Cybersecurity

Hey,

I actually do have a question which seems rather easy for those you know more about this topic, since I am pretty new to bashscripting and don't know where it's limits are I have to ask you guys

Imagine a system where all possible code execution methods (binary executables or interpreted languages like perl and python) are not possible for the attacker. The only thing he can do is to write and execute shell scripts. But here, he is completly free to do what he wants, but it has to be within a shellscript and not with root rights.

So the question is: How much danger would there be in such a situation? Is it possible to do real harm only using a shellscript? If yes, what kind of stuff can one do? The only thing that came to my mind was deleting files, but as I assume the attacker has only user privilges in this scenario he wouldn't be able to delete the important files.

Theoretically speaking, I believe the greater danger (than deleting data) is the random alteration of data. For instance, if I discovered that I was missing data for 100 people, I could restore a backup copy to determine the missing records and then copy the missing individuals back into a database.
However, something that randomly changed a field in random records would be more difficult to recover. How would I know what data was changed correctly by a user vs. a 'bad script'.

As long as he has access to files, echo -e or printf, and chmod, he has the ability to copy in executables from somewhere else. Not difficult, just tedious. And then they can craft a busybox or wget executable for themselves and build or import anything else they want. They could download a password-cracking suite and attempt to crack your own system and/or someone else's. I've seen it happen; a "good" piece of cracking software depends on almost nothing in your system except the shell and wget/curl. They won't get in unless your passwords are ridiculous though.

Thanks for the answer, but you misunderstood me.
I assumed that all form of bringing executable code in the system is not possible (which is done via signature checking in the kernel), except the sh script code (and probably techniques like buffer overflow hacking which I'm also not competent at )
So basically all the user can do is to execute programs that are already on the system. Changing those in the system will cause them to fail to execute.

Because if I understand you right you mean he would build is own executable by copying it from different locations and/or writing it new. Such executables would be hindered from execution by the kernel

This doesn't mean you shouldn't still think about other vectors. How do these executables get signed? Any vulnerabilities in that and bam, you might as well have not had it. Hm.

Which shell? A shell that can make network sockets, like newer bash or newer ksh, could still be used as part of a zombie net.

For that matter, they could just use existing utilities for the most part.

Of course you are right. But this is right now still a rather theoretical question I'm dealing with, where I like to split it up in different parts. One part (the one which I don't have an idea to secure it), is that the attacker can only use shell scripts because all other stuff is already made secure.


As for the verification: I assume a standard RSA digital signature on a message digest . Of course, once the secrect key has been leaked one can do anything.

Hasn't RSA been cracked? ssh uses DSA these days.