search

hak5 / bashbunny-payloads

The Official Bash Bunny Payload Repository
https://bashbunny.com
2.64k stars 1.46k forks source link

Use SUDO_PROMPT in sudo-phishing.sh #527

Closed jhollowe closed 2 years ago

jhollowe commented 2 years ago

for payloads/library/phishing/fake-sudo/sudo-phishing.sh, using the SUDO_PROMPT environment variable would allow this to be more convincing in environments with customized sudo prompts.

TW-D commented 2 years ago

Hello @jhollowe, it's a good idea, I guess this replacement :

if [ -z "${SUDO_PROMPT}" ]
then
    readonly INPUT_MESSAGE="[sudo] password for ${USER}: "
else
    readonly INPUT_MESSAGE="${SUDO_PROMPT}"
fi

would allow this optimization ?