Tools Shadow Brokers put at risk tens of installations based on Solaris

The hacker group Shadow Brokers obviously see that you will not be able to sell the stolen programs and NSA days ago decided to upload them to the Internet, which probably make a great gift of cybercrime groups worldwide. Things did not look good for supporting networked systems. Some of the people that it is better to start worrying are the administrators of resources on the basis of Oracle Solaris. This is clear from a publication in The Register.
Matyu Hiki of Hacker House decided to examine the contents of the archive, published by Shadow Brokers on the Internet and stumbled on two instruments through which the attacking side may increase in an unauthorized way the privileges of the user to the highest access to Solaris on remotely. The names of these programs are EXTREMEPARR and EBBISLAND. These are systems built on Solaris, x86 -versii 6 to 10 and Sparc, and possibly the last 11. The first version of the program increases privileges of entries in the system user script or program by compromising dtappgather, permissions of files, and binary file setuid at. EBBISLAND in turn, attacked each open RPC service to execute on a remote road malicious code.
"They have been effective universal key to access the highest level to every system in the world based on Solaris. These are pre binaries and everyone can activate them without requiring special technical knowledge, "says Hickey. He added that the code of one of the programs present reference to Solaris 11, which may mean that this version is vulnerable. By Oracle declined to comment to The Register on discoveries Hickey.

No comments:

Post a Comment