Raining Shells – Ambari “0-day”
Something that we’re starting to see occasionally on penetration tests are Hadoop clusters and all of the associated technologies that go along with them.
The old security model for these things used to be “Trust your network” – ie: Lock them in a room, somewhere behind a firewall, and cross your fingers. Nowadays however bleeding edge security features such as usernames and passwords have been implemented on many of the administrative interfaces for these services *gasp*…..
Contiinue Reading: Link