| ▲ | skrebbel 8 hours ago | |
Thanks! Though the public address is going to be random here so how will the hacker figure out which tunnl.gg subdomain to gobble up? | ||
| ▲ | gnfargbl 2 hours ago | parent | next [-] | |
That's actually a fair defence against this kind of abuse. If the attacker has to get some information (the tunnel ID) out of the victim's machine before they can abuse this service, then it is less useful to them because getting the tunnel ID out is about as hard as just getting the actual data out. However, if "No signup required for random subdomains" implies that stable subdomains can be obtained with a signup, then the bad guys are just going to sign up. | ||
| ▲ | rany_ 5 hours ago | parent | prev [-] | |
I've seen lots of weird tricks malware authors use, people are creative. My favorite is that they'd load up a text file with a modified base64 table from Dropbox which points to the URL to exfiltrate to. When you report it to Dropbox, they typically ignore the report because it just seems like random nonsense instead of being actually malicious. | ||