[Day 14] Networking Dev(Insecure)Ops | Advent of Cyber 3 (2021)

  • Folder permissions that were too lax: The low privileged McSkidy user could write to the Grinch’s “loot” folder.
  • File permissions were misconfigured: The low privileged McSkidy user could change the contents of the loot.sh script.
  • Improper key protection: In this example, Grinch’s password can be seen as the secret key used to connect CI/CD components. If the key can be read from a configuration file, the attacker can reuse this key to their advantage.
  • Installation was not secure: cronjobs were regularly running tasks without any controls for unauthorized changes. As you may have read in sector news, a similar lack of controls has led to the release of backdoored software

--

--

--

Just a Learner and CTFs Player on a quite night.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Private Sale Whitelist Winners 🏆

It’s Time to Regulate Cyber Tech

FlickPlay x The Sandbox

How to identify a Threat?, How to perform Risk Exposure Matrix and Threat Management

Survey: Blurring Lines Between Professional and Personal

How to secure your secrets in 2021. Also in 2022!

We have wonderful news!

LuckyChip TestNet Event

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Febi Mudiyanto

Febi Mudiyanto

Just a Learner and CTFs Player on a quite night.

More from Medium

Alfred —  TryHackMe walkthrough

Phishing Emails 1 write-up (TryHackMe)

TryHackMe | Toolbox: Vim WriteUp

HackTheBox — Backdoor Walkthrough

HackTheBox backdoor writeup