Swap Digger:一款效力强健的自愿提取并寻找Linux用户凭证的器械

摘要

即日给大师先容的是一款名叫Swap Digger的用具,大师可能诈骗这款用具主动化探寻并提取Linux用户凭证、Web外单凭证、Web外单邮件、HTTP认证数据、WiFi SSID和密钥等等。

Swap_Digger是一个Bash剧本,它可能主动对主意Linux体系举行数据提取和判辨,它不光能给取证职员供给数据救援,况且还能给分泌测试职员供给后分泌阶段所需的新闻。

   下载并运转用具

正在本田主机上翻开夂箢行终端,输入下列夂箢下载并运转Swap_Digger剧本:

alice@1nvuln3r4bl3:~$git clonehttps://github

alice@1nvuln3r4bl3:~$cd swap_digger

alice@1nvuln3r4bl3:~$chmod +x swap_digger.sh

alice@1nvuln3r4bl3:~$sudo ./swap_digger.sh -v

正在加载的硬盘驱动器上,最先利用下列夂箢下载剧本:

alice@1nvuln3r4bl3:~$git clonehttps://github

alice@1nvuln3r4bl3:~$cd swap_digger

alice@1nvuln3r4bl3:~$chmod +x swap_digger.sh

接下来,寻找主意swap文献/分区:

   alice@1nvuln3r4bl3:~$sudo ./swap_digger.sh -S

终末,运转下列夂箢对主意举行判辨:

   alice@1nvuln3r4bl3:~$sudo ./swap_digger.sh -vx -r path/to/mounted/target/root/fs -spath/to/target/swap/device

正在第三方修筑上,利用下列夂箢下载并运转剧本(可用于分泌测试和CTF):

alice@1nvuln3r4bl3:~$wgethttps://raw

alice@1nvuln3r4bl3:~$chmod +x swap_digger.sh

alice@1nvuln3r4bl3:~$sudo ./swap_digger.sh -vx

   容易运转

倘使你只需求还原出Linux用户的明文暗号,可能直接运转下列夂箢:

   alice@1nvuln3r4bl3:~$sudo ./swap_digger.sh 可用选项

./swap_digger.sh[ OPTIONS ]

Options :

-x, –extended Run Extended tests on the target swap toretrieve other interesting data

(web passwords, emails, wifi creds,most accessed urls, etc)

-g, –guessing Try to guess potential passwords based onobservations and stats

Warning: This option is not reliable,it may dig more passwords as well as hundreds false positives.

-h, –helpDisplay this help.

-v, –verbose Verbose mode.

-l, –log Log all outputs in a log file(protected inside the generated working directory).

-c, –clean Automatically erase the generatedworking directory at end of script (will also remove log file)

-r PATH, –root-path=PATH Location of the target file-system root(default value is /)

Change this value for forensic analysiswhen target is a mounted file system.

This option has to be used along the -s option to indicate pathto swap device.

-s PATH, –swap-path=PATH Location of swap device or swap dump toanalyse

Use this option for forensic/remoteanalysis of a swap dump or a mounted external swap partition.

This option should be used with the -roption where at least /<root-path>/etc/shadow exists.

-S, –swap-search Search for all available swap devices (usefor forensics).

   闭联资源

未经允许不得转载:站长SEO » Swap Digger:一款效力强健的自愿提取并寻找Linux用户凭证的器械
喜欢(0) 打赏

评论抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

觉得有用就打赏一下ME

支付宝扫一扫打赏

微信扫一扫打赏

在线客服

在线客服

  • 扫描二维码,微信联系 扫描二维码,微信联系