Old Miraheze Wiki Pages:KB848249: Difference between revisions
Create the page for later use. |
m 12 revisions imported: Import the dump of the "LI AO's Wiki (Miraheze)" wiki. |
||
(11 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
{{DISPLAYTITLE:KB848249: Software Rogue May Causing Unsoliticited OpenWrt Router Configuration Change}} | |||
== Introduction == | |||
Li Ao downloaded an OpenWrt software package named "v2raya" and "luci-app-v2raya". As he sought information about the usage of this software, and was tring to activate the Web management console, he noticed unsoliticitly behaviour which may indicates automated file downloading. He later confirmed that this package has the ability of not only triggering automated downloads from Internet locations, but changing router configuration automatically, with information given by a YouTube video. | |||
He confirmethat this software package has rogue behaviours which may cause damages to proper configuration, and may result in insultion to users. | |||
== Symptoms == | |||
Li Ao downloaded the packages named "v2raya" and "luci-app-v2raya" from the OpenWrt software package repository. As he was going to look on the user interface to learn the design concepts in order to know the usage, he noticed that its Web interface indicated a message telling some missing files were downloading. He later confirmed the guess of rogue software is true, with a YouTube video showing the behaviour of the software. | |||
As confirmed on information of the GitHub repository, the software will not only download from GitHub missing components, but will also apply routing configurations without the user's consent. As it connects to the added v2Ray servers, a fixed rule which will result in traffic leaking for routers without a default routing perference but with certain types of custom configurations. | |||
He did neither review the complete source code nor the actual machine code executions before confirming the software has rogue features. | |||
== Solution == | |||
Li Ao does not recommend to modify the source code of the packages to build custom packages for production use. Instead, he recommends using the packages from Project V, an open-source project producing network proxy tools with obfuscation functionalities. The following packages are recommended: | |||
--v2ray-core<br /> | |||
--v2ray-example<br /> | |||
--v2ray-extra | |||
=== Alternative Options === | |||
For Shadowsocks configurations, users can consider using the following packages as they do not have rogue behaviours: | |||
--shadowsocks-libev-config<br /> | |||
--shadowsocks-libev-ss-local<br /> | |||
--shadowsocks-libev-ss-redir<br /> | |||
--shadowsocks-libev-ss-tunnel<br /> | |||
--luci-app-shadowsocks-libev | |||
Users can also choose to install geolocation data supplied by these packages: | |||
--shadowsocks-libev-ss-rules | |||
== More Information == | |||
System administrators in enterprises considering applying new software packages on their systems are advised to check with publisher information as a precaution measure against rogue behaviours and viruses, or to avoid spyware. | |||
__INDEX__ |
Latest revision as of 18:14, 28 September 2024
Introduction
Li Ao downloaded an OpenWrt software package named "v2raya" and "luci-app-v2raya". As he sought information about the usage of this software, and was tring to activate the Web management console, he noticed unsoliticitly behaviour which may indicates automated file downloading. He later confirmed that this package has the ability of not only triggering automated downloads from Internet locations, but changing router configuration automatically, with information given by a YouTube video.
He confirmethat this software package has rogue behaviours which may cause damages to proper configuration, and may result in insultion to users.
Symptoms
Li Ao downloaded the packages named "v2raya" and "luci-app-v2raya" from the OpenWrt software package repository. As he was going to look on the user interface to learn the design concepts in order to know the usage, he noticed that its Web interface indicated a message telling some missing files were downloading. He later confirmed the guess of rogue software is true, with a YouTube video showing the behaviour of the software.
As confirmed on information of the GitHub repository, the software will not only download from GitHub missing components, but will also apply routing configurations without the user's consent. As it connects to the added v2Ray servers, a fixed rule which will result in traffic leaking for routers without a default routing perference but with certain types of custom configurations.
He did neither review the complete source code nor the actual machine code executions before confirming the software has rogue features.
Solution
Li Ao does not recommend to modify the source code of the packages to build custom packages for production use. Instead, he recommends using the packages from Project V, an open-source project producing network proxy tools with obfuscation functionalities. The following packages are recommended:
--v2ray-core
--v2ray-example
--v2ray-extra
Alternative Options
For Shadowsocks configurations, users can consider using the following packages as they do not have rogue behaviours:
--shadowsocks-libev-config
--shadowsocks-libev-ss-local
--shadowsocks-libev-ss-redir
--shadowsocks-libev-ss-tunnel
--luci-app-shadowsocks-libev
Users can also choose to install geolocation data supplied by these packages:
--shadowsocks-libev-ss-rules
More Information
System administrators in enterprises considering applying new software packages on their systems are advised to check with publisher information as a precaution measure against rogue behaviours and viruses, or to avoid spyware.