PenTest a honeypot
I have been given a task to test a low interaction honeypot.. so I have did a lot of reading about the subject...
my task is very simple..
just to upload any file (ex. text file, binary file, image file) into the system
now from my understanding of low interaction honeypot they emulate services like http and ftp.. that means we won't be able to load a file into the OS because of the emulation..
I was thinking to DoS that emulator to exhust it and make it stop working.. that way (assuming) the real service will show up instead of the emulator but a honeywall can limit the transmission into the honeypot which will help it reduce the traffic and won't knock it down...
I'm not really familiar much with exploits available because I'm new in PenTest area..
but is there an exploit that we can send as file and then execute the moment it reach the target...
I dont think it will likely to work because low interaction honeypot only emulate the services and not the OS.. so to bypass the emulation and reach the OS is the focus point
if you have suggestion or ideas about this topic please share or even correct my understanding of the low interaction honeypot process please do... as I'm here to learn :-)