- cross-posted to:
- cybersecurity@sh.itjust.works
- cross-posted to:
- cybersecurity@sh.itjust.works
You must log in or # to comment.
Very cool trick. I’ve never been comfortable with how Python package installation is effectively arbitrary code execution. It’s also a nice reminder that installing packages into a Docker environment is generally safer than going bare
backmetal.It is not steganography. It’s just
cat original.png trojan > malicious.png
.See? Hidden in an image, clearly that’s steganography! /s