PIRATEBOX

PirateBox Security Thread

Posted by TerrorByte 
This forum is currently read only. You can not log in or make any changes. This is a temporary situation.
Now, this forum is in read-only mode. You find details Details hereContinue on /r/PirateBox
Forum List Message List New Topic
TerrorByte
PirateBox Security Thread
August 24, 2012 10:26PM
This is the place that you should post any security issues / ideas for improvement.



[Reserved for Info]

[Known Issues]

[Inherent issues]
By default PirateBox has some built in issues as it is an open network, it is vulnerable to and may be unavoidable:
    [*] Man In The Middle
    - DNS Poisoning
    - Data Nabbing
    - Injecting Malicious code into downloads
    - Etc.

    [*] DDoS / DoS
    - at least in AP mode (not sure about DDoS in an adhoc network) Deauth flooding / Frame Flooding / Etc

    [*] Malware Attacks
    - Users uploading malicious software

    [*] Bad Coding (on the users)
    - For Example: in the PHP version of piratebox someone may be able to upload a php rooting shell (to be tested)
Reply Quote
TerrorByte
Re: PirateBox Security Thread
August 24, 2012 10:31PM
For PirateBoxLive:

The issue is that it is a static version of ubuntu and has not been updated since it gets rolled, which means it is vulnerable to any issues in Ubuntu at the time of rolling apply to this. I am looking into doing a semi-automated way of rolling updates every couple of weeks. I will take a VM Snapshot right before I re-roll, and then every 2 weeks I was thinking just have a script that runs the apt-get update / upgrade (not dist-upgrade as I want to separate the versions of Ubuntu) and then Snapshot and re-roll into an directory that automatically pushes to github.
Reply Quote
*grod
Re: PirateBox Security Thread
October 02, 2012 07:43AM
Well, considering that PB is purposefully not on the 'net I don't see how one could do the updates unless they are doing maintenance on the box regularly. In that case, they could delete the potential bad files. Not that we shouldn't be able to update the box, just an observation.

Perhaps some kind of filter could be added so that the manager of a PB could block certain filetypes from being uploaded? Something that blocks any .exe or .sh perhaps? Things like that won't stop someone sufficiently bent on havoc but would stymie most casual troublemakers.

On my 2 PBs, I have a disclaimer saying that this is entirely unprotected and to virus scan anything one downloads. I also check the machines weekly. So far all I've found is a copious amount of porn videos uploaded. No executables as of yet.
Reply Quote
Newer Topic Older Topic