Skip to content

Admin tool to get remote guest access to our non-ssh servers

Which part would be affected

The way we design/update our servers (see the wiki )

Description of the feature

When providing the location of a QTG machine, the tool would execute a pre-determined exploit to grant guest access
It is different from #51 as said tool must work remotely and tailored for each server, instead of working on all machines by enabling/disabling a local exploit on-demand

How would it enhance the experience?

If guest has access to sudo, that would allow an admin to log as root without having to rely on an ssh service
Given that sudo (and even get_shell) requires the root password to access to root, accessing sudo is not a security threat

Checks to do

  • The tool manages to provide guest access for a given server, no matter the circumstances
  • Guests have the ability to access sudo
  • Guests aren't able to cause service disruption