benjojo.co.uk

benjojo posted 22 Jun 2024 12:55 +0000

Having this as my default www root page to scare all security auditors to stone

$A Windows XP IE6 window on http://localhost and the page contents is a big windows XP logo saying "Your web service is now running" "Welcome to IIS 5.1" and "to add documents to your default website, save files in C:\inetpub\wwwroot"$

antonis@mastodon.soc.. replied 26 Jun 2024 10:11 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo Set this as your lock screen too:

benjojo replied 26 Jun 2024 13:59 +0000
in reply to: https://mastodon.social/users/antonis/statuses/112682379747418731

@antonis A while back I had the XP bliss wall paper, did raise a few eyebrows on peoples first glance, good times!

benjojo replied 08 Oct 2024 14:03 +0000
in reply to: https://girldick.gay/users/lucy/statuses/113271797015660996

@lucy https://ublog.byme.at/objects/5b33ab25-7130-4d75-b8a5-ffbfc4776d7a

benjojo replied 11 Oct 2024 11:05 +0000
in reply to: https://mastodon.africa/users/wogan/statuses/113287949702354474

@wogan https://ublog.byme.at/objects/5b33ab25-7130-4d75-b8a5-ffbfc4776d7a

marius@kiessling.soc.. replied 22 Jun 2024 13:01 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo now I need to go and hunt down an HTML dump of this page to actually use as the web root across my machines

acontios@masto.hivan.. replied 22 Jun 2024 13:37 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo would you share the index page ? That could be a nice honeypot troll 😉

nico@ublog.byme.at replied 22 Jun 2024 15:09 +0000
in reply to: https://masto.hivane.net/users/acontios/statuses/112660541240296969

@acontios @benjojo It isn't the default page because it is restricted to localhost.
The code say: "We don't want localstart.Asp shown to outside users." and it redirect to iisstart.asp

But if it is only for the LOLz, here a WinHTTPTrack download of the page after removing the localhost-check and fixing some other permission-related issue:
https://internalexception.byme.at/temp/IIS_Default.7z

It should contains everything needed to create an honeypot.

FritzAdalis@infosec... replied 22 Jun 2024 15:28 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo
I use the NT4 version:
http://rekrunk.shockley.net/

mich181189@nerdcultu.. replied 22 Jun 2024 21:09 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo somewhere I have phpinfo() from PHP4 near perfectly recreated as a Golang template… for exactly this sort of purpose

4censord@unfug.socia.. replied 22 Jun 2024 23:21 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo where would one aquire such a page to scare their own auditors?

april@lethallava.lan.. replied 23 Jun 2024 10:39 +0000
in reply to: https://unfug.social/users/4censord/statuses/112662839854071907

@4censord@unfug.social @benjojo@benjojo.co.uk i also want to know :3c

benjojo replied 23 Jun 2024 10:49 +0000
in reply to: https://lethallava.land/notes/9uuzdm49kk

@april @4censord https://ublog.byme.at/objects/5b33ab25-7130-4d75-b8a5-ffbfc4776d7a

april@lethallava.lan.. replied 23 Jun 2024 10:50 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/9F48dqvMrY2384xh15

@benjojo@benjojo.co.uk @4censord@unfug.social heck yeah :3

jame@wetdry.world replied 23 Jun 2024 02:40 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo oh i want this genuinely

i_lost_my_bagel@mast.. replied 23 Jun 2024 04:20 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo reminds me of how i changed my 404 page to be the IIS one

https://lilysthings.org/somepagethatisntreal

mr_daemon@untrusted... replied 23 Jun 2024 05:11 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo I use to serve the NT4 one for this back in 2003 for the same reason lol

LightTheUnicorn@ligh.. replied 23 Jun 2024 07:24 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo Gosh it's been a very long time since I saw that.

quantensalat@astrodo.. replied 23 Jun 2024 07:33 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo hahaha

mgleadow@mastodon.gr.. replied 23 Jun 2024 08:12 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/5M895FQ8V4tG9dy49s

@benjojo I used to tell Apache to send headers saying it was on all sorts of old esoteric systems. I did once set up a server which I knew the customer would pen test and set the header to clean it was a Commodore 64 just to see if they queried it