Tuesday, February 23, 2010

Stealing a Server Remotely

With the creation of virtual machines for PCs and servers, it was only a matter of time before someone wrote a program to remotely steal unsecured virtual machines (Shmoocon presentation pdf). To use the program, gueststealer-v1.1.pl, you have to install Perl CPAN modules which is practically trivial.

Here's a screenshot of a theft:

Stealing a VMware Virtual Machine





















This is just a variation of remote file transfer since VMware virtual machines are just files. VMware has patched this flaw. You can search for public facing VMware Servers using Google:


Finding ESX Servers on the Internet (redacted version).
















If you put your ESX Server's web access on the Internet, you better have patched the server and have a web application security proxy in front of it or you will lose more than just data. You'll lose system passwords, system configurations, internal network mappings, and your data.

Labels:


Comments: Post a Comment

Links to this post:

Create a Link



<< Home

This page is powered by Blogger. Isn't yours?