Security researcher shares blow-by-blow account of advanced

The place for what's new and going on in the tech, innovation, and science world.

Security researcher shares blow-by-blow account of advanced

Postby Egaladeist » Wed Oct 31, 2012 3:48 pm

Security researcher shares blow-by-blow account of advanced persistent threat

Once into the compromised employee machine, the attacker used a collection of tools and a sniffer to look for where valuable content might be stored in the Swiss company's network. Though he found an application server, he couldn't get into it. But the attacker did break into the network printer, a Toshiba, and went on to check for passwords. "The administration password was in the HTML code," said Gnesa. "And unfortunately, that password was also used on another machine."

Eventually the attacker made his way to documents, diagrams and other valuable intellectual property stored on a Linux file server. Although the server was well-kept in terms of security, the backup for it was not, and by using what Gnesa referred to as the phpMyAdmin 3.4.1 swekey RCEexploit, the attacker got to the remote shell on the backup server. With yet another trick, the Linux 2.6.x umount exploit, he got to the root shell and had access to every file and directory, said Gnesa.


http://www.networkworld.com/news/2012/1 ... 63813.html
User avatar
Egaladeist
I am the Eg man : Coo Coo Ca Choo
 
Posts: 18852
Joined: Sun Dec 25, 2005 1:02 am
Location: Canada

Return to Tech News Zone

Who is online

Users browsing this forum: No registered users and 2 guests

cron