Oh, the statement just made me pause and think that's all.
> but I struggle to think of situation where curl would have been an actual culrprit.
I agree, I think it's much more likely that there was a 2 stage type of exploit where curl was used to download the second stage locally on the machine. That's at least how curl (or wget) is used on hackthebox.eu (where everyone hacks boxes for fun).
> but I struggle to think of situation where curl would have been an actual culrprit.
I agree, I think it's much more likely that there was a 2 stage type of exploit where curl was used to download the second stage locally on the machine. That's at least how curl (or wget) is used on hackthebox.eu (where everyone hacks boxes for fun).