LAYER 8 – Patching the un-patchable….

by | Nov 10, 2014 | Social Engineering

Computer systems and software have been continually evolving year upon year.  Faster processing and data transfer coupled with more accessible storage have made crunching vast amounts of data possible in mere nanoseconds.

Computer security and controls have improved as well, we now have intelligent firewalls, web proxies, file integrity monitoring, DLP, IAM and all sorts of amazing new technologies and emerging acronyms to help busy IT departments maintain the confidentiality, integrity and availability of their data and systems.

Given the technology at our disposal, we should be fine right?  The hackers should be packing up their tool boxes and retraining as plumbers, electricians and school technology tutors.  Why is this not happening, why are we seeing global breaches on the rise?

You

The answer is simple – US

You, me, everybody.

The other day on a physical penetration test I handed a USB storage device to a very nice unsuspecting young company employee at a business that shall remain nameless.  I asked them if they could open the executable and print 2 copies of the documents for my fictional meeting.  She (it could have been he by the way) promptly ran the software bypassing the warnings and printed out my documents.

When it turned out that the person I was there to see was on holiday (as per there Facebook page…), I made my apologies and left.

My job done, it took the rest of our team a mere 30 minutes to remotely gain domain admin.

The client was both pleased and disappointed.  Pleased because he was able to use the results of this testing to generate more awareness and fund further security awareness training, disappointed because he knew that no matter how much effort he puts in to patching the humans, some patches just cannot be applied successfully.

Disclaimer

The information provided on this website is to be used for educational purposes only. The author is in no way responsible for any misuse of the information provided. Any actions and or activities related to the material contained within this website is solely your responsibility.

GitHub Activity

 

Follow JUMPSECLabs

Disclaimer

The information provided on this website is to be used for educational purposes only. The author is in no way responsible for any misuse of the information provided. Any actions and or activities related to the material contained within this website is solely your responsibility.

You may also like…

Detecting known DLL hijacking and named pipe token impersonation attacks with Sysmon

Recently we posted a bunch of advisories relating to Ivanti Unified Endpoint Manager, a couple of which are for vulnerabilities which can be used to achieve local privilege escalation. We will give a brief explanation of the vulnerabilities and an example of Sysmon configuration rules to log exploitation attempts, along with the rationale behind them so you can adapt them to your existing configuration if needed.

Advisory CVE-2020-13769 – Ivanti Unified Endpoint Manager SQL injection

A number of web components in Endpoint Manager do not properly sanitize user input when executing SQL queries, leaving the application vulnerable to injection attacks towards the underlying database. On a standard installation with default options, the account used to query the database is database administrator.

Share This