SCANTRAP: Protecting Content Management Systems from Vulnerability Scanners with Cyber Deception and Obfuscation

Daniel Reti; Karina Elzer; Hans Schotten; Hans Schotten

doi:10.5220/0011667400003405

SCANTRAP: Protecting Content Management Systems from Vulnerability Scanners with Cyber Deception and Obfuscation

Daniel Reti, Karina Elzer, Hans Schotten, Hans Schotten

2023

Abstract

Every attack begins with gathering information about the target. The entry point for network breaches are often vulnerabilities in internet facing websites, which often rely on an off-the-shelf Content Management System (CMS). Bot networks and human attackers alike rely on automated scanners to gather information about the CMS software installed and potential vulnerabilities. To increase the security of websites using a CMS, it is desirable to make the use of CMS scanners less reliable. The aim of this work is to extend the current knowledge about cyber deception in regard to CMS. To demonstrate this, a WordPress Plugin called ’SCANTRAP’ was created, which uses simulation and dissimulation in regards to plugins, themes, versions, and users. We found that the resulting plugin is capable of obfuscating real information and to a certain extent inject false information to the output of one of the most popular WordPress scanners, WPScan, without limiting the legitimate functionality of the WordPress installation.

Download

Paper Citation

in Harvard Style

Reti D., Elzer K. and Schotten H. (2023). SCANTRAP: Protecting Content Management Systems from Vulnerability Scanners with Cyber Deception and Obfuscation. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-624-8, pages 485-492. DOI: 10.5220/0011667400003405

in Bibtex Style

@conference{icissp23,
author={Daniel Reti and Karina Elzer and Hans Schotten},
title={SCANTRAP: Protecting Content Management Systems from Vulnerability Scanners with Cyber Deception and Obfuscation},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2023},
pages={485-492},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011667400003405},
isbn={978-989-758-624-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - SCANTRAP: Protecting Content Management Systems from Vulnerability Scanners with Cyber Deception and Obfuscation
SN - 978-989-758-624-8
AU - Reti D.
AU - Elzer K.
AU - Schotten H.
PY - 2023
SP - 485
EP - 492
DO - 10.5220/0011667400003405