Cloud Computers Can Be Attacked




Of the 7 black hat white papers I want to focus on the ones that can cause problems for the Cloud Computers.  The above diagram is a general diagram of the amount of companies servicing different IT sectors.

Security can affect both Cloud and Virtualization.

I quickly outlined the problem yesterday near the bottom:


Apparently there is a failure in the Single Sign On design as the “French Kiss attack” allows the attacker to capture a Windows SSO (single-sign-on) username and NTLMv2 hashes of passwords. And then the password can be cracked with certain configurations with 8 digit passwords within 2 days.

{Assuming the attacker and a remote SMB share on a public IP and part of the victim’s Forest, no further development would be required : a typical SMB relay would allow an attacker to execute arbitrary remote commands on the target SMB server thanks for instance to psexec. Those tend to be fairly rare for obvious security reasons, but extensions of this attack to relay SMB to https (eg: to connect to an Exchange Server accepting NTLM based authentication over https) already exist publicly. A quick search on the popular ShodanHQ search engine returns thousands of such servers on the

This paragraph screams Cloud Computer nirvana for criminal hackers.


Sure  some cloud environments are set up well, but I am also sure that some cloud environments are set up with no security thoughts in mind. The terminal server connections should be set up with an encryption technology like SSL, otherwise the hackers could grab more and more of your information with an eventual attempt at cracking your passwords and usernames.


One thing the white paper did is to find approximately ~2500 http servers (web servers) that also accept relaying from SMB on the Internet. This is very dangerous –


Let us know if you want us to test your environment.






Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.