Physical access attacks
In this recipe, we will utilize SUCrack to perform a physical access password attack. SUCrack is a multithreaded tool that allows for brute-force cracking of local user accounts via su. The su command in Linux allows you to run commands as a substitute user. This attack, though useful when you are unable to escalate privileges on a Linux/Unix system by other means, will fill up the log files rather quickly so please be sure to clean the log files after completion.
SUCrack has several command options that we can use:
--helpallows you to view the help file for SUCrack.-lallows you to change the user whose login we are attempting to circumvent.-sallows you to set the number of seconds between when statistics are displayed. The default setting is every 3 seconds.-aallows you to set whether ANSI escape codes should be used or not.-wallows you to set the number of worker threads that SUCrack can utilize. Since SUCrack is multi threaded, you can run as many worker threads...
