Swap Digger – Tool That Automates Swap Extraction And Searches For Linux User Credentials, Web Forms Credentials, Web Forms Emails, Http Basic Authentication, Wifi SSID And Keys, Etc

0
17
Swap Digger - Tool That Automates Swap Extraction And Searches For Linux User Credentials, Web Forms Credentials, Web Forms Emails, Http Basic Authentication, Wifi SSID And Keys, Etc

swap_digger is a bash script used to automate Linux swap analysis for submit-exploitation or forensics goal. It automates swap extraction and searches for Linux person credentials, Web type credentials, Web type emails, HTTP fundamental authentication, WiFi SSID and keys, and many others.

Download and run the device

On your machine
Use the next instructions to obtain and run the script in your machine:

On a mounted arduous drive
To use swap_digger on a mounted arduous drive, do the next:
First, obtain the script utilizing the next instructions:

Then, discover the goal swap file/partition with:
Finally, analyze the goal by operating:

[email protected]:~$ sudo ./swap_digger.sh -vx -r path/to/mounted/goal/root/fs -s path/to/goal/swap/gadget

On a 3rd occasion machine
Use the next instructions to obtain and run the script on a 3rd occasion machine (helpful for pentests and CTFs):
Note: Use the -c choice to routinely take away the listing created by swap_digger (/tmp/swap_dig).

Simple run
If you solely must get better clear textual content Linux person passwords, merely run:

Available choices
All choices:

 ./swap_digger.sh [ OPTIONS ]
 Options : 
  -x, --extended    Run Extended checks on the goal swap to retrieve different attention-grabbing knowledge
        (internet passwords, emails, wifi creds, most accessed urls, and many others)
  -g, --guessing  Try to guess potential passwords based mostly on observations and stats
        Warning: This choice isn't dependable, it could dig extra passwords in addition to a whole bunch false positives.
  -h, --help    Display this assist.
  -v, --verbose Verbose mode.
  -l, --log Log all outputs in a log file (protected contained in the generated working listing).
  -c, --clean Automatically erase the generated working listing at finish of script (may also take away log file)
  -r PATH, --root-path=PATH   Location of the goal file-system root (default worth is /)
        Change this worth for forensic evaluation when goal is a mounted file system.
        This choice has to  be used alongside the -s choice to point path to swap gadget.
  -s PATH, --swap-path=PATH   Location of swap gadget or swap dump to analyse
        Use this selection for forensic/distant evaluation of a swap dump or a mounted exterior swap partition.
        This choice must be used with the -r choice the place at the least /<root-path>/and many others/shadow exists.
  -S, --swap-search   Search for all accessible swap gadgets (use for forensics).

Relevant sources
Blog posts about swap digging:

Contact
Feel free to message on my Twitter account @EmericNasi

MoreTip.com MoreTip.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.