Dump cleartext credentials from memory
A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz.
Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing cleartext passwords. Will attempt to calculate each word’s probability by checking hashes in /etc/shadow, hashes in memory, and regex searches.
- Kali 4.3.0 (rolling) x64 (Gnome Desktop)
- Ubuntu Desktop 12.04 LTS x64 (Gnome Desktop)
- Ubuntu Desktop 16.04 LTS x64 (Gnome Desktop)
- VSFTPd 3.0.3-8+b1 (Active FTP client connections)
- Apache2 2.4.25-3 (Active/Old HTTP BASIC AUTH Sessions)
- openssh-server 1:7.3p1-1 (Active SSH connections – sudo usage)