Linux Duplicate User Password Hash Attack

Videos Linux Forensics Malware Education

Date: December 02, 2024

Author: The Sandfly Security Team

Duplicate password hashes on Linux are a tactic for attackers to drop backdoor accounts in an automated way. In this video we explain what a duplicate password hash attack is, and how you can find it with command line tools as well as automatically with Sandfly's agentless EDR for Linux.

Find out if your systems have duplicate password hashes, plus thousands of other attack traces instantly. Sandfly's agentless EDR for Linux deploys rapidly without any endpoint agents and without drama. Get a free license today to try it out.

Let Sandfly keep your Linux systems secure.

Learn More

Linux Duplicate User Password Hash Attack

Share this:

Let Sandfly keep your Linux systems secure.