0
  • Home
  • Blog
  • Impost3r - tool that aim to steal many kinds of linux passwords

Impost3r - tool that aim to steal many kinds of linux passwords

(143 views)

Attackers can use Impost3r to make a trap to steal the legal user's passwords XD This tool is limited to security research and teaching, and the user bears all legal and related responsibilities caused by the use of this tool! The author does not assume any legal and related responsibilities! Features Automatically clean the track Use DNS to transfer the result Really hard for legal users can feel this attack Dependencies GCC Usage Impost3r can be used to steal passwords including sudo, su, and ssh services. These three services can be roughly divided into two categories, sudo, and ssh/su. I will discuss them below Steal sudo password Only need ordinary user's privilege, and can only steal the current user's password. First I will assume that attacker has controlled a server and the privilege is an ordinary user Then copy the original .bashrc file cp ~/.bashrc /tmp/, and put this copy....

Read the rest of this story with a free account.

Already have an account? Sign in

June 9, 2020
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Get unlimited access

Become an Instructor

Become a Reviewer

Writing on Hakin9

LOOKING for a JOB in IT security?



© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.