SSHD Injection and Password Harvesting

openssh

TL;DR

The source code of this idea is available on GitHub

And the weaponized version is available in emp3r0r

  1. Use echo 'print __libc_dlopen_mode("/path/to/library.so", 2)' | gdb -p <PID> for process injection
  2. Write a shared library to inject into sshd process
  3. In the library, fork a child …

View comments.

more ...