w or who commands, when launched as victim from jenkins functionnal tests, do not show current login shell, unless utmp/wtmp hooks are disabled on the rootkit.
we must investigate in order to find a way to fix it
for more informations, ask to @jagu-sayan
w
orwho
commands, when launched as victim from jenkins functionnal tests, do not show current login shell, unless utmp/wtmp hooks are disabled on the rootkit.we must investigate in order to find a way to fix it for more informations, ask to @jagu-sayan