Tuesday, February 23, 2010
Stealing a Server Remotely
With the creation of virtual machines for PCs and servers, it was only a matter of time before someone wrote a program to remotely steal unsecured virtual machines (Shmoocon presentation pdf). To use the program, gueststealer-v1.1.pl, you have to install Perl CPAN modules which is practically trivial.
Here's a screenshot of a theft:
Stealing a VMware Virtual Machine
This is just a variation of remote file transfer since VMware virtual machines are just files. VMware has patched this flaw. You can search for public facing VMware Servers using Google:
Finding ESX Servers on the Internet (redacted version).
If you put your ESX Server's web access on the Internet, you better have patched the server and have a web application security proxy in front of it or you will lose more than just data. You'll lose system passwords, system configurations, internal network mappings, and your data.
Here's a screenshot of a theft:
Stealing a VMware Virtual MachineThis is just a variation of remote file transfer since VMware virtual machines are just files. VMware has patched this flaw. You can search for public facing VMware Servers using Google:
Finding ESX Servers on the Internet (redacted version).If you put your ESX Server's web access on the Internet, you better have patched the server and have a web application security proxy in front of it or you will lose more than just data. You'll lose system passwords, system configurations, internal network mappings, and your data.
Labels: VMware Guest Stealer
