I completely missed the password in the user comment, but got code exec through RT itself, you can define a custom action and run perl code. Also I was very lazy and just ran the windows version of puttygen through wine.
I was trying to do that but didint use pearl code, could you share where you found that cve? Didint find anything more specific, just vague explanations
@@superfadelito it's not a CVE, it's a feature. They're called Scrips in RT. You can assign an action to a trigger for example when a ticket gets a comment, you can run a scrip.
what?! crazy, I remember writing a whole article last year on how to extract those password from memory to then exploit them. now i see this wrong and even a gitbuh python script for it. Lmao