SSHD Injection and Password Harvesting
TL;DR
- Use
echo 'print __libc_dlopen_mode("/path/to/library.so", 2)' | gdb -p <PID>
for process injection - Write a shared library to inject into sshd process
- In the library, fork a child process to monitor sshd children then attach (
PTRACE_ATTATCH
) to them - For each ssh session, search its memory for …