Should we be worried? Huawei router …Part II

This is a follow-up of this post… Good. Now we are at par. After getting the router config as in the earlier post, I got to comb through the router config. Interesting things, I tell you. One of the parameters, X_HW_MonitorCollector has a server URL of and a tftp port of 6169. As shown above,Continue reading “Should we be worried? Huawei router …Part II”

Auditing linux , unix 120 seconds flat

Well, most of us have seen the movie Gone in 60 seconds, so I decided to write a baseline script for auditing linux and most unix operating systems in well under 2 mins – averages about  130 seconds on my test Centos and Red hat distributions. The script is modeled around most of the operating systemContinue reading “Auditing linux , unix 120 seconds flat”

Huawei HG8245H router “privilege escalation”…Part I

This is a prequel to this post here Well, I got to play around with my router a few weeks ago. My router, a Huawei HG8245H version, is pretty decent for home use. First things first, the login password is smack on the bottom of router as below. Most routers have a well known defaultContinue reading “Huawei HG8245H router “privilege escalation”…Part I”

Lateral movement..Part I

Scenario: you are a normal user in your company’s domain. No admin privileges. Nothing. You can’t even install a program in your machine. What if I told you, that you can be the local administrator on your machine and probably on MANY more in your organization? I am not able to count the number ofContinue reading “Lateral movement..Part I”