Driftsync

An rsync daemon quietly exposes its modules to the world, no credentials required. Dig through the synchronized data, recover what was meant to stay private, and ride the drift all the way to root.