RIDL leaking root password hash
We leaks the /etc/shadow file by repeatedly trying to authenticate a user with the passwd utility. The animation is sped up for the latter part of the video, the total process takes about 24 hours at the moment. A similar attack can leak the /etc/shadow of a cloud co-tenant by repeatedly opening an SSH connection.
RIDL leaking root password hash
Reviewed by Anonymous
on
May 14, 2019
Rating: