|
|
|
|
|
|
by grugq
902 days ago
|
|
|
Oh, it’s far far worse than that. Just the core operation would be: open() — network round trip
fstat() — network round trip
brk() — network round trip
read() — network round trip
Shuffle data over network
read() — network round trip
Shuffle data over network Etc etc For a “grep root /etc/passwd” there are 88 syscalls on a Debian 11. If we assume a very generous 50ms latency for every syscall, that means we’re waiting 4.4s for the result. The use case for syscall proxying is limited to when you don’t want to upload an exploit onto a target machine, but you need to run the exploit on that machine. So it could be an LPE or something. It is way too slow for post exploitation work. |
|
|