Sort of command that would pull a download that is self executed to the host machine?
That’s worded a bit fucky, if I need to elaborate, please chime in.
Sort of command that would pull a download that is self executed to the host machine?
That’s worded a bit fucky, if I need to elaborate, please chime in.
Not quite, PC gets hacked, on hacked machine someone does something like cd, but on that PC cd has been set up as an alias for some sort of command that downloads a malicious executable to the hackers machine and executed it.
That executable very well could be a keylogger, but doesn’t necessarily have to be. It could be be rm -rf --no-preserve-root / or a reverse shell or whatever really.
I imagine cd would be a terrible choice to alias given how much it’s used, but maybe something else more obscure could be used that is frequently used when bots/attackers are rummaging through files for stuff to steal.
I mean, I’m sure it’s possible, it’s just a matter of how to get the honeypot/script on the system and give the downloaded file executable rights.
Is there anything that is specific to ssh that would allow for this? Like a command that would allow something to execute back to the other machine similar to downloading? I’m not well versed just kind of a napkin idea I thought of.
deleted by creator
I kind of figured it would be a shot in the dark, some scripting could definitely be done to assess that, and even run code per major OS depending on some automated recon.
Let’s say you’ve got that figured out, and the user is running putty on windows as an administrator. Is there anything that could take advantage of that fact?
I feel like this would be way easier/more feasible to run a script on your own machine as a defensive measure like OC mentioned early, but just more asking our of curiosity. I’m not skilled enough to even imagine what to do with this or write it, but I am fascinated by security stuff.
And when you say “can’t know” do you mean it would be impossible to tell strictly through SSH?
deleted by creator
Very true. Thanks for the education. SSH to me is just magic portal that lets me talk to my server in my closet lmao
deleted by creator