CVE-2017-5689 PoC — 多款Intel产品安全漏洞

Source

https://github.com/MlSebrell/amthoneypot

Associated Vulnerability

Title:多款Intel产品安全漏洞 (CVE-2017-5689)
Description:An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).

Description

Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689

Readme

Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689.

Webserver that listens on TCP - [ ] Daemonizeport 16922. Replicates the behaviour of Intel's AMT management service.
- [ ] Daemonize
Building -

```# go build server.go```

Running - 

```# ./server logfile.txt```

### TODO
- [ ] Add templating to make content dynamic / random
- [ ] Add error checking
- [ ] Add some form of RCE?

File Snapshot


 [4.0K]  /data/pocs/06287f76b931fa2a5d2c8592f22106f20eb04c9c
├── [ 395]  README.md
├── [4.4K]  server.go
└── [4.0K]  static
    ├── [2.8K]  acl.htm
    ├── [3.7K]  events.htm
    ├── [2.6K]  fqdn.htm
    ├── [2.4K]  hw-batt.htm
    ├── [1.9K]  hw-disk.htm
    ├── [2.6K]  hw-mem.htm
    ├── [2.6K]  hw-proc.htm
    ├── [4.4K]  hw-sys.htm
    ├── [3.2K]  index.htm
    ├── [ 767]  invalid.htm
    ├── [3.8K]  ip.htm
    ├── [3.9K]  ipv6.htm
    ├── [ 752]  logo.gif
    ├── [ 737]  logon.htm
    ├── [2.2K]  power.htm
    ├── [1.9K]  styles.css
    └── [3.4K]  wlan.htm

1 directory, 19 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!