|
|
|
|
|
|
by kaivi
1586 days ago
|
|
|
Can't help but imagine your www-data which spawned nc, and it seems too amateurish for a high profile hacker group. Makes it seem as if they've copy-pasted the first one-liner reverse shell found on Google. Even the Metasploit framework has introduced payloads a while ago which do traffic encryption/obfuscation. Much more subtle reverse shells are used in the wild, where a compromised machine reaches out to hacker's server once in a while and receives commands and dumps output, even over something like ICMP/Loki or Covert TCP. |
|
|