Password manager pro manage engine7/5/2023 Recently we were engaged for a Red Teaming Assessment and, while analyzing the external perimeter during the initial reconnaissance phase, we detected an instance of ManageEngine Password Manager Pro, which, as suggested by its name, is a password manager.įinding a self-hosted password manager is usually a clue that the company has a good security awareness and you could expect your beloved Password Spraying for initial access to fail. When we - as in Shielder - say Red Team(ing) refer to the latest one: a real simulation of an attack, using the same techniques a real malicious party would use, to understand if the Security Operation Center (SOC) is able to detect and respond properly. A specific type of security assessment which could involve the technological, human, and physical domains aimed to test the detection and response capabilities of a company.a Network Penetration Test is sometimes defined a Red Teaming). Any type of activity which involves some offensive security operations (i.e.A team performing offensive security activities. ![]() Red Team(ing) is an abused word in the InfoSec world and it’s commonly used to define various things: ![]() ![]() How to Decrypt Manage Engine PMP Passwords for Fun and Domain Admin - a Red Teaming Tale TL DRĭuring a recent Red Teaming assessment we have found an internet-exposed instance of ManageEngine’s Password Manager Pro which was vulnerable to a pre-authentication Remote Code Execution ( CVE-2022-35405).Īfter gaining code execution we reverse engineered the password encryption/decryption routine to decrypt all the passwords and hack our way to become Domain Admin.
0 Comments
Leave a Reply. |