“Unusual” Autorun exploit under Linux ;)

I am using Debian 8 but it was probably included in many distros.

An autorun-like “feature” can be found under certain circumstances using usb-devices command.

Those “cat” commands should be “cat -v”. I was specially worried with:

print_string() {
file=$1
name=$2
if [ -f $file ]; then
echo "S: $name=`cat $file`"
fi
}

An example case would be a manufacturer filename with scape secuences on a dodgy USB device. I used the excellent Ubertooth One to test it but a 1.5 USD cp21x serial converter could be used inside a recycled usb flash case.

Most terminals have those problems fixed so this is not a big deal but better safe than sorry.

Quick test:
——————–

open a terminal window
echo -e "\e]2;a new terminal window title\a" > manufacturer
cat manufacturer

How to fix it fast:
——————–

cat usb-devices | sed s/cat/"cat -v"/ >usb-devices-fixed

References:
——————–
Terminal Emulator Security Issues by HD Moore
http://seclists.org/fulldisclosure/2003/Feb/341

CP21x AN721, how to change manufacturer name:
https://www.silabs.com/Support%20Documents/TechnicalDocs/AN721.pdf

Have fun,

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s