def aiosmb_upload(domainid):
db = current_app.db
file_to_upload = connexion.request.files['file_to_upload']
#print(file_to_upload.read())
ctr = 0
fail = 0
ctr_plain = 0
fail_plain = 0
for cred, plaintext in Credential.from_aiosmb_stream(
file_to_upload.stream, domainid):
try:
db.session.add(cred)
db.session.commit()
ctr += 1
except IntegrityError:
db.session.rollback()
fail += 1
if plaintext is not None and len(plaintext) > 0:
he = HashEntry(plaintext, nt_hash=cred.nt_hash)
try:
db.session.add(he)
db.session.commit()
ctr_plain += 1
except IntegrityError:
db.session.rollback()
fail_plain += 1
return {
'new': ctr,
'duplicates': fail,
'pwnew': ctr_plain,
'pwduplicates': fail_plain
}
def pwit(fs):
for line in fs:
line = line.decode()
line = line.strip()
nt_hash = NT(line).hex()
yield HashEntry(line, nt_hash=nt_hash)
def lsass_upload(domainid, computername = None):
db = current_app.db
file_to_upload = connexion.request.files['file_to_upload']
#print(file_to_upload.read())
ctr = 0
fail = 0
ctr_plain = 0
fail_plain = 0
for cred, plaintext, sid in Credential.from_lsass_stream(file_to_upload.stream, domainid):
try:
db.session.add(cred)
db.session.commit()
ctr += 1
except IntegrityError:
db.session.rollback()
fail += 1
if plaintext is not None and len(plaintext) > 0:
he = HashEntry(plaintext, nt_hash = cred.nt_hash)
try:
db.session.add(he)
db.session.commit()
ctr_plain += 1
except IntegrityError:
db.session.rollback()
fail_plain += 1
if computername is not None:
cname = computername
if computername[-1] != '$':
cname = computername + '$'
comp = db.session.query(Machine).filter_by(ad_id = domainid).filter(Machine.sAMAccountName == cname).first()
#print('COMP %s' % comp)
if comp is None:
continue
user = db.session.query(ADUser.sAMAccountName).filter_by(ad_id = domainid).filter(ADUser.objectSid == sid).first()
#print('USER %s' % user)
#print('SID %s' % sid )
if user is None:
continue
sess = NetSession()
sess.machine_id = comp.id
sess.source = comp.sAMAccountName
sess.username = user.sAMAccountName
try:
db.session.add(sess)
db.session.commit()
except IntegrityError:
db.session.rollback()
return {'new' : ctr, 'duplicates' : fail, 'pwnew' : ctr_plain, 'pwduplicates' : fail_plain }
def potfile_upload():
disable_usercheck = False
disable_passwordcheck = False
file_to_upload = connexion.request.files['file_to_upload']
db = current_app.db
creds = JackDawCredentials(None, db_session=db.session)
gen = HashEntry.from_potfile_stream(file_to_upload.stream)
creds.add_cracked_passwords_gen(gen, disable_usercheck,
disable_passwordcheck)
return {}
def pwit(passwords):
for pw in passwords:
nt_hash = NT(pw).hex()
print(pw)
print(nt_hash)
yield HashEntry(pw, nt_hash=nt_hash)