mimipenguin - Juya Kalmomin Shiga Daga Masu Amfani na Linux na Yanzu
Mimipenguin kyauta ce mai buɗewa, tushe mai sauƙi amma mai ƙarfi Shell/Python rubutun da ake amfani da shi don zubar da shaidar shiga (sunayen mai amfani da kalmomin shiga) daga mai amfani da tebur na Linux na yanzu kuma an gwada shi akan rarraba Linux daban-daban.
Bugu da ƙari, yana goyan bayan aikace-aikace kamar: VSFTPd (ayyukan haɗin gwiwar abokin ciniki na FTP), Apache2 (aiki/tsohuwar zaman HTTP BASIC AUTH amma wannan yana buƙatar Gcore) da uwar garken buɗewa (haɗin SSH mai aiki tare da amfani da umarnin sudo). Mahimmanci, sannu a hankali ana tura shi zuwa yaruka da yawa don tallafawa duk abubuwan da ake iya tunanin bayan amfani.
Don fahimtar yadda mimipenguin ke aiki, kuna buƙatar ku tuna cewa duk idan ba yawancin rarrabawar Linux ba suna adana manyan mahimman bayanai kamar: takaddun shaida, maɓallan ɓoyewa, da bayanan sirri a cikin ƙwaƙwalwar ajiya.
Musamman sunaye masu amfani da kalmomin shiga ana gudanar da su ta hanyar tsari (tsara-shirye masu gudana) a cikin ƙwaƙwalwar ajiya kuma ana adana su azaman rubutu bayyananne na dogon lokaci. Mimipenguin a zahiri yana amfani da waɗannan fayyace bayanan bayanan rubutu a cikin ƙwaƙwalwar ajiya - yana zubar da tsari kuma yana fitar da layin da ke da yuwuwar ɗaukar cikakkun bayanan bayanan rubutu.
Sannan yana ƙoƙarin yin lissafin damar kowace kalma ta kasancewa ta hanyar tantance hashes a cikin: /etc/shadow, memory, and regex searches. Da zarar ya sami wani, yana buga su akan daidaitaccen fitarwa.
Shigar da Mimipenguin a cikin Linux Systems
Za mu yi amfani da git don rufe ma'ajiyar mimipenguin, don haka da farko shigar git akan tsarin idan ba ku da shi.
$ sudo apt install git #Debian/Ubuntu systems $ sudo yum install git #RHEL/CentOS systems $ sudo dnf install git #Fedora 22+
Sa'an nan kuma rufe kundin adireshin mimipenguin a cikin babban fayil na gida (ko'ina kuma) kamar haka:
$ git clone https://github.com/huntergregal/mimipenguin.git
Da zarar kun sauke kundin adireshi, matsa zuwa ciki kuma ku gudanar da mimipenguin kamar haka:
$ cd mimipenguin/ $ ./mimipenguin.sh
Lura: Idan kun haɗu da kuskuren da ke ƙasa, yi amfani da umarnin sudo kamar haka:
Root required - You are dumping memory... Even mimikatz requires administrator
Daga fitarwar da ke sama, mimipenguin yana ba ku yanayin tebur tare da sunan mai amfani da kalmar wucewa.
A madadin, gudanar da rubutun Python kamar haka:
$ sudo ./mimipenguin.py
Lura cewa wani lokaci gcore na iya rataya rubutun (wannan sanannen matsala ce tare da gcore).
A ƙasa akwai jerin fasalulluka waɗanda har yanzu ba za a ƙara su ba a mimipenguin:
- Ingantacciyar tasiri gabaɗaya
- Ƙara ƙarin tallafi da sauran wuraren shaida
- Haɗe da tallafi don wuraren da ba na tebur ba
- Ƙara tallafi don LDAP
wurin ajiyar mimipenguin Github: https://github.com/huntergregal/mimipenguin
Hakanan, duba:
- Yadda ake Kare Fayil ɗin Vim a Linux
- Yadda ake Ƙirƙirar/Rufewa/Decrypt Random Passwords a cikin Linux
- Yadda ake Kare GRUB tare da Kalmar wucewa a cikin RHEL/CentOS/Fedora Linux
- Sake saitin/Mayar da Kalmar wucewar Asusun Mai Amfani da Aka Manta a cikin CentOS 7
Raba duk wani ƙarin ra'ayoyin da suka shafi wannan kayan aiki ko al'amurran da suka shafi bayyananniyar takaddun shaida a cikin ƙwaƙwalwar ajiya a cikin Linux ta sashin sharhin da ke ƙasa.