|
|
|
|
|
|
by vin10
904 days ago
|
|
|
OP here. Another interesting attack vector I have been working on is OSC 8 for hyperlink support in terminals. Mostly they allow arbitrary url schemes including "ssh://" without any prompt or user interaction to consent to open an external tool like ssh client in this case. A good discussion on this: https://gist.github.com/egmontkob/eb114294efbcd5adb1944c9f3c... |
|
|