technique
https://en.wikipedia.org/wiki/Character_encoding
Wikipedia. (2017, February 19). Character Encoding. Retrieved March 1, 2017.
technique
https://attack.mitre.org/techniques/T1132/001
technique
https://researchcenter.paloaltonetworks.com/2016/09/unit42-sofacys-komplex-os-x-trojan/
Dani Creus, Tyler Halfpop, Robert Falcone. (2016, September 26). Sofacy's 'Komplex' OS X Trojan. Retrieved July 8, 2017.
technique
https://attack.mitre.org/techniques/T1150
technique
https://opensource.apple.com/source/dovecot/dovecot-239/dovecot/doc/wiki/PasswordDatabase.PAM.txt
Apple. (2011, May 11). PAM - Pluggable Authentication Modules. Retrieved June 25, 2020.
technique
https://linux.die.net/man/8/pam_unix
die.net. (n.d.). pam_unix(8) - Linux man page. Retrieved June 25, 2020.
technique
https://github.com/zephrax/linux-pam-backdoor
zephrax. (2018, August 3). linux-pam-backdoor. Retrieved June 25, 2020.
technique
https://x-c3ll.github.io/posts/PAM-backdoor-DNS/
Fernández, J. M. (2018, June 27). Exfiltrating credentials via PAM backdoors & DNS requests. Retrieved June 26, 2020.
technique
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/managing_smart_cards/p
Red Hat. (n.d.). CHAPTER 2. USING PLUGGABLE AUTHENTICATION MODULES (PAM). Retrieved June 25, 2020.
technique
https://attack.mitre.org/techniques/T1556/003