danielsauder

IT security is a matter of trust.

Windows 7 IE Developer SSH Server

Recently I played with one of the Windows 7 32Bit IE Developer VMs (IE11.Win7.VirtualBox.zip) from here. I can remember two exploitation classes where these machines are being used.

I found an SSH server installed within the machine, it is not hidden or something, but on the other side no one I asked was aware about it.

As you can see the server is running on port 22:

iewin7_netstat.png

The SSH server itself is running with its own user:

iewin7_sshuser.png

The SSH service is not blocked by local firewall rules:

iewin7_login.png

Short reminder, the password is “Passw0rd!”. So better use these machines in NAT mode, change the password, adjust firewall etc..

Happy Hacking.

Published by

Daniel

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: