RIDL leaking root password hash

JXPebaGY8RA/default.jpg

We leaks the /etc/shadow file by repeatedly trying to authenticate a user with the passwd utility. The animation is sped up for the latter part of the video, the total process takes about 24 hours at the moment. A similar attack can leak the /etc/shadow of a cloud co-tenant by repeatedly opening an SSH connection.

JXPebaGY8RA/default.jpg
RIDL leaking root password hash RIDL leaking root password hash Reviewed by Unknown on May 14, 2019 Rating: 5