The Offensive Security team at Evolve Security wanted to share some of the key pentest tactics that are relating to successful findings and improved risk postures. Let's dive into the findings, and fixes that could improve your attack surface.
NetBIOS Name Service (NBNS) is a protocol used within internal networks when a DNS server isn't available. It broadcasts queries across the network, and any system can answer with the requested IP address. Attackers can exploit this by responding with their own system's IP address.
Fixes: To prevent NBNS usage or mitigate its impact, try these strategies:
UseDnsOnlyForNameResolutions registry key to prevent systems from using NBNS queries (NetBIOS over TCP/IP Configuration Parameters).A critical security flaw affecting PHP has surfaced, allowing remote code execution under specific conditions. Tracked as CVE-2024-4577, this CGI argument injection vulnerability impacts all PHP versions on Windows. It bypasses protections for CVE-2012-1823, enabling arbitrary code execution on remote PHP servers.
Fixes: Administrators should abandon the outdated PHP CGI and switch to more secure solutions like Mod-PHP, FastCGI, or PHP-FPM. Ensure updates to PHP have been applied as per recent security advisories.
Systems vulnerable to MS17-010 (EternalBlue) were identified during our tests. This Windows vulnerability is highly exploitable, allowing attackers full control over affected systems.
Fixes: Apply security updates to mitigate this vulnerability. Additionally, review and strengthen your patch management strategy to prevent similar issues.
Link-Local Multicast Name Resolution (LLMNR) is another protocol used when a DNS server is unavailable, broadcasting queries network-wide and allowing any system to reply. Attackers exploit this by inserting their system's IP address.
Fixes: The best method to prevent exploitation involves configuring the Multicast Name Resolution registry key to stop systems from using LLMNR queries.
Despite the varied nature of these findings, many stem from common issues such as configuration weaknesses and patching deficiencies. Increasing the frequency of penetration testing is the clearest path to identifying vulnerabilities daily and reducing your attack surface. In our recent webinar we highlighted making the jump from compliance based pentesting to Continuous Pentesting in 2024.
Unlock your organization's full security potential and uncover even more vulnerabilities than before by choosing our advanced penetration testing services.
.jpg)
.jpg)
