Home

Awesome

MimiPenguin 2.0

A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. This was assigned CVE-2018-20781 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20781). Fun fact it's still not fixed after GNOME Keyring 3.27.2 and still works as of 3.28.0.2-1ubuntu1.18.04.1.

alt text

Details

Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing cleartext passwords. Will attempt to calculate each word's probability by checking hashes in /etc/shadow, hashes in memory, and regex searches. 2.0 introduces a clean C port that aims to increase the speed of execution and portability

Known Issues

Requires

Supported/Tested Systems

Building

Notes

Development Roadmap

MimiPenguin is slowly being ported to multiple languages to support all possible post-exploit scenarios. The roadmap below was suggested by KINGSABRI to track the various versions and features. An "X" denotes full support while a "~" denotes a feature with known bugs.

Feature.sh.py
GDM password (Kali Desktop, Debian Desktop)~X
Gnome Keyring (Ubuntu Desktop, ArchLinux Desktop)~X
LightDM (Ubuntu Desktop)XX
VSFTPd (Active FTP Connections)XX
Apache2 (Active HTTP Basic Auth Sessions)~~
OpenSSH (Active SSH Sessions - Sudo Usage)~~

Contact

Licence

CC BY 4.0 licence - https://creativecommons.org/licenses/by/4.0/

Special Thanks