Apache Guacamole

Apache Guacamole
Developer(s)	Apache Software Foundation
Repository	GitHub Repository
Written in	C (server), Java (client), JavaScript (website)
Operating system	Server: Most Linux software; ; Client: Web browsers that support HTML5;
Type	Remote Desktop Gateway
License	Apache License 2.0
Website	Official Website

Apache Guacamole is a free and open-source cross-platform Remote Desktop Gateway maintained by the Apache Software Foundation. It allows a user to take control of a remote computer or virtual machine via a web browser. The server runs on most Linux distributions and the client runs on any modern web browser. Remote access is performed via the guacd component, which uses the RDP, VNC or SSH remote protocols to access resources. Guacamole is clientless and doesn't require an agent to be installed on the resources being accessed. The fact that the client runs on web browsers allows users to connect to their remote desktops without using an installed remote desktop client.^[1]

In July 2020, serious reverse RDP vulnerabilities in Guacamole were uncovered, allowing potential attackers to take complete control of a Guacamole gateway, listen in on incoming sessions, see all the credentials used, and start sessions to control computers within the network.^[2]^[3]^[4] The method of attack was subsequently patched. The hacking has launched a House probe of whether Chinese hackers are taking advantage of the U.S. throughout the 2020 coronavirus pandemic.^[5]

References

^ Kenlon, Seth (6 May 2020). "5 open source tools IT leaders should know about now". enterprisersproject.com. Archived from the original on 2020-05-07. Retrieved 2020-09-22.
^ Seals, Tara (2 July 2020). "Apache Guacamole Opens Door for Total Control of Remote Footprint". threatpost.com. Archived from the original on 2020-07-04. Retrieved 2020-09-22.
^ "Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking". The Hacker News. Retrieved 2020-09-22.
^ Bradbury, Danny (2020-07-02). "Researchers Find Vulnerabilities in Apache Remote Desktop Software". Infosecurity Magazine. Retrieved 2020-09-22.
^ Starks, Tim. "First in MC: Bill would launch probe into China's exploitation of pandemic". POLITICO. Retrieved 2020-09-22.

[1] Kenlon, Seth (6 May 2020). "5 open source tools IT leaders should know about now". enterprisersproject.com. Archived from the original on 2020-05-07. Retrieved 2020-09-22.

[2] Seals, Tara (2 July 2020). "Apache Guacamole Opens Door for Total Control of Remote Footprint". threatpost.com. Archived from the original on 2020-07-04. Retrieved 2020-09-22.

[3] "Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking". The Hacker News. Retrieved 2020-09-22.

[4] Bradbury, Danny (2020-07-02). "Researchers Find Vulnerabilities in Apache Remote Desktop Software". Infosecurity Magazine. Retrieved 2020-09-22.

[5] Starks, Tim. "First in MC: Bill would launch probe into China's exploitation of pandemic". POLITICO. Retrieved 2020-09-22.

[1]

[2]

[3]

[4]

[5]

Apache Guacamole

References

Navigation menu