Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
chillax
4 days ago
|
parent
|
context
|
favorite
| on:
Sleeper Shells: Attackers Are Planting Dormant Bac...
Related: Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340)
https://labs.watchtowr.com/someone-knows-bash-far-too-well-a...
ddtaylor
4 days ago
[–]
I think there is an easier substitution attack since there is shell expansion occuring. I will toy with it later today.
reply
PhilipRoman
4 days ago
|
parent
[–]
The array indexing thing is a special case in [[...]] which is otherwise more-or-less secure (no expansion occurs under typical unquoted variable access).
https://news.ycombinator.com/item?id=46631811
reply
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
