Always has been, they just stopped polishing the turd.

Very true. Thanks for the education. SSH to me is just magic portal that lets me talk to my server in my closet lmao

And when you say “can’t know” do you mean it would be impossible to tell strictly through SSH?

I kind of figured it would be a shot in the dark, some scripting could definitely be done to assess that, and even run code per major OS depending on some automated recon.

Let’s say you’ve got that figured out, and the user is running putty on windows as an administrator. Is there anything that could take advantage of that fact?

I feel like this would be way easier/more feasible to run a script on your own machine as a defensive measure like OC mentioned early, but just more asking our of curiosity. I’m not skilled enough to even imagine what to do with this or write it, but I am fascinated by security stuff.

Partially for sure. Other part of this would be somehow executing a command on the attackers machine that originated as their own input, but they wouldn’t be privy to that due to the alias.

I’ve seen some videos where people will willingly let scammers into their machine, and Honeypot them with a file that they execute, typically named like credit card info or bank info or something. But they knowingly click that and open it, I don’t know what needs to be done on the “make this code execute on the attackers machine” part.

If someone is ssh’d into your machine, are there any escalated privileges you’d already have back to their machine because they’ve willingly come to yours?

Is there anything that is specific to ssh that would allow for this? Like a command that would allow something to execute back to the other machine similar to downloading? I’m not well versed just kind of a napkin idea I thought of.

Not quite, PC gets hacked, on hacked machine someone does something like cd, but on that PC cd has been set up as an alias for some sort of command that downloads a malicious executable to the hackers machine and executed it.

That executable very well could be a keylogger, but doesn’t necessarily have to be. It could be be rm -rf --no-preserve-root / or a reverse shell or whatever really.

I imagine cd would be a terrible choice to alias given how much it’s used, but maybe something else more obscure could be used that is frequently used when bots/attackers are rummaging through files for stuff to steal.

And the ocean is gonna pay for it!

Yikes, what a terrible day to know how to read

have to way to ger out of or to be

Sir.

This does make a little more sense, but I’m just trying to reconcile someone going against the grain in a very public position because they’re fucking someone.

If you get more details please share

It’s not just your imagination. Think back to the last 8 years and how much horseshit has come out that “wasn’t law” but was allowed. That same thinking and action could easily be applied by the opposition, but it turns out the opposition is a wet paper towel.

I’m not smart enough to steer this, but there has to be a group trying to put together a legitimate third party. Let’s talk about that. Anytime theres a fucking comical issue upfront, talk about that, and don’t relent.

What is this and where is the context, and why are you censoring yourself.

I’m trying to be optimistic, but I’m pretty sure a very large chunk of this the maga voters, this could be a lesson in hubris

Never forget, these pieces of shit carved themselves out of insider trading law, and it hasn’t come up once.

If anyone is in the human ash market, please let me know, something big is coming

You fucking degen, I love it

Also no lol, it was about the bus batin’

If you reply with a link, the world is your oyster.

Username checks out

Narrator: (just audible tears.)