A tool to dump the login password from the current linux user
A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. This was assigned CVE-2018-20781 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20781). Fun fact it's still not fixed after GNOME Keyring 3.27.2 and still works as of 3.28.0.2-1ubuntu1.18.04.1
.
Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing cleartext passwords. Will attempt to calculate each word's probability by checking hashes in /etc/shadow, hashes in memory, and regex searches. 2.0 introduces a clean C port that aims to increase the speed of execution and portability
make
in the root directory of the projectmake debug
make static
MimiPenguin is slowly being ported to multiple languages to support all possible post-exploit scenarios. The roadmap below was suggested by KINGSABRI to track the various versions and features. An "X" denotes full support while a "~" denotes a feature with known bugs.
Feature | .sh | .py |
---|---|---|
GDM password (Kali Desktop, Debian Desktop) | ~ | X |
Gnome Keyring (Ubuntu Desktop, ArchLinux Desktop) | ~ | X |
LightDM (Ubuntu Desktop) | X | X |
VSFTPd (Active FTP Connections) | X | X |
Apache2 (Active HTTP Basic Auth Sessions) | ~ | ~ |
OpenSSH (Active SSH Sessions - Sudo Usage) | ~ | ~ |
CC BY 4.0 licence - https://creativecommons.org/licenses/by/4.0/