K World

This post is going to be technical. Some truth, some imagination and a bunch of assumptions.

My first assumption is - There is a big company with a portal which is primary means of doing many things across the company. Every employer gets access to the portal which they would use for their daily use.

My second assumption is - The company turns new-technology oriented, and it starts it’s own wiki or micro-blogging or even blogging with in the enterprise.

My third assumption is - The company considers an open source solution for the tool and modifies it a lot so that, by the time it opens it to the regular employees, the open source solution which they used gets an upgrade with the patches for the existing vulnerabilities in their solution.

My fourth assumption is - The company, as it managed to modify the code for making it work seamlessly with their current environment wouldn’t take more pain to upgrade the version of opensource solution which they are using.

Out of these four assumptions, we get a situation with the weakest link - A situation where a modified-but-vulnerable opensource solution is integrated with a company’s portal.

My brain’s assuming part will stop working here and the imagination part starts here. When a new tool is integrated seamlessly to the tool, it would be using LDAP for authentication. It’s a solution that can be easily guessed as well as confirm. When LDAP is being used, the next interesting imagination would be - they will be using a flow - where, if any user tries to login - if the user is first time user, the open source solution will create a profile for him in the solution’s database, or if not, just let him in based on the LDAP authentication.

The above all will work great as long as They are not concentrating on you. But, when They concentrate on you, greatest codes will look vulnerable simple codes. As per the title, I’m going to write “How Would They Do ?” Again, it’s completely imagination as I’m not “good enough in skill” or “bad enough in motive” to be one of Them. Let’s see what would They do.

They will find that the latest added opensource solution is the weakest part of the portal and try to find out the version of the solution. Using the solution, they would find the list of vulnerabilities and try to exploit them. If they succeed at this point, they will try to get complete access over that opensource solution a.k.a new tool. They will make themselves admin on the new tool, and look for possible chances of going further. Some of the current opensource solutions are so-advanced that they allow to edit code of their plugins/themes/core through their interface if the user is administrator. If not that advanced, atleast they allow the administrator to take a backup of the complete database. Both the cases are bad, first being terrible and second being bad enough to hurt.

But, if the case is first, where They got admin rights and They can edit the code, They would simply edit the code to do their work and that is - The solution would add every user and his password to new table on their successful authentication and later they can download the database of users with their un-hashed passwords which is the biggest thing that can go wrong for that total portal. The total compromise.

This is some stupid theory with lots of facts, assumptions and imagination in it. If you understand technology, you can understand the seriousness of simple mistakes we do. If you don’t understand technology, I didn’t expect you to be so bored that you read this post !! And by the way, if you haven’t understand who are They … come on dude, it’s dream of every kid who use computer to become like Them and read their friends’ emails. No more hints.