Bonus question… Have you ever said “yeah, that fits” once you got a password?

  • Bear
    link
    English
    1721 hours ago

    Every time. Your mom’s getting tired of me saying it.

  • @[email protected]
    link
    fedilink
    1122 hours ago

    Even if you don’t say it, oh you’ll feel it. Even if you’re just dicking around on your own network and exploit something from a guide as practice…

    Yeah, I’m in.

  • Punkie
    link
    fedilink
    161 day ago

    Yes. Most of them were east-to-find solutions on the web, or someone else giving me access. “Can you reset my password on Blah?” “Try TempP@ass123.” “I’m in, changed password. Thanks.”

    A few times when I am really acting like a Senior Linux Administrator is figuring out a kludge or back door nobody had thought of. Recently, a client told me that the former admin had left and didn’t leave the password to over 300 systems (it turns out he did, the client was clueless, but I didn’t know that in the moment). I found every system the admin had access to, and looked for a dev box where he had access but I could take down during production hours. I took it down, booted into init with /bin/bash, changed root password, brought it back up. Then I checked his home directory to see what public keys he had. Based on that, I checked to see if there were any private keys on the bastion systems that matched as a pair (using ssh-keygen -l -f on each pair to see if the signatures matched). They checked which pair had no password. That was pretty quick because I quickly discovered a majority of these cloud systems also had an ec2-user that could escalate to root via private/public key pairs (it is supposed to be removed for security reasons, but wasn’t). Within a few hours, I had full access back to all their systems. Without taking down production.

  • @[email protected]
    link
    fedilink
    823 hours ago

    I’ve said both. I’m a professional pentester / red teamer, and yeah, we send each other “I’m in” memes when we pop a box.

  • m-p{3}
    link
    fedilink
    61 day ago

    During the CrowdStrike clusterfuck? Damn straight we did.

  • Sickday
    link
    fedilink
    423 hours ago

    I say it every time I have to hop onto a production box at work. If I’m in a call while it’s happening I usually drop a one-liner. Gotta have fun with these things.