I thought that Linux in general was an inherently secure operating system (like many other people) but I was shocked to find out that it is not.<\/p>\n
Here is a demonstration of a simple key-logger that runs without sudo privileges using the X window process:<\/p>\n
xinput –list<\/strong>\u00a0 #shows the list of input device IDs including the physical and virtual keyboards<\/p>\n Using the information from the previous command–for this example if the ID of your physical keyboard is 9, the following command sets up a simple keylogger that displays the character and ASCII number of the keydown or keyup (i.e. “press” and “release”).<\/p>\n xinput test 9<\/strong><\/p>\n This does not require root or sudo privileges.\u00a0 If we redirect this output to a hidden file we have a record of all the keystrokes.<\/p>\n Presumably one goal of an attacker is escalation of privileges from common user to root.\u00a0 This can be accomplished in similar fashion by creating a script that mimics sudo, copies the sudo password to a hidden file, then executes the sudo command so that the user does not even realize that the password has been compromised.\u00a0 Once that happens the sudo (root privilege) password is exported or extracted from the hidden file.<\/p>\n Here is a great article on Linux key-loggers:<\/p>\n https:\/\/www.hackingloops.com\/linux-keylogger\/<\/em><\/span><\/span><\/p>\n If this is a concern to you, read this article on Linux vulnerabilities.\u00a0 Windows and other operating systems have vulnerabilities too, but it seems that Linux distributions are often slower to fix them.<\/p>\n https:\/\/madaidans-insecurities.github.io\/linux.html<\/em><\/span><\/span><\/p>\n One key takeaway that I learned is that it may be better to implement the Linux “rolling” releases than the “stable” ones because the known vulnerabilities in the stable release are only fixed when a CVE (a list of known “Common Vulnerabilities and Exposures”) is issued and sometimes those are not issued as often as they should be.\u00a0 At least with a rolling release the OS will have the latest available security releases up to that date.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" I thought that Linux in general was an inherently secure operating system (like many other people) but I was shocked to find out that it is not. Here is a demonstration of a simple key-logger that runs without sudo privileges using the X window process: xinput –list\u00a0 #shows the list of input device IDs including…<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-501","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/davidfailor.com\/index.php\/wp-json\/wp\/v2\/pages\/501","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/davidfailor.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/davidfailor.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/davidfailor.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/davidfailor.com\/index.php\/wp-json\/wp\/v2\/comments?post=501"}],"version-history":[{"count":8,"href":"https:\/\/davidfailor.com\/index.php\/wp-json\/wp\/v2\/pages\/501\/revisions"}],"predecessor-version":[{"id":510,"href":"https:\/\/davidfailor.com\/index.php\/wp-json\/wp\/v2\/pages\/501\/revisions\/510"}],"wp:attachment":[{"href":"https:\/\/davidfailor.com\/index.php\/wp-json\/wp\/v2\/media?parent=501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}