背景

差不多三年前，我读了一篇关于 sshd 进程注入和密码窃取的文章，然后在作者的基础上实现了一个自动化的SSH 密码收 …

View comments.

TL;DR

The source code of this idea is available on GitHub

And the weaponized version is available in emp3r0r

1. Use echo 'print __libc_dlopen_mode("/path/to/library.so", 2)' | gdb -p <PID> for process injection
2. Write a shared library to inject into sshd process
3. In the library, fork a child …

View comments.