When you say "consent-based" do you mean you were able to prove it but you got consent from owners before you tried to exploit their devices? Or is it a specific type of attack I am not understanding?