Hello List, Most of you probably remember futzing around with people's .profile back in the day. Did you ever make obnoxious aliases to troll your friends when you rooted their boxes? Like RMing any file they cat? You've probably realized that you can use those experiences for more productive aims, like stealing passwords!
Our friends at D2 Security* have released a really nice Linux binary to help you do exactly that. The operation is pretty simple, you invoke this program with an argument of the program you want to intercept TTY input/output from and the D2 module conveniently places that data in a file for you to review later. This leads to mischief like: alias ssh='/dev/shm/d2sec_ttymitm /usr/bin/ssh' which is pretty fun! So fun in fact we made a movie about it which you can view here: http://partners.immunityinc.com/movies/D2Sec-TTYMITM.mov In case you're concerned that this is purely a marketing effort on our part, if you watch the video all the way to the end you will actually learn a skill your parents probably forgot to teach you. Here's a hint: it's not at all related to IT. Cheers, -AlexM *www.d2sec.com , d2 is a really popular name it seems. -- Alex McGeorge Immunity Inc. 1130 Washington Avenue 8th Floor Miami Beach, Florida 33139 P: 786.220.0600 _______________________________________________ Dailydave mailing list Dailydave@lists.immunityinc.com https://lists.immunityinc.com/mailman/listinfo/dailydave
