|
mimipenguin A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. - Special thanks to pugilist for cleaning up PID extraction and testing.
DetailsTakes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing cleartext passwords. Will attempt to calculate each word's probability by checking hashes in /etc/shadow, hashes in memory, and regex searches. RequiresSupported/Tested- Kali 4.3.0 (rolling) x64 (gdm3)
- Ubuntu Desktop 12.04 LTS x64 (Gnome Keyring 3.18.3-0ubuntu2)
- Ubuntu Desktop 16.04 LTS x64 (Gnome Keyring 3.18.3-0ubuntu2)
- XUbuntu Desktop 16.04 x64 (Gnome Keyring 3.18.3-0ubuntu2)
- VSFTPd 3.0.3-8+b1 (Active FTP client connections)
- Apache2 2.4.25-3 (Active/Old HTTP BASIC AUTH Sessions)
- openssh-server 1:7.3p1-1 (Active SSH connections - sudo usage)
Notes- Password moves in memory - still honing in on 100% effectiveness
- Plan on expanding support and other credential locations
- Working on expanding to non-desktop environments
- Known bug - sometimes gcore hangs the script, this is a problem with gcore
- Open to pull requests and community research
- LDAP research (nscld winbind etc) planned for future
ContactLicence
https://github.com/huntergregal/mimipenguin
| 
|小黑屋|手机版|中国白客联盟-BUC
( 赣ICP备15007148号-6 ) 
窥视卡
雷达卡
发表于 2017-4-4 21:47:16
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡