Bug#414534: ITP: sucrack -- multithreaded su bruteforcer
> Nope since he that did not go to d-d. Maybe you can outline professional
> uses in the description like done in the previous answers?
As to previous answers, verbatim:
I'm packaging a bunch of security tools that I use in my job pen testing.
There are already a number of people both internally and at other security
companies using my packages, so I figured they'd be useful to the community.
I actually have a mentor for these packages already, so it seems there are
Debian developers that agree.
and:
It's built statically. Normally what happens, is that during an assessment,
if a local account is compromised, then sucrack is copied across and an
attack against root occurs. Additionally, because this tool doesn't rely on
having access to the hashes, but actually drives su (or other tools), it can
be used against for example "custom" encryption schemes that may be used by
3rd parties. I've also had it drive ssh-agent to audit key phrases too.
Why package it? Other than the practical uses outlined above, because having
binaries on a system outside of the package management system is a PITA to
keep track of / update and it makes building a new system very quick.
I can see this tool isn't for everyone, but then that probably goes for a
large number of tools packaged by Debian (depending on what you use your
systems for).
> IANAL but there may be countries where distributing such a tool, with it's
> main/only purpose to break access restrictions, may not be legal (there was
> some discussion about this in Germany but I did not follow it closely).
The upstream developer is German, I will discuss with him any due diligence he
may have performed and report back (he's AFK for next week or so).
Personally, I am English. Through my day job, I have clarification regarding
changes to UK law that might affect this tool and we have had assurances that
legitimate security researchers and the tools they develop will not be
targetted here in the UK.
Tim
--
Tim Brown
<mailto:timb@nth-dimension.org.uk>
<http://www.nth-dimension.org.uk/>
Reply to: