As we were unaware of the exact exploit chain used by the Quad7 operators to achieve remote code execution, we also employed Scapy to dynamically modify authentication attempts. This enabled us to accept any credentials provided by attackers attempting to access the management interface, thereby allowing us to observe the final RCE exploitation, if any.