Vulnerable workstations

One of the many questions frequently asked is why we soften machines or use machines that have vulnerabilities. The fact is that a properly patched, properly configured, and properly hardened machine is quite difficult to get into. Penetration testing is not trying to get through to hardened devices but looking specifically for those devices that have vulnerabilities. In a typical engagement, you may find only one or two machines that have vulnerabilities. You can then use these machines to gain a foothold into an environment to compromise other more hardened machines. If you start doing regular engagements as a penetration tester, you will be surprised by just how many machines you may be able to find that have vulnerabilities. This is especially true with the proliferation of low cost Internet of Things (IoT) devices such as internet connected cameras, thermostats, automation systems, and monitoring. These devices often run Linux-type embedded operating systems and are rarely patched and often overlooked. More importantly, they are often riddled with bugs and vulnerabilities that we can use for our purposes.