0
I would be very grateful for some help: This is with regards to a Netcat based script running on a Debian based distribution, specifically the Proxmox hypervisor (see here if unknown https://en.wikipedia.org/wiki/Proxmox_Virtual_Environment)
I would need to run a script to perform a non-critical action (starting a Virtual Machine) when netcat receives the transmission "temp". The script is as follows:
nc -v -l -w 60 -i 5 -p 21212 | while read ; do MAC=${REPLY}; echo Received: $MAC if [ "$MAC" == "1" ] then echo STARTING VM1! echo Wait 5 Sec sleep 5
elif [ "$MAC" == "temp" ] then echo STRATE VM2! /usr/sbin/qm start 1022 fi
Could the Debian running above script be exploited, as Netcat listens on Port 21212 (it could of course listen to another port as well if I change that)? Naturally, anyone in the network could start a VM, but is there another risk?
Bob Hart
Posted 2019-12-05T22:11:06.180
Reputation: 1
but what happens when it is short? i.e: "0c", or long? i.e: 0cd29248689b1234) or when you get a fragmented packet? -> Then nothing happens based on the script. Why are you using UDP instead of TCP? I can use TCP instead. why not use the VM name instead Thats fine as well. – Bob Hart – 2019-12-06T14:08:23.487
The essential question is: Can the listening Netcat be exploited? – Bob Hart – 2019-12-06T14:12:07.143
I fail to understand the question entirely. Netcat itself doesn't process the packets, and is not really susceptible to attacks. It works on a garbage-in/garbage-out model. It's what you attach to it that can become susceptible, and how it is attached. – TheCompWiz – 2019-12-09T23:12:14.723
Dear TheCompWiz. I changed the original posting to be more understandable. I agree with you that " It's what you attach to it that can become susceptible". The "attched action " is non-critical. The question is : Could Netcat be exploited in another way? – Bob Hart – 2019-12-22T20:11:09.547