[addtool] MimiPenguin

[euriconicacio]

[homepage] https://github.com/huntergregal/mimipenguin [/homepage]
[tags] all,linux,exploitation,passwords [/tags]
[short_descr] A tool to dump the login password from the current linux desktop user. [/short_descr]
[long_descr] A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. This was assigned CVE-2018-20781. Fun fact it's still not fixed after GNOME Keyring 3.27.2 and still works as of 3.28.0.2-1ubuntu1.18.04.1. [/long_descr]
[image] https://camo.githubusercontent.com/a229ad769267d88dac5ed5c252b8fea099b092e4d99fe6b4a1c2768448b9d6e0/687474703a2f2f692e696d6775722e636f6d2f426b44583964462e706e67 [/image]

[gwen001]

Issue correctly handled, tool is waiting for human validation.

[gwen001]

Tool has been refused by the team, feel free to get in touch if you have any question.

Thank you!

[euriconicacio]

Hi, @gwen001 . Could you please give further information on why this tool was refused? Thanks!

[gwen001]

Hi,

For now I'm trying to focus on security/hacking tools and resources, more specifically bug bounty (even if pentesters and read teamers things can also be interesting). And I don't want to add tools dedicated to a specific CVE, it would be too noisy and too massive to manage.

Note that these are not straight rules, just how I feel it for now, the project is still young, I'm open to negotiation :) Your entry is in the database so it will be credited to you if I change my mind.

Thank you for your contributions.