Okay, but how? Is someone reading commands in a "how the exploit works" write-up and... running them?