Docsity
Docsity

Prepara tus exámenes
Prepara tus exámenes

Prepara tus exámenes y mejora tus resultados gracias a la gran cantidad de recursos disponibles en Docsity


Consigue puntos base para descargar
Consigue puntos base para descargar

Gana puntos ayudando a otros estudiantes o consíguelos activando un Plan Premium


Orientación Universidad
Orientación Universidad


Hack the box ddfsdfsdf, Resúmenes de Biología

Como hackear openadmin dfdssdfFSDFSDfsdfsdffdsf

Tipo: Resúmenes

2019/2020

Subido el 06/02/2020

nicolas-aguilera-1
nicolas-aguilera-1 🇨🇴

1 documento

1 / 9

Toggle sidebar

Esta página no es visible en la vista previa

¡No te pierdas las partes importantes!

bg1
SYSTEMS ENGINEERING / SPTI 2020-1
SECURITY ANALYSIS OF OPEN ADMIN
CRISTO EMMANUEL SANTOS SIERRA
----------------------------------------------------------------------------------
AUTORES: NICOLÁS AGUILERA CONTRERAS
JULIAN GUTIERREZ
JONATAN ESTEBAN GONZALEZ RODRIGUEZ
pf3
pf4
pf5
pf8
pf9

Vista previa parcial del texto

¡Descarga Hack the box ddfsdfsdf y más Resúmenes en PDF de Biología solo en Docsity!

SYSTEMS ENGINEERING / SPTI 2020- 1

SECURITY ANALYSIS OF OPEN ADMIN

CRISTO EMMANUEL SANTOS SIERRA

AUTORES: NICOLÁS AGUILERA CONTRERAS

JULIAN GUTIERREZ

JONATAN ESTEBAN GONZALEZ RODRIGUEZ

1. Objectives ● Describe risks, threats and impacts of each of the vulnerabilities found in “OpenAdmin” machine. ● Present an executive summary of the security of the machine that allows the owner to make decisions to improve the security of his device. ● Present recommendations that facilitate the mitigation of the risks of the device and thus improve its safety 2. Vulnerabilities found 2.1. The current version of "OpenNetAdmin" application it's easily vulnerable for malicious software. Threats - The current version of “OpenNetAdmin” found in the machine has an important security vulnerability that if it’s exploit, will give the attacker a free enter to the “wwwdata” user found in the server. This is a significally threat because not only compromise all the files that are found in "wwwdata" session, but also can compromise all the files and aplication found in the server and even the server itself, since this gives the posibility to the attacker to: download malware that affects the machine or try to get access to other sessions located in the machine. Evidence :

Calculation of security risks The following tool was used to calculate the security risks https://www.owasp- risk-rating.com/ Likelihood Factors Threat Agent Factors [0-9]

  • Skill Level: Some Technical skills - 6
  • Motive: Possible reward - 5
  • Opportunity: No access or resources required - 9
  • Size: Anonymous Internet Users - 9 Vulnerability Factors [0-9]
  • Ease of Discovery: Automated tools avilable - 9
  • Ease of Exploit: Automated tools available - 9
  • Awareness: Public Knowledge - 9
  • Intrusion Detection: Not Logged - 9 Impact Factors [0-9] ● Loss of Confidentiality: Extensive critical data disclosed - 7 ● Loss of Integrity: Extensive seriously corrupt data - 7 ● Loss of Availability: Minimal secondary services interrupt – 2 ● Loss of Accountability: Possibly traceble – 8 Overall Risk Severity: High Recomendations ● Disable the server and download inmediately the latest version of the application “OpenNetAdmin”. ● Keep it close look of the threats that this application can have in the future.

2.2. Save encrypted password in a file that runs through an open port Threats There are no restrictions for the user to navigate through this service. In this way, you can access the password hosted in this file, which works to enter a higher level user. Thus, you can have access to a user who has higher configuration permissions than the current ones and you will have the possibility of compromising a service or running a malicious program inside the machine. Evidence :

Calculation of security risks The following tool was used to calculate the security risks https://www.owasp-risk-rating.com/ Likelihood Factors Threat Agent Factors [0-9] ● Skill Level: 6 - Some technical skills. ● Motive: 4 – Possible reward. ● Opportunity: 6 ● Size: 9. Anonymous Internet Users Threat Agent Factor: High Vulnerability Factors [0-9] ● Ease of Discovery: 7 - Easy ● Ease of Exploit: 7 ● Awareness: 6 – Obvious ● Intrusion Detection: 8 Logged Without Review Vulnerability Factor : High Impact Factors [0-9] ● Loss of Confidentiality: 9 - All data disclosed ● Loss of Integrity: 4 ● Loss of Availability: 4 Overall Risk Severity: High Recommendations Do not store vital machine information in open ports Use a different and more secure type of encryption for user and administrator passwords. 2.3. Allow access to the administrator mode of a file with a non-root user. Threats

- The current version of "OpenNetAdmin" found on the machine has a significant security vulnerability such as allowing root access commands, even when they are not controlled by the user. This is a major threat because it omits sudo security policy, and any user can execute commands as if he were the system administrator.

Evidence : Security Impact Assets root Access Type of Asset Data Classification Anyone Impact to availability [1-5] 4 Impact to confidentiality [1-5] 5 Impact to integrity 5 Total impact 4 This vulnerability mainly affects confidentiality since a password is being accessed that the user should not have access to. However, the user do not have permissions to modify vital configuration files for systems or to modify credentials of other users.

  • (^) Availability: The attacker could, through the password obtained, access higher permissions and compromise some machine service
  • Confidentiality: The attacker gains access to a password of a user with greater privileges
  • Integrity: the attacker can alter valuable information to which the user with greater privileges has access Vulnerability measurement by CVSS calculation Severity: Critical (9. 8 ) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H JustificationAttack vector: The application can be accessed and operated remotely with any machine with Internet access and by any attacker. ● Complexity attack: Low. The exploit for this application is easy to find online and easy to use. ● Required privileges: None. Privileges are not required for use the exploit archive. ● User interaction: None. The vulnerability can be exploit remotely. ● Scope: Unchanged. The vulnerability only affects the machine.