|
|
|
|
|
|
by emidln
4191 days ago
|
|
|
I wonder what the payoff is for running a script to secure the CentOS box you just rooted versus leaving it open to additional attacks. On one hand, you have potential loss of your work due to disruption of services leading to someone noticing and re-imaging the box. On the other hand, I don't particularly like sharing with randoms. It also makes me wonder if optimized command and control networks have been developed. Most of the code I see floating around public drops goes to very little effort to conceal data exfil, if it even makes an effort to identify data to exfil at all. This seems like a real waste given that some large percentage of machines you steal are likely worth more than just their cpu time and bandwidth. Obviously the more code you run, the higher your chances of detection, but it seems like a huge creative space. How do I find interesting files without tripping all the alarms? How do I efficiently take over someone else's LSM hooks? |
|
|