Absolute Pwnage: A Short Paper about the Security Risks of Remote Administration Tools

  • Jay Novak
  • Jonathan Stribley
  • Kenneth Meagher
  • J. Alex Halderman
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7035)


Many IT departments use remote administration products to configure, monitor, and maintain the systems they manage. These tools can be beneficial in the right hands, but they can also be devastating if attackers exploit them to seize control of machines. As a case study, we analyze the security of a remote administration product called Absolute Manage. We find that the system’s communication protocol suffers from serious design flaws and fails to provide adequate integrity, confidentiality, or authentication. Attackers can exploit these vulnerabilities to issue unauthorized commands on client systems and execute arbitrary code with administrator privileges. These blatant vulnerabilities suggest that remote administration tools require increased scrutiny from the security community. We recommend that developers adopt defensive designs that limit the damage attackers can cause if they gain control.


Security Risk Fast Software Encryption Arbitrary Code USENIX Security Symposium Heartbeat Message 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Absolute Software. Absolute Manage Web Site,
  2. 2.
    Absolute Software. Absolute Software Acquires LANrev (December 3, 2009),
  3. 3.
    Apple. Remote Desktop 3,
  4. 4.
    CWE/SANS. 2010 Top 25 Most Dangerous Programming Errors,
  5. 5.
    Lyon, G.F.: Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure, USA (2009)Google Scholar
  6. 6.
    Howell, J., Schechter, S.: What You See is What They Get: Protecting Users from Unwanted Use of Microphones, Cameras, and Other Sensors. Web 2.0 Security and Privacy (2010)Google Scholar
  7. 7.
    Postel, J., Reynolds, J., Reynolds, J.: Telnet protocol specification. STD 8, RFC 854 (May 1983)Google Scholar
  8. 8.
  9. 9.
    Ortega, A., Sacco, A.: Deactivate the Rootkit: Attacks on BIOS Anti-Theft Technologies. Blackhat (2009)Google Scholar
  10. 10.
    Robbins, B.J., et al.: Complaint Against Lower Merion School District (February 16, 2010),
  11. 11.
    Schneier, B.: Description of a new variable-length key, 64-bit block cipher (Blowfish) In: Fast Software Encryption, pp. 191–204 (1993)Google Scholar
  12. 12.
  13. 13.
    stryde.hax and Aaron Rhodes. The Spy At Harriton High (February 2010),
  14. 14.
    Ylonen, T.: SSH–secure login connections over the Internet. In: Proceedings of the 6th USENIX Security Symposium, pp. 37–42 (1996)Google Scholar
  15. 15.
    Zetter, K.: School Spy Program Used on Students Contains Hacker-Friendly Security Hole. Threat Level (May 2010),

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Jay Novak
    • 1
  • Jonathan Stribley
    • 1
  • Kenneth Meagher
    • 1
  • J. Alex Halderman
    • 1
  1. 1.The University of MichiganUS

Personalised recommendations