Search the Community
Showing results for tags 'sudo'.
On parrot when I open programs normally (not running as sudo) it shows (as superuser) in the top. Firefox shows this and works fine. Tor browser has this too and just shows a black screen when I open it. Does anyone know what is going on here?
Taking the idea (again, mad props to sudoBackdoor) a bit further with some python scripting, I scared myself (and unintentionally pwned myself a few times as well) with this thing. How it works: The user's .bash_profile or .bashrc gets tweaked to point to ~/.config/sudo A python script called sudo is installed there. [Patience is required here, as you need to wait for the user to sudo some command now] This will take their password, validate it by running its own sudo command (literally just echoing something) and seeing if it works Once it confirms a good password, it stores the password for later retrieval and executes the intended sudo command in a subshell that the user shouldn't even notice a difference in After executing their command, it will use the password to sudo open up a reverse https meterpreter session on the machine. It will do this every time sudo is run. I unintentionally self pwned a few times, because the meterpreter session is being run as root, and one must sudo kill to get rid of it. Sudo killing it will get rid of the existing session as expected, but then will open up a shiny new session as its last step (unless the python script is gone). Because antivirus tends to recognize the base64-encoded meterpreter payload as malicious, I also wrote a script called "shellSmuggler.py" to go with it. If you use the msfvenom command I supply here, you should be able to pipe the output to the shellSmuggler and scramble the payload enough that antivirus doesn't alert on/block it anymore. You will need to know your listening machine's IP and listening port (obviously).
i went into "user setings" and changed "asded at login" to " not asded on login". now i cant sign in. it does not give me the option to enter a password just says login, but playes the incorect pw sound when i try i can get into the guest account but that does me no good case su and sudo dont work i can ctrl alt f1 and login to the user there i tried sudo visudo and changed the line to read NOPASSWD:ALL but that did not work anyone know how i can chage back the user settings to ask for password at login from terminal?
Hey! I am running kali linux the latest build. I am running it from a USB drive in persistence mode. I have a macbook pro and it won't boot from the USB so I have to boot from the live CD till the GRUB and then choose live usb persistence to login to the system. I wanted to change my root passwd so while I was logged into my root account, I issued the command passwd root That asked me for a new passwd twice and I entered it both the times correctly. Later when I rebooted the system, it wont accept the new passwd (not the old one also) and wont let me login saying authentication failure. I have a second account on the box called "phantom" which does not have sudo privileges and both sudo passwd root sudo adduser phantom sudo does not work! Directly trying to edit the sudoers file from this second account does not let me do so cause I dont have sudo rights. Pressing 'e' in GRUB when I select the USB option does not work. What is the way around this? I can't afford to reinstall and lose the system. Any help is appreciated...