A while back, we described hacking Hadoop through the Cloudera Manager (CM) or through Ambari. But there is so much more to hack! Here is what I would do if I had a chance (this is just the first approximation of the list, comments are welcome).
Hacking through CM or Ambari
- Try default passwords admin/admin
- Try obvious passwords. Assume that it won’t lock you after many attempts because by default it really won’t.
- If you have any password, try to escalate privileges.
- Try Burp or something similar to observe interactions.
- If you pown CM or Ambari, it is game over.
Hacking through HUE
- First, try to find the internal MySQL or another database which contains all settings and passwords.
- Brute force this password – applies to all cases. admin/admin to start.
- Escalate privileges, etc.
Hive
- Hive is used for many other connections, so it may be open for that sake
- Maybe the developer was setting up Tableau access through Hive and forgot to close the too open access
- Check port 10000
Tableau
- Tableau on Windows works through ODBC-JDBC-Hive, so there should be many holes
- You will find the ODBC in the Control Panel. This is just Window, man! so hack away
To be continued…