A Web Log of Thoughts, Ideas, and Nonsense related to Technical Topics
This post outlines the steps taken to exploit the sandboxed, non-admin JMX feature to gain elevated unrestricted access to a Windows system running Server 2008 R2. This is a second-stage attack using a previously-compromised Linux box as a pivot point within the target network.
We have to craft systems that expect a breach but mitigate the results. This is the concept of defense-in-depth and zero trust taken to their extremes—systems will be compromised, so how do we prevent that from mattering? As Dr. Older says, it's "the interaction between hazard and human settlement or activity that creates a catastrophe." The humanity within data is the most-important cost we should assess, so how do we limit the results of threat activity toward our fellow humans?