Hey Folks, in this tutorial we are going to talk about an interesting tool called “Chalumeau“. This may be necessary for those who are not familiar with the command line as it provides us (GUI) interface to dump credentials from the victim machine. From the owner we found out it is based on powershell and python. It provides us with a command which is executed on powershell or cmd and as soon as we execute the command, it dumps all the credentials such as : chrome, firefox, saved password, administrator etc from the victim machine. Lets talk about the main features of this tool.
- Extract Password List
- Dashboard Reporting & Web Interface
- Parsing Mimikatz
- Write your own Payloads
- In-Memory execution
- Dumping Tickets
Lets take a look 🙂 !!
Installation
The installation is quite simple and for the installation first we need to download this tool from the github and after complete the downloading we will go to the directory and give executable permission of the “install.sh” and execute the file.
|
1 2 3 4 |
git clone https://github.com/cyberstruggle/chalumeau.git cd chalumeau/ chmod +x install.sh sudo ./install.sh |
As you can see that it gives us the username and password of the login page as soon as we complete the installation.
By executing this file we can host this tool on our localhost machine as given below. If the installation is successful, it will give us the host file location, which we need to open on the browser and enter the credentials initially provided by this tool.
|
1 |
bash start.sh |
After doing all this the interface of this tool will appear on the browser as shown below image.
Start Dumping
Now we are ready to dump the credentials from the victim machine just we need to click on “start dumping” button.
After clicking on the button it gives us two options, first is powsershell and second is cmd, both will do the same thing but we have to choose one of the two so we will copy the cmd command.
After copying the command we will execute it at the cmd prompt and return to the kali machine.
Wooo 🙂 Here you can see that we successfully obtained 22 credentials from the target machine by executing only one command.
We can see the window logon credentials with the help of which we can control the target system.
To get all the credentials we will go to the machine section and click on View option.
Combine everything like Google, Firefox, Edge, it gives us 22 credentials in total which are really amazing.
There is no need if you want to share or save those credentials as it gives us the download option from where we can download all the credentials in TXT file format.
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.
