Can Linux Aliases Steal Your Password? (Bash Bunny Demo)
On this episode of HakByte, @Alex Lynd demonstrates how a sneaky Linux alias can steal your sudo password - and how an attacker can install a phishing script on your computer in seconds, using a Hak5 BashBunny.
This video is sponsored by PCBWay:
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Fake Sudo Payload:
Buy a Nugget:
Buy a Bash Bunny:
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Alex’s Twitter:
Alex’s Website:
Alex’s GitHub:
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Chapters:
Intro 00:00
PCBWay Ad 00:17
What is Sudo? 00:33
Privilege Escalation Attacks 01:02
Attack Demo Overview 01:28
What You’ll Need 01:42
BashBunny Script Explainer 02:02
What are Aliases? 03:44
Phishing Script Overview 04:24
Arming the B
7 years ago 00:34:35 41
2 years ago 00:15:55 1
2 years ago 00:23:35 14
2 years ago 00:29:13 40
4 years ago 00:05:08 71
7 years ago 02:34:11 421
9 years ago 00:03:22 25
12 months ago 00:26:17 1
9 years ago 00:03:13 102
5 years ago 00:21:14 58
2 years ago 00:11:48 2
1 year ago 00:12:48 1
4 years ago 00:16:33 12
4 years ago 00:12:57 1
4 years ago 00:11:21 96
7 years ago 00:25:09 246
5 years ago 00:11:26 26
5 years ago 00:02:05 250
2 years ago 00:13:59 8
5 years ago 00:10:11 95
2 years ago 00:38:28 1
7 years ago 00:07:28 214
5 years ago 00:03:13 58
3 years ago 00:07:42 1
