Hacking Hadoop – 2

A while back, we described hacking Hadoop through the Cloudera Manager (CM) or through Ambari. But there is so much more to hack! Here is what I would do if I had a chance (this is just the first approximation of the list, comments are welcome).

Hacking through CM or Ambari

  • Try default passwords admin/admin
  • Try obvious passwords. Assume that it won’t lock you after many attempts because by default it really won’t.
  • If you have any password, try to escalate privileges.
  • Try Burp or something similar to observe interactions.
  • If you pown CM or Ambari, it is game over.

Hacking through HUE

  • First, try to find the internal MySQL or another database which contains all settings and passwords.
  • Brute force this password – applies to all cases. admin/admin to start.
  • Escalate privileges, etc.

Hive

  • Hive is used for many other connections, so it may be open for that sake
  • Maybe the developer was setting up Tableau access through Hive and forgot to close the too open access
  • Check port 10000

Tableau

  • Tableau on Windows works through ODBC-JDBC-Hive, so there should be many holes
  • You will find the ODBC in the Control Panel. This is just Window, man! so hack away

To be continued…

Leave a Reply

Your email address will not be published. Required fields are marked *