Hacker News
new
past
comments
ask
show
jobs
points
by
Sohcahtoa82
6 hours ago
|
comments
by
e12e
4 hours ago
|
next
[-]
> did not have egress to the Internet. It did have curl and Python, but not much else.
So trade exfiltration via curl with exfiltration via DNS lookup?
reply
by
charcircuit
3 hours ago
|
parent
|
[-]
Exfiltrate what? It's an empty container.
reply
by
dotancohen
1 hours ago
|
parent
|
[-]
There do exist container escaping exploits.
reply
by
turnsout
4 hours ago
|
prev
|
next
[-]
At that point, you'd be relying on a bug in curl / Python / sh, not the bot!
reply
by
alfiedotwtf
4 hours ago
|
prev
|
[-]
You do everything in a one-liner :)
reply