Many applications and processes work with credentials needed for authentication and store them either in memory or in files so that they can be reused.
sudo python4 mimipenguin.py
sudo bash mimipenguin.sh
An even more powerful tool we can use is LaZagne. This tool allows us to access far more resources and extract the credentials. The passwords and hashes we can obtain come from the following sources but are not limited to:
| Wifi | Wpa_supplicant | Libsecret | Kwallet |
|---|---|---|---|
| Chromium-based | CLI | Mozilla | Thunderbird |
| Git | Env_variable | Grub | Fstab |
| AWS | Filezilla | Gftp | SSH |
| Apache | Shadow | Docker | KeePass |
| Mimipy | Sessions | Keyrings |
Keyrings are used for secure storage and management of passwords on Linux distributions. Passwords are stored encrypted and protected with a master password. It is an OS-based password manager. This way, we do not need to remember every single password and can save repeated password entries.
sudo python2.7 laZagne.py all
Browsers store the passwords saved by the user in an encrypted form locally on the system to be reused.
When we store credentials for a web page in the Firefox browser, they are encrypted and stored in logins.json on the system.
ls -l .mozilla/firefox/ | grep default
cat .mozilla/firefox/1bplpd86.default-release/logins.json | jq .
The tool Firefox Decrypt is excellent for decrypting these credentials, and is updated regularly. It requires Python 3.9 to run the latest version. Otherwise, Firefox Decrypt 0.7.0 with Python 2 must be used.
python3.9 firefox_decrypt.py
Alternatively, LaZagne can also return results if the user has used the supported browser: