this post was submitted on 20 Feb 2024
34 points (97.2% liked)

netsec

1236 readers
1 users here now

Technical news and discussion of information security.

Rules:

  1. Be excellent to each other
  2. Keep it on topic
  3. Absolutely no PII or doxing
  4. No disclosure posts

founded 2 years ago
MODERATORS
t8r
you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 1 points 11 months ago* (last edited 11 months ago) (1 children)

No one pays attention to the prompts. If you've ever watched a standard computer user they click away a prompt as fast as it appears without even reading it.

[โ€“] [email protected] 1 points 11 months ago

So I understand better, could you explain the scenario where you would use this and what it would get you as the attacker?

Is it like: "Hey bud, please plug my phone into your computer." Then, they click through everything, you get privileged execution, and you choose to modify the hosts file?

You believe that would have a high chance of success? What do you get afterwards?