Oracle PeopleSoft applications are quite complex and consist of many components, so their security is not a simple thing. While there is almost no research on PS security, successful attacks against such systems happen from time to time. That’s why we decided to start series of articles about some aspects of PS security.
Struts2 is a very powerful and popular Java framework. It is widespread, being used in many large and less large enterprise applications.
This summer, a critical vulnerability was found in Struts2. It was an OGNL injection which led to RCE. It is simple, requires no auth, and works against almost all versions (except the latest one).
The first step of any attack is to collect the information about a target. One of the most important resources for that purpose is Google (or another search engine) with its google dorking (hacking). You can find a lot of interesting information there, especially if your target is a big enterprise. The engine’s spiders crawl the Internet with its many, many sites, and we can dive into the information which they have collected for us.
The SSRF attack gains popularity and gets a lot of attention this year. Our company has performed some research in this area, and we got some interesting results which can be used to create good attack vectors. Let me show you one of them.
Many people still think that SSRF is only about XXE vulnerabilities but, as I have already presented at the POC conference, there is a bunch of different places in XML-based protocols (WS family, XBRL, BPEL, etc.) and in business applications where we can put a link to other resources.
For example, WS-Adressing.
Some time ago during a pentest, the NetBIOS protocol got my attention, in particular NetBIOS naming and its co-work with DNS.
In spite of having a long-time distribution, NetBIOS is a protocol which doesn’t have many security mechanisms. I think that many interesting things are born in different technologies’ intersection, so I started a little research and I would like to show some results of it.
The group policy is a powerful feature of the Windows OS. From Wiki: “Group Policy is a set of rules which control the working environment of user accounts and computer accounts. Group Policy provides the centralized management and configuration of operating systems, applications and users’ settings in an Active Directory environment”