Hacker's Account of How He Took Down Hacking Team's Servers

An anonymous reader writes: FinFisher, the hacker that broke into Italian firm Hacking Team, has published a step-by-step account of how he carried out the attacks, what tools he used, and what he learned from scouting HackingTeam's network. Published on PasteBin, the attack's timeline reveals he entered their network through a zero-day exploit in an (unnamed) embedded device, accessed a MongoDB database that had no password, discovered backups in the database, found a BES admin password in the backups, and eventually got admin access to the Windows Domain Server. From here, it was easy to reach into their email server and steal all the company's emails, and later access Git repos and steal the source code of their surveillance software.

Re:MongoDBs

[Viol8]

7. Unholy mash up of Javascript and bespoke query language to operate on the data and administer the DB.

8. Max size limit of data in a key-value that can be indexed

9. Replica set or sharding , which is better? Who knows. Administering both at the same time requires a bottle of whisky and/or prozac on standby.

Re: Fascinating

[E-Rock]

You may want to read the write up. Windows had nothing to do with this hack. He created his own 0day against an internet facing appliance. He doesn't name it, but that his follow-up step was to install some additional Unix utilities, we know it was a *nix box. Then he found that their iSCSI network wasn't properly segmented away from the user network, and there was no authentication configured. That's a human error.