|
Xavier's diary entry "(Ab)Using Security Tools & Controls for the Bad" on PAM, reminded me of a script to backdoor pam_unix.so: linux-pam-backdoor. This script will download the PAM source code, patch it to add an hardcoded skeleton key password, and compile it. There's also a script to detect backdoored pam_unix.so files like this: linux-pam-backdoor-detect.sh This scripts looks if there is an extra string between the following strings:
Didier Stevens |
DidierStevens 597 Posts ISC Handler Nov 21st 2021 |
| Reply Subscribe |
Nov 21st 2021 2 weeks ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
