Say you can send commands with a limited length to a linux server and they will execute as root and you'll get back the output. what is the lowest limit sufficient to pwn that server?
-
-
Replying to @emareaf
depends on the cwd, but an easy lower bound is to add a pubkey to /root/.ssh/authorized_keys charwise (nothing prevents me from running many commands right?)
1 reply 0 retweets 1 like
Replying to @allgebrah @emareaf
or better: echo \#>f echo \!>>f echo />>f ... ./f
2:04 PM - 22 Oct 2018
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.