Tim (Wadhwa-)Brown :donor:<p>Technically, it's not a vuln because if you enable SSH via the supported route then you only get a root shell and there's no way to create low priv'd SSH users, but since there's no ability to persistently fix that issue, I ended up abusing IPC to write to the persistent storage a scheduled job which will give me a low priv'd SSH user 🤡.</p><p><a href="https://gist.github.com/timb-machine/a3b2d27adcbbed34455e78f845198392" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gist.github.com/timb-machine/a</span><span class="invisible">3b2d27adcbbed34455e78f845198392</span></a></p><p>It just so happens that /if/ you did have a low priv'd SSH user, then the IPC would enable you to get root.</p><p><a href="https://infosec.exchange/tags/westerndigital" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>westerndigital</span></a>, <a href="https://infosec.exchange/tags/mycloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mycloud</span></a>, <a href="https://infosec.exchange/tags/y0day" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>y0day</span></a>, <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a>, <a href="https://infosec.exchange/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a></p>
mastodontech.de ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Offen für alle (über 16) und bereitgestellt von Markus'Blog
Verwaltet von:
Serverstatistik:
1,4 Tsd.aktive Profile
mastodontech.de: Über · Status · Profilverzeichnis · Datenschutzerklärung
Mastodon: Über · App herunterladen · Tastenkombinationen · Quellcode anzeigen · v4.4.1
#mycloud
0 Beiträge · 0 Beteiligte · 0 Beiträge heute
clever boi<p>I'm already pretty over NextCloud and, how slow it is, and how unpolished EVERYTHING is for how long it's been around. I guess I will build my cloud piecemeal.</p><p>It's been an interesting experience trying to migrate though, I have a better grasp all of "my cloud":</p><p> - File (sync and web access)<br> - Tasks/Notes/Memos<br> - Bookmarks<br> - Favorites<br> - Passwords<br> - Very Important Files<br> - Mail<br> - Maps</p><p>I'm sure I'm missing something.<br><a href="https://mastodon.social/tags/NextCloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NextCloud</span></a> <a href="https://mastodon.social/tags/MyCloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MyCloud</span></a></p>
AngesagtLive-Feeds
Mastodon ist der beste Zugang, um auf dem Laufenden zu bleiben.
Du kannst jedem im Fediverse folgen und alles in chronologischer Reihenfolge sehen. Keine Algorithmen, Werbung oder Clickbaits vorhanden.
Konto erstellenAnmeldenZum Hochladen hereinziehen