SSRF + Redis
SSH Public Key
$HOME/.ssh/authorized_keys
is used to store a list of SSH public keys so that users log in without password. If $HOME/.ssh/authorized_keys
is writable, this can be used to store the attacker's SSH public key.
Reference
Last updated