Blog Guide Continuation: Hands-On Practice with Computer Safety!

Patch Process for CVE-2023-38545 - A Step-by-Step Guide

1. Understanding the Patch Process

In this guide, we will cover the patch process for the CVE-2023-38545 vulnerability, focusing on `curl` version updates and security enhancements.

2. Verifying Installed curl Version

For Windows:

Step 1: Open Command Prompt.
Command: curl -V
Outcome: Identify if the installed version of curl falls within the vulnerable range (7.69.0 to 8.3.0).

For Ubuntu Linux:

Step 1: Open Terminal.
Command: curl -V
Outcome: Check if the version is 7.81.0.

3. Download and Install the Updated curl

For Windows:

Step 1: Go to the curl for Windows download page.
https://curl.se/windows/

Step 2: Choose the appropriate system architecture (32-bit or 64-bit).

Step 3: Download and unzip the latest version of curl.

Step 4: Move the unzipped folder to C:\Program Files.

Step 5: Update the system's PATH environment variable.

1. Open "Edit System Environment Variables."
2. Add the path to the new curl folder in the bin directory above the existing C:\windows\system32.
3. Confirm changes and close all dialogs.

For Ubuntu Linux:

Step 1: Download the latest source package for curl.
Command: wget https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/curl/7.81.0-1/curl_7.81.0.orig.tar.gz

Step 2: Unzip the package.
Command: tar -zxvf curl_7.81.0.orig.tar.gz

Step 3: Apply the patch.
Command: curl https://raw.githubusercontent.com/DanielNoah/pentesting_DevSecOps/master/curlPatch/CVE-2023-38545_7.81.0.patch | git apply -v

Step 4: Verify that the patch has been applied by running a test command.
Command: curl -v --limit-rate 16384 --location --proxy socks5h://socks-server:1080 http://attacker-ip:8000
Outcome: Ensure the command does not execute as expected.

4. Testing and Verifying the New curl Version

For Windows:

Step 1: Open Command Prompt.
Command: curl -V
Outcome: Confirm the version displayed is the newly installed one.

For Ubuntu Linux:

Step 1: Run the curl -V command in the terminal.
Outcome: Confirm that the output shows the newly patched version.
Result: As same as the STEP 4 process for Ubuntu Linux.

5. Applying the Patch in Docker Containers

Docker Scout:

Step 1: Use Docker Scout to analyze and evaluate local Docker images.
Command: docker login and then docker scout repo enable --org <org-name> <org-name>/scout-demo
Outcome: Determine if any Docker images are using the vulnerable curl version.

Secure curl Docker Image:

Step 2: Download a secure curl Docker image.
Command: sudo docker pull curlimages/curl:8.4.0

Step 3: Run the new image and verify the version.
Command: sudo docker run --rm curlimages/curl:8.4.0 --version
Outcome: Confirm that Docker containers are now using the patched curl version.

6. Final Verification

Step 1: Run a final series of tests on both the OS and Docker containers to ensure that the system is no longer vulnerable.
Step 2: Document the process, save the new configurations, and ensure all systems are updated regularly.

How to Spot the Sneaky CVE-38545 Vulnerability with Daniel's Help

 

How to Spot the Sneaky CVE-38545 Vulnerability with Daniel's Help

Hi there! Dan's got some cool tech talk to share today. 😎 My job at Cloud Tech Company has me acting like a digital detective, and guess what? I've stumbled upon a sneaky bug that some computers and websites have, and I'm going to show you how we can find it and fix it before the bad guys use it to cause trouble!

This one's a bit technical, so strap in, and let's turn on our super-spy mode. This bug has a code name: CVE-38545. "CVE" stands for Common Vulnerabilities and Exposures, kinda like having a list of all the secret trapdoors where a thief might try to sneak into a house. Only, this house is made up of computers and websites. 🕵️‍♂️

Imagine that these trapdoors are not well hidden; they're listed online so that everyone, even the thieves, can see them. It's our job to lock those doors before the thieves find them. That's what cybersecurity folks do — they find these trapdoors (or bugs) and create special locks for them (which we call 'patches').

So, what's this CVE-38545 all about? It's a bug in something called curl, which is a tool that computers use to talk to each other and share files. It's used everywhere — in Windows computers, Linux systems, and even those virtual boxes we call 'Docker containers'. And just like how we check the doors before we go to bed, we've got to check our computers for this bug.

Let's play the bug detective game with our Windows 11 Enterprise first, shall we? 🧐

Here's what we'd do:

1. Go to the magical search box on the computer (also known as the 'Command Prompt').
2. Then, type in this spell: curl -V. This is like asking the computer to tell us if it's got the bug.

C:\Windows\System32>curl -V

If the computer says it has version 8.0.1 of curl, then bingo — we've found the bug! 🐛 But don't worry, I'm here to help you understand how to fix it and keep our computer safe from those pesky digital thieves.

Stick around, and in my next trick, I'll show you how to lock these trapdoors on our Windows and Linux systems before we get our hands dirty with Docker containers. It's going to be a fun ride, and by the end, you'll be just as good at bug hunting as Dan!

Stay tuned, and let's keep our computers safe together! 🖥️🔐