PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

F'ing with SSH Goons

From: iamnowonmai at gmail.com (iamnowonmai)
Date: Fri, 12 Dec 2008 14:41:36 -0500
Rings a distant bell with me too, from another list, years ago.....
Seems like there was an sshd patch that would log the password used also. A
few extra lines in the source did it.

On Fri, Dec 12, 2008 at 2:29 PM, Jim Halfpenny <jim.halfpenny at gmail.com>wrote:


I've seen a modified linux pam module that could capture passwords in
this way. That was a long time ago, I'll see if I can dig it up.

On 12/10/08, Nils <nils at hemmann.de> wrote:

What about collecting all the passwords they try. You'd end up with a

pretty

cool password list.
I think I heard about a modified SSH server which is capable of doing

this.

Who knows more?






  _____

From: pauldotcom-bounces at mail.pauldotcom.com
[mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of iamnowonmai
Sent: Tuesday, December 09, 2008 11:39 PM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] F'ing with SSH Goons




I used to run /dev/chargen on port 22 ;)




--
Sent from Google Mail for mobile | mobile.google.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081212/9286e687/attachment.htm
Previous By Date Next
Previous By Thread Next

Current thread: