Reply to post: Re: AD...

Yee-hacked! Fired Texan sysadmin goes rogue, trashes boot business

bombastic bob Silver badge

Re: AD...

"He could easily have dumped the entire user database and have access to every single account."

right, and STILL have low-level access via some obscure user account, which [with the right tools] can get you admin access, depending on installed patches and running software, or a carefully installed back door (that would do it for sure). He ALREADY added a secret login with admin privs, so why wouldn't he put in a back door (or two) as well? [this is a good reason for "get new computer, re-build from scratch" to fix this]

To add back doors, you could re-compile system stuff from modified source, or install your own dummy applications that run the real ones, or tack on 'virus-like' extensions to various programs that run in the context of 'root' or 'system' or 'administrator' and/or just install something that LOOKS like it belongs there, even signing it with your own certs [when needed] that you install [easy to do] when THAT kind of thing is necessary, yotta yotta yotta. Nothing new under the sun. These things are _EASY_ to do... which is why senior admins and/or managers need to watch out for that kind of crap.

(but a lazy crooked sysadmin would probably install some "toolz" purchased off the darknet)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019