Pamspy: Linux Credentials Dumper Using eBPF.

You are currently viewing Pamspy: Linux Credentials Dumper Using eBPF.

 

It will keep tabs on a certain userland function included in the PAM (Pluggable Authentication Modules) library, which is used by many important programmes to manage authentication, including:

  1. sudo
  2. sshd
  3. passwd
  4. gnome;
  5. x11; and several others

Disclaimer: The intended use for the tool is strictly educational and should not be used for any other purpose.

 

Download Link: https://github.com/citronneur/pamspy

Leave a Reply