If you missed our blog post yesterday - TrustedSec's Geoff Walton wrote an amazing enterprise-grade application and released it yesterday. The Shared Host Integrated Password System (SHIPS) is an open-source solution by TrustedSec to provide unique and rotated local super user or administrator passwords for environments where it is not possible or not appropriate to disable these local accounts. Our goal is to make post exploitation more difficult and provide a simplistic way to manage multiple systems in an environment where Windows does not necessarily support an alternative. SHIPS supports both (as of today) Linux and Windows password management. Version 1.1 released today now supports Linux clients to be integrated into SHIPS. This means that you can centrally manage all of your Windows local passwords and your Linux passwords from a central location and in an easy fashion. In order to use the script, most environments will want to use some type of deployment management solution to propagate the client script to Linux systems however; a simple shell script is included within the SHIPS repository. Open the SetAdminPass.sh file to include the URL for the server, where you want the history file, and the user the script will need to run as. The user should be a member of root or wheel member (in order to change the password). Run it as a cron job, and that’s it! In addition, we've updated the SHIPS documentation to reflect the Linux additions and configuration information as well as a few other tweaks. For more information on SHIPS and how to get it, head over to the TrustedSec SHIPS website: https://www.trustedsec.com/ships