| ▲ | falcor84 2 days ago | |
Yes, ... but if the server is compromised, they could also just inject malware directly into the binary that it's installing, right? As I see it, at the end of the day you're only safe if you're directly downloading a package whose hash you can confirm via a separate trusted source. Anything else puts you at the mercy of the server you're downloading from. | ||
| ▲ | sim7c00 2 days ago | parent [-] | |
depending on what you run one method might have more success than another. protections for malicious scripts vs. modified binaries are often different tools or different components of the same tool that can have varying degrees of success. you could also use the script to fingerprint and beacon to check if the target is worth it and what you might want to inject into said binary if thats your pick. still i think i agree, if you gonna trust a binary from that server or a scripts its potato potato... check what you run before you run it with whatever tools or skills u got and hope for the best. if you go deepest into this rabbithole, you cant trust your hard disk or network card etc. so its then at some point just impossible to do anyhting. microcode patches, malicious firmwares, whatever. for pragmatic reasons line needs to be drawn. if your paranoid good luck and dont learn too much about cybersecurity, or you will need to build your own computer :p | ||