| ▲ | Sohcahtoa82 3 hours ago | |
Reminds me of a Discord bot that was in a server for pentesters called "Hack Me If You Can". It would respond to messages that began with "!shell" and would run whatever shell command you gave it. What I found quickly was that it was running inside a container that was extremely bare-bones and did not have egress to the Internet. It did have curl and Python, but not much else. The containers were ephemeral as well. When you ran !shell, it would start a container that would just run whatever shell commands you gave it, the bot would tell you the output, and then the container was deleted. I don't think anyone ever actually achieved persistence or a container escape. | ||
| ▲ | turnsout 22 minutes ago | parent | next [-] | |
At that point, you'd be relying on a bug in curl / Python / sh, not the bot! | ||
| ▲ | alfiedotwtf an hour ago | parent | prev [-] | |
You do everything in a one-liner :) | ||