Holey Beep (CVE-2018-0492) is the latest breakthrough in the field of acoustic cyber security research.
Holey Beep is the latest breakthrough in the field of acoustic cyber security research.
beep does what you'd expect: it beeps. But unlike printf "\a" beep allows you to control pitch, duration, and repetitions. Its job is to live inside shell/perl scripts and allow more granularity than one has otherwise. It is controlled completely through command line options. It's not supposed to be complex, and it isn't - but it makes system monitoring (or whatever else it gets hacked into) much more informative. Also it gives you root.
Most likely! If you have beep installed as setuid and it was compiled with a certain compiler version and options and your machine is compromised, your network is at risk.
Please run this command to find out:
curl https://holeybeep.ninja/am_i_vulnerable.sh | sudo bash
If your computer is vulnerable it will beep.
Holey Beep is just a simple privilege escalation bug. However, it can be used in an exploit chain to trigger more serious issues.
We found this YouTube video that outlines the exploitation steps.
Millions! Everyone, almost.
According to the Debian popularity contest, beep is installed on 1.86% of all machines. Extrapolating that by the earth population, we estimate roughly 130 million affected users.
We don't know. The world would be a better place.
This FAQ provides answers to some of the most frequently asked questions regarding the Holey Beep vulnerability. This is a living document and will be updated regularly at https://holeybeep.ninja.
Did you computer beep in unexpected situations? We recommend to install microphones to detect malicious activity.
Although the attack can happen in different layers, antivirus signatures that detect Holey Beep could be developed. Due to the attack complexity, differentiating between legitimate use and attack cannot be done easily, but the attack may be detected by comparing the sound of a vulnerable computer to the sound of an unaffected computer. Listen carefully. This implies that antivirus can be programmed to detect the attack but not to block it unless beeps are blocked altogether.
Yes, please keep your browser up to date with the latest security fixes.
Apply this patch as soon as possible using the following command:
patch -p1 < beep.diff. A short beep should be heard if all hunks are applied successfully.
Please follow instructions.
An anonymous cyber security researcher.
Great idea! Please contact our sales department.
#holeybeep or #CVE-2018-0492 it is. What do you prefer?
We discussed this in our team and unanimously agreed to create a name and logo right away.
The security community, we included, must learn to find these inevitable human mistakes sooner. Please support the development effort of software you trust your privacy to. Donate money to the FreeBSD project.
For those service providers who are affected, this is a good opportunity to upgrade security strength of the systems used. A lot of software gets updates which otherwise would have not been urgent. Although this is painful for the security community, we can rest assured that infrastructure of the cyber criminals and their secrets have been exposed as well.