/go.mod h1:mmTOIi7k99yygTa1FSOZNoFEEbSTOQV/QpTLUaQU9Tk=
 github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs=
 github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
 github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
@@ -35,8 +35,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
 github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
 github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
-github.com/rs/zerolog v1.31.0 h1:FcTR3NnLWW+NnTwwhFWiJSZr4ECLpqCm6QsEnyvbV4A=
-github.com/rs/zerolog v1.31.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
+github.com/rs/zerolog v1.32.0 h1:keLypqrlIjaFsbmJOBdB/qvyF8KEtCWHwobLp5l/mQ0=
+github.com/rs/zerolog v1.32.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
 github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
 github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
 github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE=
@@ -76,10 +76,10 @@ golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqR
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
-golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE=
-golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
+golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
+golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

internal/config/config.go

@@ -133,11 +133,12 @@ func loadCustomConfig(path string) {
 func processOpts() {
 	// string options and their exported variables
 	stringOpt := map[string]*string{
-		"http.bind_addr":        &HTTPBind,
-		"http.bind_port":        &HTTPPort,
-		"http.real_ip_header":   &HeaderName,
-		"logger.directory":      &logDir,
-		"deception.server_name": &FakeServerName,
+		"http.bind_addr":             &HTTPBind,
+		"http.bind_port":             &HTTPPort,
+		"http.real_ip_header":        &HeaderName,
+		"logger.directory":           &logDir,
+		"logger.console_time_format": &ConsoleTimeFormat,
+		"deception.server_name":      &FakeServerName,
 	}
 	// string slice options and their exported variables
 	strSliceOpt := map[string]*[]string{

internal/config/defaults.go

@@ -6,6 +6,7 @@ import (
 	"os"
 	"path"
 	"runtime"
+	"time"
 
 	"github.com/spf13/afero"
 )
@@ -29,11 +30,12 @@ var (
 
 var defOpts = map[string]map[string]interface{}{
 	"logger": {
-		"debug":             true,
-		"trace":             false,
-		"nocolor":           defNoColor,
-		"use_date_filename": true,
-		"docker_logging":    false,
+		"debug":               true,
+		"trace":               false,
+		"nocolor":             defNoColor,
+		"use_date_filename":   true,
+		"docker_logging":      false,
+		"console_time_format": time.Kitchen,
 	},
 	"http": {
 		"use_unix_socket":         false,

internal/config/globals.go

@@ -1,6 +1,8 @@
 package config
 
-import "runtime/debug"
+import (
+	"runtime/debug"
+)
 
 // Title is the name of the application used throughout the configuration process.
 const Title = "HellPot"
@@ -39,6 +41,8 @@ var (
 	// CatchAll when true will cause HellPot to respond to all paths.
 	// Note that this will override MakeRobots.
 	CatchAll bool
+	// ConsoleTimeFormat sets the time format for the console. The string is passed to time.Format() down the line.
+	ConsoleTimeFormat string
 )
 
 // "http"

internal/config/logger.go

@@ -59,7 +59,7 @@ func StartLogger(pretty bool, targets ...io.Writer) zerolog.Logger {
 	var logWriter = logFile
 
 	if pretty {
-		logWriter = zerolog.MultiLevelWriter(zerolog.ConsoleWriter{NoColor: NoColor, Out: os.Stdout}, logFile)
+		logWriter = zerolog.MultiLevelWriter(zerolog.ConsoleWriter{TimeFormat: ConsoleTimeFormat, NoColor: NoColor, Out: os.Stdout}, logFile)
 	}
 
 	logger = zerolog.New(logWriter).With().Timestamp().Logger()