MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability.
Clone or download
Latest commit d1fc5e9 Feb 8, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
micros fix micros content and set gitattributes Feb 7, 2018
.gitattributes fix micros content and set gitattributes Feb 7, 2018
Dockerfile adding requirements.txt Feb 8, 2018
LICENSE Initial commit Feb 7, 2018
README.md Update README.md Feb 8, 2018
micros_server.py Initial commit Feb 7, 2018
requirements.txt adding requirements.txt Feb 8, 2018

README.md

MICROS honeypot

Cymmetria Research, 2018.

https://www.cymmetria.com/

Written by: Omer Cohen (@omercnet) Special thanks: Imri Goldberg (@lorgandon), Itamar Sher, Nadav Lev

Contact: research@cymmetria.com

MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability. The honeypots does a simple simulation of the MICROS server and will allow attackers to use the vulnerability to "steal files", and will report of such attempts.

It is released under the MIT license for the use of the community, pull requests are welcome!

Usage

  • Run without parameters to listen on default port (8080):

    python micros_server.py

  • Run with --help to see other command line parameters

See also

https://cymmetria.com/blog/honeypots-for-oracle-vulnerabilities/

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2636

Please consider trying out the MazeRunner Community Edition, the free version of our cyber deception platform. https://community.cymmetria.com/