New Blog Release: Subverting the Agent on Network PATROL

06 Apr 2016

Kevin O’Reilly, a Senior Consultant at Context, writes about a Red Team engagement that led to the team discovering unprotected credentials encrypted with an infrastructure management product from software provider BMC called PATROL.

The blog post goes through the process of the discovery of both the encrypted credential files on the client’s network and the software used to encrypt them, and how through reverse engineering this software, a new tool was created allowing any PATROL-encrypted passwords to be decrypted on this and any future red-team engagements.

In keeping with our responsible disclosure process, this blog is being published after BMC has been informed and taken steps to strengthen the encryption used, with additional security best-practises for administrators and network defenders.

To read the blog in full, please click here.

CHECK IT Health Check Service
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider
ASSURE Cyber Supplier - CAA