Add brute-force exploiters' explanation pages #4269
Conversation
shreyamalviya
force-pushed
the
4213-docs-exploiters-feature-pages_brute-force
branch
from
66bc088
to
6d037d5
Compare
shreyamalviya
force-pushed
the
4213-docs-exploiters-feature-pages_brute-force
branch
from
6d037d5
to
77697ea
Compare
| Machines with MSSQL that have `xp_cmdshell` enabled may be accessible to | ||
| attackers if they come across the correct credentials. |
There was a problem hiding this comment.
Maybe:
| Machines with MSSQL that have `xp_cmdshell` enabled may be accessible to | |
| attackers if they come across the correct credentials. | |
| Machines with MSSQL that have `xp_cmdshell` enabled may be accessible to | |
| attackers if they are able to successfully authenticate with the service. |
?
There was a problem hiding this comment.
How about this?
| Machines with MSSQL that have `xp_cmdshell` enabled may be accessible to | |
| attackers if they come across the correct credentials. | |
| Machines with MSSQL that have `xp_cmdshell` enabled may be accessible to | |
| attackers if they find a way to authenticate with the service. |
There was a problem hiding this comment.
It makes it sound so haphazard. We could just say "if they are able to authenticate with the service."
There was a problem hiding this comment.
"if they are able to authenticate with the service" suggests they have the right credentials + xp_cmdshell was enabled, it feels wrong to say "may be accessible" with that. I'm having trouble thinking of a better sentence.
| Machines with MSSQL that have `xp_cmdshell` enabled may be accessible to | ||
| attackers if they come across the correct credentials. | ||
|
|
||
| Infection Monkey's MSSQL exploiter uses brute-force to propagate to a victim | ||
| by taking advantage of insecure MSSQL configuration. It leverages the | ||
| `xp_cmdshell` feature to execute commands on the server. |
There was a problem hiding this comment.
I feel like these two paragraphs are basically building up to say the same thing. Maybe they can be combined.
There was a problem hiding this comment.
I'd prefer keeping them separate. This is how it is in all the exploiter pages. The first paragraph says something about the service's vulnerability and the second explains how it works in Infection Monkey.
There was a problem hiding this comment.
Maybe, but most of them aren't paragraphs, they're standalone sentences.
There was a problem hiding this comment.
Combining them in all pages
| Machines with PowerShell Remoting enabled may be accessible to attackers if | ||
| they come across the correct credentials. |
There was a problem hiding this comment.
In general, I'm not sure I like the language, "if they come across the correct credentials." We should maybe come up with something that's a bit more explanatory.
There was a problem hiding this comment.
| Machines with PowerShell Remoting enabled may be accessible to attackers if | ||
| they come across the correct credentials. | ||
|
|
||
| Infection Monkey's PowerShell exploiter uses brute-force to attempt to | ||
| propagate to a victim through PowerShell Remoting. |
There was a problem hiding this comment.
Again, I think these two sentences are closely related enough to be one paragraph.
There was a problem hiding this comment.
What does this PR do?
Fixes parts of #4213
PR Checklist
Testing Checklist