Dropsafe

by Alec Muffett

Azure VMs contain amusing capabilities; WHAT COULD POSSIBLY GO WRONG? /HT @GeoffArnold @seclectech

2012/08/04 23:39:20 BST

There is a Python agent inside the Azure VMs that communicates over TCP/80 and has fun methods like DeleteRootPassword & Deprovision

— Matt Franz (@seclectech) August 4, 2012

Another fun fact Azure VM “endpoints” (very primitive security groups) only allow you to specify TCP and UDP ports.

— Matt Franz (@seclectech) August 4, 2012

OK, so, you could say something like “each and every EC2 VM running Linux has the capability to be SSHed into and be driven remotely, shutdown or reinstalled. And you could do the same from the Dashboard, too…” – and you’d be right.

But still: wanna take bets which one is harder to abuse? Especially given the noddy filtration?

⊞

cloud security

Dropsafe

Azure VMs contain amusing capabilities; WHAT COULD POSSIBLY GO WRONG? /HT @GeoffArnold @seclectech

Comments

Leave a Reply Cancel reply

More posts

UK Government King’s Speech proposes “Cyber ASBO” with obvious risk of scope creep into censorship

Don’t take away our freedom to play games when we want | 38 Degrees

‘Von der Leyen Announces the EU’s New Age Verification App Claiming it is “Completely Anonymous” & users “Cannot be Tracked”’ | …the EU is about to have its ‘Clipper’ moment

From 2019: ‘If there were 5 million “bad people” on Facebook – terrorists, criminals, drug-dealers, whatever – that would be 0.2% of the userbase’