Skip to content
    • Welcome to the Linux Foundation Forum!

    Netcat on Debian Security advice please nc -(dknl)

    Posts: 1
    edited December 2019 in Linux Security

    I would be very grateful for some help:
    This is with regards to a Netcat based script running on a Debian based distribution, specifically the Proxmox hypervisor (see here if unknown https://en.wikipedia.org/wiki/Proxmox_Virtual_Environment)

    I would need to run a script to start a Virtual Machine from a remote PC within the network. The script running on this Proxmox (Debian) distribution is as follows:

    nc -dknl -p 9 -u |

    stdbuf -o0 xxd -c 6 -p |
    stdbuf -o0 uniq |
    stdbuf -o0 grep -v 'ffffffffffff' |
    while read ; do
    MAC=${REPLY:0:2}:${REPLY:2:2}:${REPLY:4:2}:${REPLY:6:2}:${REPLY:8:2}:${REPLY:10:2};
    echo Received Address: $MAC
    if [ "$MAC" == "0c:d2:92:48:68:9b" ]
    then echo STARTING VM!
    qm start 101 # Proxmox Command to start Virtual machine.
    fi
    done

    Could the Debian running above script be exploited, as Netcat listens on Port 9 UDP (it could of course listen to another port as well if I change that)? Naturally, anyone in the network could start a VM, but is there another risk?

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In

    Quick Links

    Categories

    Upcoming Training