top | item 47050682

(no title)

Reminds me of a Discord bot that was in a server for pentesters called "Hack Me If You Can".

It would respond to messages that began with "!shell" and would run whatever shell command you gave it. What I found quickly was that it was running inside a container that was extremely bare-bones and did not have egress to the Internet. It did have curl and Python, but not much else.

The containers were ephemeral as well. When you ran !shell, it would start a container that would just run whatever shell commands you gave it, the bot would tell you the output, and then the container was deleted.

I don't think anyone ever actually achieved persistence or a container escape.

discuss

e12e|12 days ago

> did not have egress to the Internet. It did have curl and Python, but not much else.

So trade exfiltration via curl with exfiltration via DNS lookup?

charcircuit|12 days ago

Exfiltrate what? It's an empty container.

turnsout|12 days ago

At that point, you'd be relying on a bug in curl / Python / sh, not the bot!

alfiedotwtf|12 days ago

You do everything in a one-liner :)