Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Backdooring PAM

Published: 2021-11-21
Last Updated: 2021-11-21 17:51:57 UTC
by Didier Stevens (Version: 1)
0 comment(s)

Xavier's diary entry "(Ab)Using Security Tools & Controls for the Bad" on PAM, reminded me of a script to backdoor linux-pam-backdoor.

This script will download the PAM source code, patch it to add an hardcoded skeleton key password, and compile it.

There's also a script to detect backdoored files like this:

This scripts looks if there is an extra string between the following strings:

Didier Stevens
Senior handler
Microsoft MVP

Keywords: backdoor linux pam
0 comment(s)
Diary Archives