what i do?

Am an Information Risk Consultant and Penetration Tester, i specialize mostly in penetrating secure networks/computer systems where i simulate an organized professional attack against your organization, where after that a detailed report with weakness and exploited vectors are summarized. This will help you gain control over your infrastructures security and maximize your protection.

Thursday, November 14, 2013


Late last year i was involved in a Penetration testing as a third party attacker. The attack was meant to show risks that can be used to gain access to ATM-Bridge and ATM machines and how someone would gain access to them from the Internet. Now the issue is that this could not be done in the amount of time the Bank wanted, and also the main contractor didnt believe in full penetration testing. So i dropped the job and talked to the IT Manager and told him i can exploit the bank in less than six months, give or take. He was reluctant but agreed on later after the contractor submitted their report.

So here is a declassified simulation, where you can use simple tools from backtrack to gain access to the network.

The fun part on this simulation is HP-Aux ATM-Bridge servers. Most banks use HP Softwares for network managements e.g HP Data Protectors and most of the time they are installed on Server level application and thus makes them easier to be exploited, we all know port 5555? I hope the answer is YesZuur

Also if you get access to A.D servers due to vulnerabilities that domain controller has, eg this one was on Windows 2003 Server, you will be able to control the main HP Protector servers and you can get full access to ATMs.

Now remember most of these applications could have passwords, so accessing them via rdesktop using another session would be hard, but by now as a pentester you should know how to hijack a remote desktop session that an authenticated user is already in, via Active Directory on a Domian Forest.

Anyway, trying to figure out which bank this is will be the hardest part of your reconnaissance, but understanding how such a pentest works will be the best part of upgrading your career in Infosec and defending your organizations.

No comments: