Re: Kaseya
- From: H D Moore <sflist@xxxxxxxxxxxxxxxxxx>
- Date: Thu, 29 May 2008 17:42:59 -0500
Running psexec against a rogue node, with domain admin credentials, will
get your the domain controller pwned (via relay attacks). It sounds like
the agent install is not automatic for remote machines, but in the case
of a manual install against a rogue system, it is an issue.
On Thursday 29 May 2008, Kevin Reiter wrote:
Another thing to note is the fact that psexec is used for remote tasks.
psexec lives only on the server, which is located at the MSP's data
center/NOC, and communications between the agent and the server are
encrypted. Sniff away..
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
- References:
- RE: Kaseya
- From: Kevin Reiter
- RE: Kaseya
- Prev by Date: Re: Does the SMS remote control user leave footprints in process memory ?
- Next by Date: Re: Does the SMS remote control user leave footprints in process memory ?
- Previous by thread: RE: Kaseya
- Next by thread: Re: Kaseya
- Index(es):
