|
|
|
|
|
|
by ultramancool
3605 days ago
|
|
|
This seems trivial to me. Heck, you could practically make it full out remote exec and grab output from airgapped machines if USB keys were moved between them frequently enough. Serialize and encrypt tiny blob with command, do the same for the output and dump it back on the same USB drive or the next one plugged in, send the data out the next time it's on an internet connected machine... I don't see any challenge or skill involved here. Good post-exploitation malware is often more about doing simple things right than about doing impressive things though I suppose. Having the exploit that allows this attack to happen is the impressive part. |
|
|