Hi there, I saw you were offering help on Onetwoseven and I could use some help.
I'm attempting the APT exploit for privesc and am metaphorically banging my head on a wall, I wanted to see if I was even attempting the right methodology:
It seems to me that this is the exploit I must perform: https://justi.cz/security/2019/01/22/apt-rce.html
However, it only tells me 60% of what I need to know to replicate. I'm trying to do exactly what the article did as a proof-of-concept by installing the package and running MITMproxy to serve a fake redirect pointing APT to my own update file instead of the real .deb file.
Problem is, I'm having massive difficulty using/learning mitmproxy. I also don't understand how to plant the malicious update package; do I just generate my own .deb file from scratch? Or do I embed something into a .gpg file?
Do you recommend a different approach? Any resources would be very appreciated. Or am I barely even on the right path?
Thanks in advance.