Can you help me hack your corporate network?

Today’s story will be based on a real case.

There is a lot of talk in the world about cyber awareness, it seems we are heading into an era where only sophisticated APTs will pose any threat, if at all. Nah. Kidding. Human factor seems to be stronger then any APT and hackers exploiting this "human factor" pr picking up simplest of possible backdoors, you leave open, will still thrive.

Why? Because there is a huge gap between awareness and implementation. This wrong idea of "it won't happen to me" or "it's just for this one time" - that's the largest problem.

So, what has happened?

Well, I was helping one person, let's call this person W to solve some technical problem-the computer did not recognized wi-fi networks. Immediately found that wi-fi interface was disabled. Enabling it required admin credentials. W called tech support at the place of work (very large and very known corporation), operator went into remote, all good...Except for one tiny thing. I noticed, that while operator inputs admin password, he does it with notepad and copy-paste. Admin user was not hidden and I saw exactly the username. OH. MY. GOD!

Once interface was enabled back and happy operator disconnected, all I had to do is to get all I need from clipboard.

Now, if I am not a straight person or just frustrated employee (over a million possible reasons) could I sell this in darknet or ask a friend to hack in or hack in myself, if I have skills? The answer is - Yes! Even in most correctly managed corporations passwords aren’t changed every day. With admin credentials I could at least set a foothold in this specific domain. Any operation, I’d perform would be with legal admin user, no privilege escalation, no lateral movement. Trust me, even if they have separate admins for separate domains (as it should be) or granulation of permitions is even higher, I’d eventually get them all, acquired golden ticket and had TOTAL control over entire corporation…And if they do not (which, regretably, also happens), I'd had total control immediately.

So, what's the point of all that text? Well, most of all it is - do yourself a favor, don't do yourself any favors: don't try shortcuts, they might cut your way to hell. Be disciplined - just do things as they need to be done, especially in a heavy workload. Cause entire chain is only as strong as it's weakest component. Be safe!