
pamspy leverage eBPF technologies to achieve an equivalent work of 3snake. https://github.com/citronneur/pamspy It will track a particular userland function inside the PAM (Pluggable Authentication Modules) library, used by many critical applications to handle authentication like: sudo sshd passwd gnome x11 and many other ... How to launch? pamspy is built as a static binary without any dependencies, and available on the release page. Usage: pamspy [OPTION...] pamspy Uses eBPF to dump secrets use by PAM (Authentication) module By hooking the pam_get_authtok function in libpam.so USAGE: ./pamspy -p $(/usr/sbin/ldconfig -p | grep libpam.so | cut -d ' ' -f4) -d /var/log/trace.0 -d, --daemon=PATH TO OUTPUT CREDENTIALS Start pamspy in daemon mode and output in the file passed as argument -p, --path=PATH Path to the libpam.so file -r, --print-headers Print headers of the program -v, --verbose Verbose mode -?, --help Give this help list --usage Give a short usage message -V, --version....
Author

- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Latest Articles
Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
Blog2022.10.12Vulnerability management with Wazuh open source XDR
Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky