|
|
|
|
|
|
by aroch
4292 days ago
|
|
|
Bindshells are shells that are bound to a port, see Wiki for a brief explanation[1]. Basically, without authentication you have no way of knowing that the `ls` you backed up is the same `ls` you get back out. If your remote backup is compromised and uses XTS, its possible for someone to own you by replacing an oft used binary that when run gives them a remote shell. [1] https://en.wikipedia.org/wiki/Shellcode On the other hand, if the attacker needs to create the connection, the shellcode is called a bindshell because the shellcode binds to a certain port on which the attacker can connect to control it. |
|
|