If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.

Brave Firewall + VPN is an extra service that Brave users may subscribe to for a monthly fee. Launched in mid-2022, it is a cooperation between Brave Software, maker of Brave Browser, and Guardian, the company that operates the VPN and the firewall solution. The firewall and VPN solution is available for $9.99 per month.

You are viewing a single thread.
View all comments View context
8 points

Huh? Any script can create a service, enable it and then start it. What would make you think the brave package (or just the application itself) can’t do this?

permalink
report
parent
reply
-7 points

Not possible to start or enable a created service without user intervention. You don’t know what you are talking about.

permalink
report
parent
reply
5 points

OK… challenge accepted. Maybe you don’t know about systemd user services.

Content of mytrojan.sh:

#!/usr/bin/env bash

echo "Writing the service unit file"

cat > ~/.config/systemd/user/my_test_service.service << EOF
[Unit]
Description=Script Daemon For Test User Services

[Service]
Type=simple
User=
#Group=
ExecStart=/home/user/bin/myscript.sh
Restart=on-failure
StandardOutput=file:%h/log_file

[Install]
WantedBy=default.target
EOF

echo "Reloading systemd for the user"
systemctl --user daemon-reload || exit 1

echo "Enabling and starting the service"
systemctl --user enable --now my_test_service.service

Content of myscript.sh:

$ cat ~/bin/myscript.sh
#!/usr/bin/env bash

while true
do
    now=$(date)
    me=$(whoami)
    echo "User $me at $now"
    sleep 10
done

Now run the script (mytrojan.sh) and check service status after that:

$ ./mytrojan.sh
Writing the service unit file
Reloading systemd for the user
Enabling and starting the service
$ systemctl --user status my_test_service.service
● my_test_service.service - Script Daemon For Test User Services
     Loaded: loaded (/home/user/.config/systemd/user/my_test_service.service; enabled; vendor preset: ena>
     Active: active (running) since Thu 2023-10-19 12:15:21 EEST; 6s ago
   Main PID: 1666383 (myscript.sh)
      Tasks: 2 (limit: 18757)
     Memory: 556.0K
        CPU: 4ms
     CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/my_test_service.service
             ├─1666383 /bin/bash /home/user/bin/myscript.sh
             └─1666387 sleep 10

Oct 19 12:15:21 tesla systemd[1866318]: Started Script Daemon For Test User Services
permalink
report
parent
reply
-3 points

You failed. This requires the user to run a script aka manual intervention.

permalink
report
parent
reply
6 points
Deleted by creator
permalink
report
parent
reply
-1 points

Bruh you just ran the command to enable the ‘written’ service. Comprehension is a problem in this community.

permalink
report
parent
reply
10 points
*

Systemd “enabled” services are literal symlinks… whenever a target runs, it tries to start also all the service files on its “wants” directory.

You can literally enable any service for next boot by making a symlink in /etc/systemd/system/multi-user.target.wants/ (or whichever other target you want it to run on) as root (and installation scripts are run as root).

ln -s /usr/lib/systemd/system/whatever.service  /etc/systemd/system/multi-user.target.wants/whatever.service

permalink
report
parent
reply
0 points

This is actually very close (just tested and confirmed it). I somehow stand corrected about requiring manual enablement but this is just using the package manager to do the dirty work for you.

However the program itself cannot write into those directories without root permissions. You still have to allow your package manager to do this with root permissions as mentioned.

permalink
report
parent
reply

Privacy

!privacy@lemmy.ml

Create post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

Community stats

  • 4.6K

    Monthly active users

  • 2.9K

    Posts

  • 78K

    Comments