Inspiration
I was trying to secure my MacBook after I had to reinstall macOS. I noticed this very exploitable vulnerability and decided to write an exploit for it for fun and because it was very last minute.
What it does
Main threat is a fake 'sudo' executable somewhere on your path that steals your password and then... well... does whatever you'd want it to. In the video I made it do some random things but as some actual virus you'd probably want to keep it hidden.
How we built it
In a virtual machine.
Challenges we ran into
Almost giving up because it sucks.
Accomplishments that we're proud of
Probably works on around 90% of UNIX-like desktops/servers with bash and not owned by security professionals, and about 98% of all users once the initial code has been run. (Note: statistics are guesses, but see for yourself)
And also the name. *Bash*ful? Bashful as in not showing itself? Haha.
What we learned
You should not forget about almost every single Hackathon thing.
What's next for A Bashful Virus
Telling people to get good and fix it on their computers.
Built With
- bash
- vm
Log in or sign up for Devpost to join the conversation.