[cs615asa] Red team topic - week 11
Yuchen Zeng
yzeng10 at stevens.edu
Mon Apr 15 02:42:14 EDT 2019
Hello, this topic is about the Loophole of packages managers(apt and apt-get).
link: https://www.theregister.co.uk/2019/01/22/debian_package_manager_flaws/
System’s package manager is a very important part of CM. And that is also very easy to be attacked. Normally, Apt and Apt-get use HTTP when downloading packages. We have studied that the HTTP is not secure enough. a man-in-the-middle (MITM) miscreant can intercept the victim's network connection and even change the URL for fetch packages. So, the attacker can use the script run as root on that machine or install some unwanted software in that machine.
This could be solved by install SSL support for apt-get
apt-get install apt-transport-https
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.stevens.edu/pipermail/cs615asa/attachments/20190415/433d7141/attachment.html>
More information about the cs615asa
mailing list