apt-get
apt-get
apt-get command: Useful usage flags with their explanation and use cases.
This guide walks through important apt-get commands, flags, and how they behave in real systems — including security and pentesting relevance.
Basic Commands
Update
1
apt-get update
What it does?
- Resynchronizes package index files from configured repositories.
- Downloads metadata, NOT packages.
Security Notes
- Executes APT hooks (Pre-Invoke / Post-Invoke).
- Uses trusted GPG keys.
Pentesting Use Cases
- Detect repository configuration.
- Abuse hook injection if sudo misconfigured.
- Recon of available packages.
Upgrade
1
apt-get upgrade
What it does?
- Upgrades installed packages.
- Does NOT remove packages.
Security Notes
- Runs maintainer scripts as root.
- Uses dpkg backend.
Pentesting Use Cases
- Trigger maintainer scripts.
- Observe package execution behavior.
Dist-Upgrade
1
apt-get dist-upgrade
What it does?
- Upgrades packages.
- Handles dependency changes.
- May remove packages.
Pentesting Use Cases
- Trigger large system changes.
- Study dependency solver behavior.
Install Specific Version
1
apt-get install curl=8.14.1-2+deb13u2
What it does?
- Installs exact package version.
Pentesting Use Cases
- Downgrade to vulnerable version.
- Controlled version testing.
Remove
1
apt-get remove package_name
What it does?
- Removes package.
- Keeps configuration files.
Security Notes
- Executes
prermandpostrmscripts.
Source & Build Related Commands
Download Source
1
apt-get source package_nameRequirement
deb-srcmust be enabled.
What it does?
- Downloads source code.
- Does NOT install.
Pentesting Use Cases
- Inspect packaging scripts.
- Review applied patches.
- Study supply chain.
Build Dependencies
1
apt-get build-dep package_name
What it does?
- Installs build dependencies defined in
debian/control.
Pentesting Use Cases
- Expand attack surface (dev libraries).
- Prepare lab environment.
- Installs build dependencies defined in
Compile From Source
1
apt-get source --compile package_name
What it does?
- Downloads source.
- Runs
dpkg-buildpackage. - Produces
.deb.
Note
- Does NOT install automatically.
Advanced Flags
Download Only
1
apt-get install -d package_name
What it does?
- Downloads
.deb. - Does NOT install.
Pentesting Use Cases
- Inspect
.debmanually. - Offline analysis.
- Downloads
Simulate
1
apt-get -s install package_name
What it does?
- Dry-run simulation.
- Shows dependency changes.
Pentesting Use Cases
- Dependency mapping.
- Safe testing.
Assume Yes
1
apt-get -y install package_name
What it does?
- Automatically answers yes to prompts.
Security Notes
- Dangerous in automation.
Configuration Injection (-o flag)
Runtime Config Override
1
apt-get -o Foo::Bar=value command
What it does?
- Overrides APT config at runtime.
Hook Injection Example
1
sudo apt-get -o APT::Update::Pre-Invoke::="sh -c 'echo test > /tmp/injected'" update
What it does?
- Executes command before update runs.
Pentesting Use Cases
- Privilege escalation if sudo allows apt-get.
Defensive Measures
- Restrict sudo usage.
- Monitor for
-ousage. - Use AppArmor / auditd.
Security Relevant Flags
Allow Unauthenticated
1
apt-get --allow-unauthenticated install package
What it does?
- Skips signature verification.
⚠️ Dangerous.
Target Release
1
apt-get -t unstable install package
What it does?
- Forces package from specific release.
Package State & dpkg Integration
Cache Management
Important System Locations
1
2
3
4
/etc/apt/sources.list.d/
/etc/apt/apt.conf.d/
/var/lib/dpkg/
/var/cache/apt/archives/
Pentesting Focus Areas
- Maintainer script execution
- Hook injection via
-o - Repository manipulation
- Downgrade attacks
- sudo misconfiguration abuse
- Supply chain inspection
- dpkg selection manipulation
Related Tools
dpkgapt-cacheapt-config dumpauditdstrace
Further Reading
- https://gtfobins.github.io/gtfobins/apt-get/
- https://manpages.debian.org/apt-get
- https://wiki.debian.org/Apt
This post is licensed under CC BY 4.0 by the author.