upvote

points

by Sohcahtoa826 hours ago |
comments
upvoteby e12e4 hours ago|
next
[-]
> did not have egress to the Internet. It did have curl and Python, but not much else.

So trade exfiltration via curl with exfiltration via DNS lookup?

reply
upvoteby charcircuit3 hours ago|
parent|
[-]
Exfiltrate what? It's an empty container.
reply
upvoteby dotancohen1 hours ago|
parent|
[-]
There do exist container escaping exploits.
reply
upvoteby turnsout4 hours ago|
prev|
next
[-]
At that point, you'd be relying on a bug in curl / Python / sh, not the bot!
reply
upvoteby alfiedotwtf4 hours ago|
prev|
[-]
You do everything in a one-liner :)
reply