117·
1 month agoHere are the steps:
- The attacker creates a standard Git repository.
- They commit a single symbolic link pointing to a sensitive target.
- Using the PutContents API, they write data to the symlink. The system follows the link and overwrites the target file outside the repository.
- By overwriting .git/config (specifically the sshCommand), the attacker can force the system to execute arbitrary commands–
amazing.
biggest point.
When you build your own linux pc, you will always have a big risk of some unexpected problems. Lowering the bar of technical expertise to run linux is the main selling point here IMO.