Atlas VPN has confirmed the existence of a zero-day vulnerability that allows website owners to view the real IP addresses of Linux users. Not long ago, the person who discovered the vulnerability publicly posted details about the zero-day vulnerability and the exploit code on Reddit.
About Atlas VPN zero-day vulnerabilities
Atlas VPN offers "free" and paid "premium" VPN solutions that can change users' IP addresses, as well as encrypt connections to websites and online services. The company offers apps for Windows, macOS, Linux, Android, iOS, Android TV and Amazon Fire TV.
The vulnerability discovered this time only affects the Linux version of AtlasVPN client v1.0.3 (the latest version).
The poster explained the root cause of the vulnerability, firstly, the AtlasVPN Linux client consists of two parts, the daemon (atlasvpnd) that manages connections, and the client (atlasvpn) that controls connecting, disconnecting, and listing services. When a client does not connect via a local socket or any other secure means, but opens an API on localhost on port 8076, it does so without any authentication. Any program running on your computer, including browsers, can access this port.
In short, through a malicious script, any website can make a request to port 8076 to disconnect from the VPN and then run another request that leaks the user's IP address.
The prerequisite for a successful "attack" is that the visitor uses Linux and actively uses AtlasVPN Linux client v1.0.3 when visiting the website. Of course, this also limits the number of potential victims.
Fix is in development
Rūta Čižinauskaitė, Head of Communications at Atlas VPN, said: We are fixing this vulnerability. This vulnerability affects Atlas VPN Linux client version 1.0.3. As the researchers say, due to the vulnerability, a malicious actor could disconnect the application, thereby disconnecting encrypted traffic between the user and the VPN gateway. This may result in the user's IP address being leaked.
The company is currently working to fix the easily exploitable vulnerability as quickly as possible and once the issue is resolved, users will be prompted to update their Linux applications to the latest version.
Čižinauskaitė also stated that they will implement more security checks during development to avoid such vulnerabilities in the future.
As long as you like my article today, my private network security learning materials will be shared with you for free. Come and see what is available.
Network security learning resource sharing:
Finally, I would like to share with you a complete set of network security learning materials that I have studied myself. I hope it will be helpful to friends who want to learn network security!
Getting Started with Zero Basics
For students who have never been exposed to network security, we have prepared a detailed learning and growth roadmap for you. It can be said to be the most scientific and systematic learning route. It will be no problem for everyone to follow this general direction.
1. Learning roadmap
There are a lot of things to learn about attack and defense. I have written down the specific things you need to learn in the road map above. If you can learn them all, you will have no problem taking on private work.
2. Video tutorial
Although there are many learning resources on the Internet, they are basically incomplete. This is an Internet security video tutorial I recorded myself. I have accompanying video explanations for every knowledge point in the roadmap above. [Click to get the video tutorial]
I also compiled the technical documents myself, including my experience and technical points in participating in large-scale network security operations, CTF, and digging SRC vulnerabilities. There are also more than 200 e-books [Click to receive technical documents ]
(They are all packaged into one piece and cannot be expanded one by one. There are more than 300 episodes in total)
3. Technical documents and e-books
I also compiled the technical documents myself, including my experience and technical points in participating in large-scale network security operations, CTF and digging SRC vulnerabilities. There are also more than 200 e-books [click to receive the book ]
4. Toolkit, interview questions and source code
"If you want to do your job well, you must first sharpen your tools." I have summarized dozens of the most popular hacking tools for everyone. The scope of coverage mainly focuses on information collection, Android hacking tools, automation tools, phishing, etc. Interested students should not miss it.
Finally, here are the interview questions about network security that I have compiled over the past few years. If you are looking for a job in network security, they will definitely help you a lot.
These questions are often encountered when interviewing Sangfor, Qi Anxin, Tencent or other major companies. If you have good questions or good insights, please share them.
Reference analysis: Sangfor official website, Qi’anxin official website, Freebuf, csdn, etc.
Content features: Clear organization and graphical representation to make it easier to understand.
Summary of content: Including intranet, operating system, protocol, penetration testing, security service, vulnerability, injection, XSS, CSRF, SSRF, file upload, file download, file inclusion, XXE, logical vulnerability, tools, SQLmap, NMAP, BP, MSF…
Due to limited space, only part of the information is displayed. You need to click on the link below to get the
CSDN gift package: "Hacking & Network Security Introduction & Advanced Learning Resource Package" for free sharing
