sudo_sniff
sudo_sniff copied to clipboard
dubs3c
Steal user's password when running sudo for post-exploitation purposes
This commit is built on top of the other PR, but I thought having a different PR for this commit is reasonable, because this deals with a different issue.
Try to execute for example: `sudo blaablaa` When you enter your correct sudo password, it isn't accepted, instead you just get: Sorry, try again. What you should get is: `sudo:...
Find sudo wherever it may be. I allocated memory, is that ok? In my commit, on line 197, the compiler complained about possibly truncating a string, so I used a...
`sudo` may be in different locations on different systems, perhaps implement a function to locate it. Perhaps the output of `which sudo` can be used. Right now `/usr/bin/sudo` is hardcoded.
Try to execute `sudo -s` it should opens bash with root pirivilage but it doesn't
