• Skip to primary navigation
  • Skip to main content
Craig Hays

Craig Hays

  • Articles
  • Newsletter
  • Learn Cyber Security
    • Hacking and Defending User Accounts
  • Contact
  • Show Search
Hide Search
You are here: Home / Archives for threat intelligence

threat intelligence

Threat Intelligence and Why Nobody Hacked My Hackable Website

July 14, 2020 By Craig Hays Leave a Comment

Reading Time: 5 minutes

I made my WordPress administrator’s password ‘admin’ for 2 weeks and nothing happened. This is why and why threat intelligence is useful.

insecure passwords and threat intelligence
Photo by iMattSmart on Unsplash

In my last experiment, What Happened When I Leaked My Server Password on Github.com, I configured a server with a very strong SSH password then ‘accidentally’ leaked it through a Github code repository. Within minutes people found the password and logged in. This time I tested a different approach and created a new WordPress site with the administrator username and password set to ‘admin’ for 2 weeks. Nothing happened. This is why nothing happened and why threat intelligence is important.

The Experiment

Prior to testing, I expected that any new WordPress server that appeared on the internet would be detected using an IP scanner within 7 days. Once discovered, brute-force attacks against the WordPress admin user would begin. Using the combination of admin:admin the site would be compromised very quickly.

To test that theory I created a honeypot installation of WordPress using a Docker container and a cloud hosting service unlinked to anything else I do online. Then I locked-down the host server and network to minimise the impact on others if the container was actually hacked. Next, I set the admin username and password to ‘admin’, then waited to see what happened. I didn’t give it a domain name, didn’t add it to any search indexes, and didn’t promote it in any way. I wanted to see if someone was actively looking for brand new servers that were vulnerable in this way.

[Read more…] about Threat Intelligence and Why Nobody Hacked My Hackable Website

· © Craig Hays, 2020 ·

  • Phishing