mirror of
https://github.com/hak5/bashbunny-payloads.git
synced 2025-10-29 16:58:25 +00:00
dfe52e6a5c
* Add "Fake sudo" 1) Copies the "sudo" command spoofing program to the user's home directory. 2) Defines a new persistent "sudo" alias with the file "~/.bash_aliases". 3) When the user "sudoer" executes the command "sudo" in a terminal, the spoofing program : - __By default__ retrieves the username and password and writes them to "/tmp/.sudo_password". - __But__ this behavior can be changed in line 21 of the "sudo-phishing.sh" file. 4) After sending, the spoofing program deletes the "sudo" alias. Then it deletes itself. * Update README.md * Update sudo-phishing.sh