Do you know what your ERP is telling us?

Interesting engagement I had a few weeks ago, a client wanted assurance on their ERP – Oracle E-Business suite, to be specific. I spent a few weeks just to formulate an efficient strategy and be able to cover most controls from an insider threat perspective and an external authenticated attacker angle. For this post, IContinue reading “Do you know what your ERP is telling us?”

Should we be worried? Huawei router …Part II

This is a follow-up of this post… Good. Now we are at par. After getting the router config as in the earlier post, I got to comb through the router config. Interesting things, I tell you. One of the parameters, X_HW_MonitorCollector has a server URL of yjyx.gd.edatahome.com and a tftp port of 6169. As shown above,Continue reading “Should we be worried? Huawei router …Part II”

Auditing linux , unix OS..in 120 seconds flat

Well, most of us have seen the movie Gone in 60 seconds, so I decided to write a baseline script for auditing linux and most unix operating systems in well under 2 mins – averages about  130 seconds on my test Centos and Red hat distributions. The script is modeled around most of the operating systemContinue reading “Auditing linux , unix OS..in 120 seconds flat”

Huawei HG8245H router “privilege escalation”…Part I

This is a prequel to this post here Well, I got to play around with my router a few weeks ago. My router, a Huawei HG8245H version, is pretty decent for home use. First things first, the login password is smack on the bottom of router as below. Most routers have a well known defaultContinue reading “Huawei HG8245H router “privilege escalation”…Part I”

Lateral movement..Part I

Scenario: you are a normal user in your company’s domain. No admin privileges. Nothing. You can’t even install a program in your machine. What if I told you, that you can be the local administrator on your machine and probably on MANY more in your organization? I am not able to count the number ofContinue reading “Lateral movement..Part I”