Monday, June 5, 2017

Dump cleartext credentials from memory: MimiPenguin

12:38 PM Leave a Reply
Dump cleartext credentials from memory: MimiPenguin

Dump cleartext credentials from memory

     A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz.





Dump cleartext credentials from memory: MimiPenguin



     Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing cleartext passwords. Will attempt to calculate each word’s probability by checking hashes in /etc/shadow, hashes in memory, and regex searches.



Requires

root permissions


Supported/Tested

Kali 4.3.0 (rolling) x64 (Gnome Desktop)
Ubuntu Desktop 12.04 LTS x64 (Gnome Desktop)
Ubuntu Desktop 16.04 LTS x64 (Gnome Desktop)
VSFTPd 3.0.3-8+b1 (Active FTP client connections)
Apache2 2.4.25-3 (Active/Old HTTP BASIC AUTH Sessions)
openssh-server 1:7.3p1-1 (Active SSH connections – sudo usage)

Download