From d31b0174b74cbd55e977cb9790a4ab5e5881652d Mon Sep 17 00:00:00 2001
From: WWVB <48934034+WWVB@users.noreply.github.com>
Date: Tue, 26 Mar 2019 08:56:37 -0400
Subject: [PATCH] Update readme.md

---
 .../library/remote_access/SSHhhhhh (Linux)/readme.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/payloads/library/remote_access/SSHhhhhh (Linux)/readme.md b/payloads/library/remote_access/SSHhhhhh (Linux)/readme.md
index 8ef28aba..f2e59109 100644
--- a/payloads/library/remote_access/SSHhhhhh (Linux)/readme.md	
+++ b/payloads/library/remote_access/SSHhhhhh (Linux)/readme.md	
@@ -9,12 +9,12 @@
 Base install of OS, plus OPENSSH-SERVER & NET-TOOLS (if NET-TOOLS is not installed, the route command will not return data [noting major])
 
 ## Loot =      Contents of ~/$USER/.ssh folder (pub/priv RSA keys, known_hosts, etc..)
-whoami
-ip addr
-route -n
-/etc/passwd
-/etc/shadow (on the off chance you get a root terminal)
-uname -a
+  whoami
+  ip addr
+  route -n
+  /etc/passwd
+  /etc/shadow (on the off chance you get a root terminal)
+  uname -a
 
 Two opportunites for persistence are injected:
 Attacker's RSA key is added to ~/$USER/.ssh/authorized_keys (aka I'll Call You)