Comments (5)
Sleeptime17
commented on July 29, 2024
Didn't @lorg mention he wanted it to be a UNIX-y FTP banner?
Active alert - attempted path traversal?
Should this service also be compatible with MR? Can't remember if @lorg said that.
Consider CVE-2017-6510 - Easy File Sharing FTP Server 3.6 Directory Traversal
rapid7 source - https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ftp/easy_file_sharing_ftp.rb
from honeycomb_plugins.
omercnet
commented on July 29, 2024
Define "UNIX-y" ? wouldn't a common linux FTPd like proftpd suffice ?
if you could find an FTPd that has an RCE or something like that would be great, the best case scenario is to get an attack to upload payloads
from honeycomb_plugins.
Sleeptime17
commented on July 29, 2024
"UNIX-y" as in Linux instead of Windows. I'm mentioning him because I'm not sure if he wanted it that way or the other way around. A common Linux service would work.
There are no recent RCEs on FTP services unfortunately (5+ years I think). There seem to be some RCEs on FTP clients, but that's not what we're here for ;)
from honeycomb_plugins.
Sleeptime17
commented on July 29, 2024
Scratch that last comment, I'm pretty sure he meant the Telnet service.
That does leave me wondering why he wants an additional FTP service though? MR already has one.
from honeycomb_plugins.
omercnet
commented on July 29, 2024
MR has a built in one, need to make it a custom service compatible with honeycomb
I think @dekelb mentioned the internal codebase has something we're able to use right away
from honeycomb_plugins.
Related Issues (20)
- Create a Profinet honeypot
- Create a high interaction Asterisk honeypot
- Create a metasploit service honeypot to catch a recent exploit
- Ability to change syslog facility to an arbitrary value HOT 5
- Create documentation on how to run tests locally
- Elasticsearch integraton HOT 3
- Existing security issues
- LDAP honeypot
- config.json parameter type "file" not accepted HOT 1
- Splunk native integration
- alerta.io native integration
- Kafka native integration
- Add a S7 (port 102) honeypot
- Create a custom banner telnet honeypot
- Create a Modbus TCP honeypot
- Create an iDRAC honeypot
- Create an HP- iLO honeypot
- Create an AsusWRT honeypot to catch a recent exploit
- Create a Memcached honeypot to catch a recent exploit
- Create a high-interaction MongoDB honeypot
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from honeycomb_plugins.