sudoSnatch

sudoSnatch
Download Copy
Title: sudoSnatch
Author: drapl0n

sudoSnatch payload grabs sudo password in plain text, immediately after target uses sudo command and sends it back to attacker remotely/locally.

Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Global Powershell Logging and Transcription
Global Powershell Logging and Transcription
This payload executes a script that logs all PowerShell input and output to a text file in the documents folder.
Read More
USB Poison
USB Poison
This payload executes a script that waits for new USB flash storage devices to be connected. When a new device connects,
Read More
Execute commands as NT AUTHORITY\SYSTEM with TrustedInstaller privileges
Execute commands as NT AUTHORITY\SYSTEM with TrustedInstaller privileges
This payload launches a new cmd.exe process with elevated privileges under TrustedInstaller, by setting the TrustedInsta
Read More