|
|
|
|
|
|
by sascha_sl
1410 days ago
|
|
|
It doesn't really need to be well hidden if you're not actively looking. A shell script and a crontab entry / bashrc exec / init system entry is very low tech. Pair that with a slightly higher (but still low overall) tech LD_PRELOAD libc shim so it hides itself and you got something just stealthy enough that you wouldn't find it if you don't look for it. Remember, the easiest privilege escalation is aliasing sudo and patience. |
|
|