Keyrings dump with keydump: Extracting SSSD cleartext credentials

  Posted on September 8, 2024  |  24 minutes  |  Eloy Pérez González  • Other languages: gl

Hi there!! Time ago I was tinkered with Linux keyrings to extract Kerberos tickets from keys with tickey, and recently I was involved in a new interesting project in which I needed to learn again about this topic, so I will try to describe the important points here in case my future self or anyone else want to learn them. First we need to know is that Linux keyrings is a key management facility. [Read More]
Linux  Keyrings  sssd 

How to join Debian to Active Directory

  Posted on August 29, 2024  |  21 minutes  |  Eloy Pérez González  • Other languages: gl

Hi people, in this article I'm going to show how to join a GNU/Linux machine, specifically a Debian one, to an Active Directory environment.I know, I know, Active Directory (AD) is a commercial tool from the evil Microsoft, but we need to admit that is the most used tool in the market. However, not because we are in a Microsoft environment we need to use Windows, even if that's what they would like. [Read More]
linux  gnu  ad  debian 

Who is messing with my DNS server? Discovering and managing network daemons

  Posted on August 18, 2024  |  12 minutes  |  Eloy Pérez González  • Other languages: gl

Hi there, today I would like to talk about an recurrent issue that I've been facing for many years. I wanted to configure my machine to use an specific DNS server, so I including it in /etc/resolv.conf. However, after a while my new DNS server was removed and /etc/resolv.conf restored to a previous version. In this article I'm going to explore what is happening and how discover who is modifying /etc/resolv. [Read More]
dns  bpf  dhclient  networkmanager  systemd  linux  gnu 

Stealing sudo sessions with ptrace

  Posted on March 24, 2024  |  7 minutes  |  Eloy Pérez González  • Other languages: gl

Hi people. Today we are going to deepen an old technique that I have been studying. It is an attack to get sudo in case someone else is connected to the same machine with the same user and has sudo unlocked. This technique was already documented by nongiach in the sudo_inject repository. However, that implementation requires several files and dependences for the attack, so, in order to simplify it and learning about the technique, I have developed sudohunt. [Read More]
pentest  linux  sudo  ptrace 

Tricks to improve console programs usability

  Posted on December 24, 2020  |  16 minutes  |  Eloy Pérez González  • Other languages: gl

Hi folks. In this post I goint to present you some tricks that, in my experience, allow to greatly improve the usability of the console programs. I write them down here to avoid to forget them and in the hope that they can be useful to other people. The key is to make the programs simple, which normally is not as easy as it sounds, but I hope these tricks will help you to achieve that. [Read More]
linux  unix  programming