Stealing sudo sessions with ptrace

Hi people. Today we are going to deepen an old technique that I have been studying. It is an attack to get sudo in case someone else is connected to the same machine with the same user and has sudo unlocked. This technique was already documented by nongiach in the sudo_inject repository. However, that implementation requires several files and dependences for the attack, so, in order to simplify it and learning about the technique, I have developed sudohunt. [Read More]

Tricks to improve console programs usability

Hi folks. In this post I goint to present you some tricks that, in my experience, allow to greatly improve the usability of the console programs. I write them down here to avoid to forget them and in the hope that they can be useful to other people. The key is to make the programs simple, which normally is not as easy as it sounds, but I hope these tricks will help you to achieve that. [Read More]