In the previous post in the pentest on AWS and Google series, we set up a complete security testing environment to play with. As you have seen, it really isn’t that difficult for an attacker to pwn your network. A lot of what attackers do is observation, trial-and-error, and guesswork. I left most of those parts out of the article, but bad network cleanliness and practices make things a lot simpler for adversaries.
All of the techniques we have discussed above are real techniques that take advantage of real (and sometimes even common) security loopholes that are frequently overlooked. Here are some things that the network administrator could have done to disrupt the attacker’s kill chain:
Once again, I strongly encourage you to use the lab to build an environment that allows you to perform vulnerability assessments on your own systems. Ravello’s flexibility allows you to create a close replica of system and network infrastructures within a sandbox that can be repeatedly spun up and destroyed with a few clicks.
Most importantly, keep in mind that breaking into computer systems is illegal. Most system administrators, government agencies, and companies don’t have any sense of humor when it comes to security, and you don’t have to do any real damage to get into a considerable amount of trouble. Just trying to break into a system is a serious offence in many jurisdictions.