In the previous blog post, we have discussed the steps in identifying sensitive information in file shares, as well as file servers with inappropriate access controls configured. It was aimed to provide organisations with a guide on how to perform internal file share audits. Dionach have now released a tool, ShareAudit, to further improve the process of performing these audits. The tool is now publicly available on GitHub.
Tag: infrastructure
Printer Server Bug to Domain Administrator
During a recent internal network penetration testing engagement, a number of common attack paths were unavailable as a number of security mechanisms were implemented such as the Local Administrator Password Solution (LAPS) and the prevention of logged on credentials from being cached in memory. Additionally, the estate had a relatively mature patching process, which reduced […]
Minimising the Risks of Using Flash
Flash is well-known to people within the cyber security industry to have a long history of security vulnerabilities as well as functionality flaws. However, it is impossible to completely uninstall Flash, as the plugin has been integrated in both Internet Explorer and Microsoft Edge, which are core applications that come with Windows builds. Therefore, the purpose of this blog post is to provide possible solutions for organisations to minimize the risks of having Flash.
Compromising Jira Externally to Get Internal Network Access
In a recent external network engagement, which had a fairly large number of external services, I found a Jira login page available on the client’s external network. The login page belonged to a Jira Software service, an issue-tracking system used in project management and software development. https://jira.example.com The Jira Software version was just few versions […]
From Internal Web Application To Domain Admin
In a recent internal network penetration test I found a slightly less conventional route to get domain administrator privileges. This type of attack is certainly not new but it shows how thinking-out of the box takes a crucial part when comes to penetration testing. The client that I was facing definitely was not new to […]
Minimising the risk of using Java
Much as they may wish to do otherwise, organisations may need to install the Java Runtime Environment (JRE) so users have the Java Plugin they need for required web-sites, and/or run installed Java applications provided as JAR files. However, the vulnerabilities of JRE are well known and documented, as shown below, so meeting this requirement […]
Combining Issues to Compromise the Domain
Internal penetration tests, as approached by Dionach, are a good exercise to assess the security of the internal networks of our clients. Typically, we spend a few days on-site, starting with a standard low-privileged account – or in many cases with no credentials at all just patching ourselves to the network – and working our […]
Sophos UTM Firewall Hardening
Firewalls are used as the main defence for an organisation’s network infrastructure, and are used to prevent unauthorised access to or from the private network. The aim of this article is to provide guidance for network administrators on how to harden Sophos UTM firewalls.
The Onion Routing Network Research
The Tor network is borne out of a research project by the Naval Research Laboratory and Defence Advanced Research Projects Agency called Onion Routing. The second generation of this research is referred to as ‘the onion routing’ network. The way in which this network functions is to have layered encryption and routing via a route […]
Check Point Firewall Hardening
Dionach perform a number of firewall reviews and we often have to interact with different technologies and vendors. Alongside Cisco firewalls, Check Point firewalls are a popular solution used by organisations. This article provides guidance on how to harden Check Point firewalls and how to address the most common security issues. Please note that the […]