honeypot

So I set up a honeypot for a fraudulent order, and I'm completely disappointed in todays kiddies.

All he really uploaded was a CGI-telnet program, which they labeled "venson.pl".

Code: 
#!/usr/bin/perl
#------------------------------------------------------------------------------
# Copyright and Licence
#------------------------------------------------------------------------------
# CGI-Telnet Version 1.0 for NT and Unix : Run Commands on your Web Server
I tried to get more than one credit card out of him, but couldn't. I suspect that he only had the one.

I've set up honeypots before though, and usually the accounts go totally unused. They never even log in once. After a few weeks, I just remove the account. I don't get it. What's their motivation?

 

 

 

 

Top