The redesign of the command builder (#4042) introduced a small security concern: If an exploiter uses the bash dropper script, the OTP will be embedded within the bash script. This could allow the OTP to be read by an unintended party. The OTP needs to be set as an environment variable when running the bash dropper script. Propose and implement changes to the Agent plugin API and the command builder implementations to resolve this security concern.
Caveat: Building commands should be simple for plugins. Try to avoid complicating the interface unnecessarily.
Note: This code has not yet been released, so this issue does not represent a security impact any users.
VakarisZ
commented
1 month ago
The redesign of the command builder (#4042) introduced a small security concern: If an exploiter uses the bash dropper script, the OTP will be embedded within the bash script. This could allow the OTP to be read by an unintended party. The OTP needs to be set as an environment variable when running the bash dropper script. Propose and implement changes to the Agent plugin API and the command builder implementations to resolve this security concern.
Caveat: Building commands should be simple for plugins. Try to avoid complicating the interface unnecessarily.
Note: This code has not yet been released, so this issue does not represent a security impact any users.