AntiOnline.com has a new posting over in their forums today concerning the creation of web-based honeypots with GHH.

What is GHH? GHH is the reaction to a new type of malicious web traffic: search engine hackers. GHH is a "Google Hack" honeypot. It is designed to provide reconaissance against attackers that use search engines as a hacking tool against your resources. GHH implements honeypot theory to provide additional security to your web presence.

[...] Mirroring the growth of the Google index, the spread of web-based applications such as message boards and remote administrative tools has resulted in an increase in the number of misconfigured and vulnerable web apps available on the Internet.

These insecure tools, when combined with the power of a search engine and index which Google provides, results in a convenient attack vector for malicious users. It is in your best interest to be knowledgable of, and protect yourself from this threat.

Using this simple set of tools, you can emulate common issues on sites (such as their example - a PHP shell issue), make a trap/honeypot for users attempting to make that request and log any requests for that honeypot. Using simple templates, anyone can quickly and easily set this set of scripts up to catch would-be website hackers.

Thanks to PHPBuilder.com for the link...