undefined | Better HN

0 pointsheavenlyblue6y ago0 comments

I don’t really understand what that gives the attacker.

I mean, if you already made them run a random script why would you even care about their password?

0 comments

3 comments · 1 top-level

fulafel6y ago· 2 in thread

To be able to easily get root through sudo later when running the malware payload (reverse shell eg) in the background?

You already have sudo, you can install any malware immediately (with a rootkit on top and any kernel extensions to hide yourself)

fulafel6y ago

Maybe you don't want to leave any log traces, kernel mods etc behind yet before getting instructions from your c&c or waiting until a set time when some other coordinated action (or a weekend) happens.

j / k navigate · click thread line to collapse