Exploiting MySQL arbitrary file read: a honeypot that kicks

&gt; Okay, so what to do with this when I don&#x27;t want to do any harm? I have contacted abuse@ for the given addresses, but unsurprisingly received no reply.<p>shutdown -h now

OK this is is fun but can anyone describe a scenario where this is actually dangerous...?

Retrieving the keys and other interesting bits under ~&#x2F;.ssh might have a higher success rate, and no hash cracking needed.

my first thought is, no surprise this is being described by someone with a visibly non-American domain, as this would be a fairly textbook breach of CFAA, right?