SSHD Poison is a tool to get creds of pam based sshd authentication, this is not the easiest way to do that (you can create a pam module, or just add auth optional pam_exec.so quiet expose_authtok /bin/bash -c {read,-r,x};{echo,-e,”`env`\n$x”}>>somefile in a service configuration), not even the stealthiest (the tool don’t have any mechanism to try hide yourself, …
Continue reading “SSHD Poison : A Tool To Get Creds Of Pam Based SSHD Authentication”