March 2017 - Pasquale 'sid' Fiorillo

22 March 201716 May 2022

QNAP QTS 0day (CVE-2017-5227)

Pasquale `sid` Fiorillo and Guido `go` Oricchio have released a critical security advisory for any QNAP NAS running any version of QTS prior to 4.2.4 Build 20170313.

The issue involves all the QNAP NAS that are members of a Microsoft Active Directory and can be used by any local user, such as “httpdusr” used to run web application, to escalate to Domain Administrator.

Advisory: Read from USH
CVE: CVE-2017-5227
Vendor bullettin: NAS-201703-21
Press release: Security Affairs

21 March 201716 May 2022

Audit a compromised AWS key credentials

Aws-key-auditor is a simple bash script to test AWS credentials against some safe (read-only) awscli commands.
It could be useful during a penetration test to automate checks to understand what resources can be accessed with compromised key.

Download from GitHub