Sort of command that would pull a download that is self executed to the host machine?
That’s worded a bit fucky, if I need to elaborate, please chime in.
Sort of command that would pull a download that is self executed to the host machine?
That’s worded a bit fucky, if I need to elaborate, please chime in.
And when you say “can’t know” do you mean it would be impossible to tell strictly through SSH?
the ssh protocol doesn’t provide any mechanism for your server to identity the client host architecture, nor does it provide any mechanism i’m aware of to send any payloads back to the host client for arbitrary execution.
The thing is ssh is a protocol and it’s implementation is not going to be identical across clients.
So if you found a bug in an ssh client that allowed for this your hypothetical attack vector would only work on intruders using that broken client. ssh is one of the most scrutinized protocols there are and you should be a hero if you found this bug. what you’re asking for, if it were as easy as you might hope, well ssh wouldn’t be the ubiquitous security connection protocol if it were simple like that right?
Very true. Thanks for the education. SSH to me is just magic portal that lets me talk to my server in my closet lmao
it’s a fun thought experiment as it’s a very complex protocol