MimiPenguin – Tool to Dump Linux Login Password

Comments Off on MimiPenguin – Tool to Dump Linux Login Password

Mimipenguin is a tool that may allow a user to dump login password from the current Linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz.

This version of Mimipenguin sacrifices features and coverage (as opposed to the beta-1.0 py and sh scripts) in favor of speed and efficiency. Beta 2.0 uses hardcoded offsets for known structures in memory along with PTRACE to reliably extract cleartext user passwords from linux desktop environments.

The tool will not only allow to get Operating system login and password but any credentials for remote session over SSH , Apache active or non active session and HTTP Basic AUTH. This mean that if during the penetration testing or red team engagement it was possible to have access to any host using phishing attack or MITM. It will be possible to get other login and password for many more accounts.

In order to have the tool working properly user should have a root permission and a supported operating system.

Also read: Hacker’s Favorite Tool: Mimikatz 2.1.1 Released

Current supported OS:

  • Ubuntu Desktop 12.04 LTS x64
  • Ubuntu Desktop 16.04 LTS x64
  • Fedora Workstation 25 (x86 _64)
  • Fedora Workstation 27 (x86 _64)
  • Kali- rolling x64

You can read more and download this tool over here: https://github.com/huntergregal/

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Live Chat
RESOURCES
Get Started
TOOLBOX
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress