Welcome to the Linux Foundation Forum!

Netcat on Debian Security advice please nc -(dknl)

fostgregfostgreg Posts: 1
edited December 2019 in Linux Security

I would be very grateful for some help:
This is with regards to a Netcat based script running on a Debian based distribution, specifically the Proxmox hypervisor (see here if unknown https://en.wikipedia.org/wiki/Proxmox_Virtual_Environment)

I would need to run a script to start a Virtual Machine from a remote PC within the network. The script running on this Proxmox (Debian) distribution is as follows:

nc -dknl -p 9 -u |

stdbuf -o0 xxd -c 6 -p |
stdbuf -o0 uniq |
stdbuf -o0 grep -v 'ffffffffffff' |
while read ; do
MAC=${REPLY:0:2}:${REPLY:2:2}:${REPLY:4:2}:${REPLY:6:2}:${REPLY:8:2}:${REPLY:10:2};
echo Received Address: $MAC
if [ "$MAC" == "0c:d2:92:48:68:9b" ]
then echo STARTING VM!
qm start 101 # Proxmox Command to start Virtual machine.
fi
done

Could the Debian running above script be exploited, as Netcat listens on Port 9 UDP (it could of course listen to another port as well if I change that)? Naturally, anyone in the network could start a VM, but is there another risk?

Sign In or Register to comment.