• TemporaryBoyfriend@lemmy.ca
    link
    fedilink
    arrow-up
    64
    arrow-down
    1
    ·
    1 year ago

    I work in IT. Most systems have laughable security. Passwords are often saved in plain text in scripts or config files. I went to a site to help out a very large provincial governmental organization move some data out of one system and into another. They sat me down with a loaner laptop and the guy logged me into his user account on the server. When I asked for escalated privileges, he told me he’d go get someone who knew the service account passwords.

    After a few minutes, I started poking around on my own… And had administrative access within an hour. I could read the database (raw data), access documents, start and stop the software, plus, figured out how to get into the upstream system that fed data to this server… I was working on figuring out the software’s admin password when the guy came back. I’m sure that given some more time, I could have rooted the box because the OS hadn’t been updated in years.

    • Ricaz@lemmy.world
      link
      fedilink
      arrow-up
      17
      ·
      1 year ago

      the guy logged me into his user account

      It’s pretty common to have this as the only barrier. If someone got into my work PC they could easily take down a lot of critical infrastructure, if they knew where to look.

      Terrible, but common.

      • RippleEffect@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Yeah, getting access into the vpn and subsequently the server is the challenging part. Once you’re in, there’s so much that can be found quickly and somewhat easily.

    • Mikina@programming.dev
      link
      fedilink
      arrow-up
      14
      ·
      1 year ago

      I work as a pentester and Red Teamer, I can attest that even for some large companies, you always stumble upon something that’s just dumb, and completely renders their multi-million investment they are probably making into security tools and solutions worthless.

    • bpm@lemmy.ml
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      Having worked network support, the number of times I’ve been on a screen share with someone who opens an excel sheet from the share drive that holds all the root passwords for every network device they own is high. A bad actor could take down some very large companies with some simple social engineering skills.

    • Indie@lemmy.fmhy.ml
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      It’s shocking.

      Whenever we work with a 3rd party vendor and run through the efforts to harden the systems, they freak out because it always breaks their app. Then we go through the whole handholding process of getting their apps to work within our hardened environment. It ends with them not taking anything into account. App works, system is hardened. Then when it’s time to update the system, they get involved and it’s always back to square one.

      Like get the fuck on board with security if you are selling a software product. It’s mind boggling thinking about how all their other customers just let them away with such exposed shitty communication and unencrypted passwords.