@q3k There is one string that stands out: ssh-rsa-cert-v01@openssh.com
Would they allow some hard coded key to sign certificates and just allow them through?
@waldi @q3k That's a SSH key type (https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD) but it's definitely doing *something* with keys. I wonder if the crazy foo=bar assignment is used to identify a key with hidden attributes.
@q3k Yeah. Can’t quote it right now, but it seems they use broken certificates that contain encrypted stuff in the rsa public key, which is then directly executed with system().
Gregory's Server
@waldi @q3k That's a SSH key type (https://cvsweb.openbsd.org/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD) but it's definitely doing *something* with keys. I wonder if the crazy foo=bar assignment is used to identify a key with hidden attributes.