Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

CVE-2017-5689 PoC — 多款Intel产品安全漏洞

Source
https://github.com/haxrob/amthoneypot
Associated Vulnerability
Title:多款Intel产品安全漏洞 (CVE-2017-5689)
Description:An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
Description
Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689
Readme
Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689.

Webserver that listens on TCP port 16992. Replicates the behaviour of Intel's AMT management service.
If successfully exploited, content pulled from a HP machine is served to the attacker.

## Building -

```# go build```

## Running - 
```# ./amthoneypot [logfile.txt]```
### Persistent Execution -
```# nohup ./amthoneypot logfile.txt &```

### TODO
- [ ] Add templating to make content dynamic / random
- [ ] Add error checking
File Snapshot

 [4.0K]  /data/pocs/24f7ed987fcb98aa1470de0574675af26f53b13a
├── [  81]  go.mod
├── [ 167]  go.sum
├── [ 495]  README.md
├── [3.2K]  server.go
└── [4.0K]  static
    ├── [2.8K]  acl.htm
    ├── [3.7K]  events.htm
    ├── [2.6K]  fqdn.htm
    ├── [2.4K]  hw-batt.htm
    ├── [1.9K]  hw-disk.htm
    ├── [2.6K]  hw-mem.htm
    ├── [2.6K]  hw-proc.htm
    ├── [4.4K]  hw-sys.htm
    ├── [3.2K]  index.htm
    ├── [ 767]  invalid.htm
    ├── [3.8K]  ip.htm
    ├── [3.9K]  ipv6.htm
    ├── [ 752]  logo.gif
    ├── [ 737]  logon.htm
    ├── [2.2K]  power.htm
    ├── [1.9K]  styles.css
    └── [3.4K]  wlan.htm

1 directory, 21 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →