![]() We'll need to set up a simple HTTP server in Kali to host the real_video.mp4 file. Don't Miss: Sniff Wi-Fi Activity Without Connecting to a Target Router.Be sure to leave tips and ideas for enumerating this information in the comments! The DNS requests for a Linux Mint operating system appear as follows.ĭetermining the DE or file manager may not be possible without the target sharing some identifiable information on social media or some other means. However, if the attacker shares a Wi-Fi network with the target, it would be possible to observe traffic transmitting to and from the operating system. Identifying if the target is using a vulnerable file manager is not an easy task, especially if the attacker knows nothing about the target's operating system. How to Identify if a Target's File Manager Is Vulnerable Don't Miss: Using Ubuntu as Your Primary OS, Part 1.Elementary OS 5/Pantheon/Pantheon-Files.Newer versions of each of the affected systems may also be vulnerable to the attack. In my short series of tests against popular operating systems, here's what I was able to determine, ordered in the following OS/DE/File-Manager format. Nemo, like the Thunar file manager found in XFCE4 systems, is vulnerable to this attack. The goal of this article is to shed some light on the vulnerability in Cinnamon's default file manager, Nemo. So a GNOME target with Nautilus installed may be using a different, vulnerable file manager. But! Keep in mind - it's possible to install and use multiple file managers in a single operating system, much like having two different web browsers installed simultaneously. Neither of these file managers is vulnerable to this attack. For example, GNOME uses the Nautilus file manager, and KDE uses the Dolphin file manager. While this is far from a comprehensive list of available DEs, these are among the most popular.Įach DE uses a different file manager by default. They include: GNOME, Cinnamon, MATE, KDE, XFCE4, and LXDE. There are several noteworthy desktop environments (DE) that are affected by this issue. desktop files appear as clickable buttons. Viewing this directory in Linux Mint's built-in file manager, Nemo, the very same. rw-r-r- 1 root root 3780 Dec 17 05:45 /usr/share/applications/sktop ![]() rw-r-r- 1 root root 5309 Dec 11 06:18 /usr/share/applications/sktop rw-r-r- 1 root root 8056 Dec 11 06:15 /usr/share/applications/sktop rw-r-r- 1 root root 9762 Dec 11 06:12 /usr/share/applications/sktop rw-r-r- 1 root root 4526 Dec 11 06:10 /usr/share/applications/xed.desktop rw-r-r- 1 root root 992 Dec 10 11:48 /usr/share/applications/sktop rw-r-r- 1 root root 9870 /usr/share/applications/vlc.desktop rw-r-r- 1 root root 3617 /usr/share/applications/vim.desktop rw-r-r- 1 root root 4493 /usr/share/applications/sktop rw-r-r- 1 root root 11701 /usr/share/applications/sktop rw-r-r- 1 root root 820 Nov 30 08:53 /usr/share/applications/sktop rw-r-r- 1 root root 10062 Mar 25 07:28 /usr/share/applications/sktop rw-r-r- 1 root root 518 /usr/share/applications/sktop rw-r-r- 1 root root 8996 /usr/share/applications/sktop rw-r-r- 1 root root 10609 /usr/share/applications/sktop rw-r-r- 1 root root 506 /usr/share/applications/sktop rw-r-r- 1 root root 12473 Mar 21 09:45 /usr/share/applications/sktop rw-r-r- 1 root root 433 Dec 11 03:24 /usr/share/applications/sktop rw-r-r- 1 root root 504 Dec 6 05:22 /usr/share/applications/sktop rw-r-r- 1 root root 11580 Mar 21 09:45 /usr/share/applications/sktop rw-r-r- 1 root root 450 Dec 6 05:22 /usr/share/applications/sktop rw-r-r- 1 root root 272 Mar 21 09:45 /usr/share/applications/sktop rw-r-r- 1 root root 200 Mar 21 09:45 /usr/share/applications/sktop ![]() rw-r-r- 1 root root 496 Dec 6 05:22 /usr/share/applications/sktop rw-r-r- 1 root root 463 Mar 21 09:45 /usr/share/applications/sktop rw-r-r- 1 root root 300 Dec 6 05:22 /usr/share/applications/sktop rw-r-r- 1 root root 448 Dec 6 05:22 /usr/share/applications/sktop rw-r-r- 1 root root 363 Mar 21 09:45 /usr/share/applications/sktop rw-r-r- 1 root root 1383 Jan 11 11:41 /usr/share/applications/sktop ![]() rw-r-r- 1 root root 8754 Nov 28 04:55 /usr/share/applications/sktop rw-r-r- 1 root root 125 /usr/share/applications/sktop $ ls -l /usr/share/applications/*.desktop Linux Mint users can list files in the /usr/share/applications/ directory for some examples of this. desktop file extension is used in Linux systems to create application launchers. ![]() The target believes fake_video.mp4 is legitimate and has no idea the operating system was just compromised. What we can't see in the GIF is the Netcat connection being made to the attacker's system when fake_video.mp4 opens. desktop file, configured to look like an ordinary MP4 in this file manager. The first (real_video.mp4) is a real MP4 of a movie trailer. Two files are being extracted in the GIF. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |