I thought of a way to Attack Linux. Is this possible, how to prevent this?
Well as a CEH in training that already is hired for CEH stills I get paid for thinking about security.
If I have to check the Security of a Company I normally Like to take the 'Classy' way. If they have WIFI they make it really easy and Id prefer to Implant a Session Hijack over cracking passwords or using Exploits found by other people.
Recently I got the task to crack this Network that has this:
Linux OnlyBoxes, Never remote Accessed. Doesn't run services like Apache or OpenSSH.
It only connects to the internet twice a day. Once at 5PM to send all the work of the day to the MasterServer and once at Midnight to Update all the software.
The network also has a Wireless Access point since everybody in the Company uses Laptops. So they can also work when they are outside. And then when they get at 4PM at the Office they can Upload their work..
Well I thought of the Following attack.
There is Wifi, so thats a way in.. The wifi was really weak. WEP..
Since there arnt ANY sessions to Hijack that are really interesting I thought of a way to get Root Access on the Servers.
I thought, what if I do a Classic Session Hijack but instead of Hijacking his connection Id make him think that I have a Update for the packages. That update is a program that runs as root. But with a Trojan Code injected in it.
I havnt tried this yet. Since I havnt took a look at the Dep Update protocol. But something like this should be possible right? (This is all Ethical dont worry)
I am nearly 80% sure this idea of a Attack can (and will) work.
so, well what is your opinion about this?
And ofc really important.. How to make sure crackers (Black Hats) can deploy such a attack?