def encode_secret(attribute=settings.FREERADIUS_DEFAULT_SECRET_FORMAT,
new_value=None):
if attribute == 'Cleartext-Password':
password_renewed = new_value
elif attribute == 'NT-Password':
password_renewed = nthash.hash(new_value)
elif attribute == 'LM-Password':
password_renewed = lmhash.hash(new_value)
elif attribute == 'MD5-Password':
password_renewed = md5(new_value.encode('utf-8')).hexdigest()
elif attribute == 'SMD5-Password':
salt = urandom(4)
hash = md5(new_value.encode('utf-8'))
hash.update(salt)
hash_encoded = encodestring(hash.digest() + salt)
password_renewed = hash_encoded.decode('utf-8')[:-1]
elif attribute == 'SHA-Password':
password_renewed = sha1(new_value.encode('utf-8')).hexdigest()
elif attribute == 'SSHA-Password':
salt = urandom(4)
hash = sha1(new_value.encode('utf-8'))
hash.update(salt)
hash_encoded = encodestring(hash.digest() + salt)
password_renewed = hash_encoded.decode('utf-8')[:-1]
elif attribute == 'Crypt-Password':
password_renewed = sha512_crypt.hash(new_value)
return password_renewed
def _encode_secret(attribute, new_value=None):
if attribute == 'NT-Password':
attribute_value = nthash.hash(new_value)
elif attribute == 'LM-Password':
attribute_value = lmhash.hash(new_value)
elif attribute == 'MD5-Password':
attribute_value = md5(new_value.encode('utf-8')).hexdigest()
elif attribute == 'SMD5-Password':
salt = urandom(4)
hash = md5(new_value.encode('utf-8'))
hash.update(salt)
hash_encoded = encodestring(hash.digest() + salt)
attribute_value = hash_encoded.decode('utf-8')[:-1]
elif attribute == 'SHA-Password':
attribute_value = sha1(new_value.encode('utf-8')).hexdigest()
elif attribute == 'SSHA-Password':
salt = urandom(4)
hash = sha1(new_value.encode('utf-8'))
hash.update(salt)
hash_encoded = encodestring(hash.digest() + salt)
attribute_value = hash_encoded.decode('utf-8')[:-1]
elif attribute == 'Crypt-Password':
attribute_value = sha512_crypt.hash(new_value)
else:
attribute_value = new_value
return attribute_value
def _encode_secret(attribute, new_value=None):
if attribute == 'Cleartext-Password':
password_renewed = new_value
elif attribute == 'NT-Password':
password_renewed = nthash.hash(new_value)
elif attribute == 'LM-Password':
password_renewed = lmhash.hash(new_value)
return password_renewed
def bf(h, dictionary):
f = open(dictionary, 'r')
lines = f.readlines()
print('\033[1;34m[*]\033[0m Starting Brute Force - hash = ' + h)
for i in lines:
h2 = nthash.hash(i[:-1])
if h == h2:
print('\033[1;32m[+]\033[0m Hash Cracked! - Password = ' + i)
def searchPassword(firstKey, targetHash):
hash = nthash.hash(firstKey)
newHash = hash
if hash == targetHash:
print("Password found: {}".format(firstKey))
return True
for i in range(0, 21, 3):
chunck1 = int(newHash[i:i+3], 16)
chunck2 = int(newHash[i+1:i+4], 16)
chunck3 = int(newHash[i+2:i+5], 16)
newWord = "{}{}{}".format(toChar(chunck1), toChar(chunck2), toChar(chunck3))
newHash = nthash.hash(newWord)
if (targetHash == newHash):
print("Password found: {}".format(newWord))
return True
return False
def new_password_entry():
while (1):
print("\n---Password configuration---")
user_name = input("User_name : ")
password1 = input("Password : "******"Confirm Password : "******"\nPassword must have 3 letters in lowercase")
else:
print("\n Les deux mots ne sont pas les mêmes")
def reduce(newHash, reduceNumber):
if reduceNumber == 7:
return newHash
for i in range(reduceNumber*3, 21, 3):
chunck1 = int(newHash[i:i+3], 16)
chunck2 = int(newHash[i+1:i+4], 16)
chunck3 = int(newHash[i+2:i+5], 16)
newWord = "{}{}{}".format(toChar(chunck1), toChar(chunck2), toChar(chunck3))
newHash = nthash.hash(newWord)
return newHash
def ossec_win_deploy(sensor_ip, agent_name, windows_ip, windows_username, windows_domain, windows_password):
"""
@param sensor_ip: The sensor IP from where to deploy the ossec agent
@agent_name:
@windows_ip:
@windows_username:
@windows_domain:
@windows_password:
@return: A tuple (success, data).
"""
response = None
try:
# Create temporary files outside playbook
auth_file_samba = NamedTemporaryFile(delete=False)
agent_config_file = NamedTemporaryFile(delete=False)
agent_key_file = NamedTemporaryFile(delete=False)
# Auth string for `wmiexec` tool: e.g. domain/username or username
domain_str = "%s/" % windows_domain if windows_domain else ""
windows_auth_sting = "%s%s" % (domain_str, windows_username)
evars = {"target": "%s" % sensor_ip,
"auth_file_samba": "%s" % auth_file_samba.name,
"agent_config_file": "%s" % agent_config_file.name,
"agent_key_file": "%s" % agent_key_file.name,
"agent_name": "%s" % agent_name,
"windows_ip": "%s" % windows_ip,
"windows_domain": "%s" % windows_domain,
"windows_username": "******" % windows_username,
"windows_password": "******" % windows_password,
"auth_str": "%s" % windows_auth_sting,
"hashes": "%s:%s" % (lmhash.hash(windows_password), nthash.hash(windows_password))}
response = _ansible.run_playbook(playbook=PLAYBOOKS['OSSEC_WIN_DEPLOY'],
host_list=[sensor_ip],
extra_vars=evars)
# Remove temporary files
os.remove(auth_file_samba.name)
os.remove(agent_config_file.name)
os.remove(agent_key_file.name)
except Exception, exc:
trace = traceback.format_exc()
api_log.error("Ansible Error: An error occurred while running an windows OSSEC agent deployment:"
"%s \n trace: %s" % (exc, trace))
def save_model(self, request, obj, form, change):
password_renewed = form.data['new_value']
password_format = form.data['attribute']
if password_format in app_settings.DISABLED_SECRET_FORMAT:
messages.add_message(
request, messages.ERROR,
'{} is not currently enabled. The password'
' was not changed'.format(password_format))
return
if password_renewed:
if password_format == 'Cleartext-Password':
obj.value = password_renewed
elif password_format == 'NT-Password':
obj.value = nthash.hash(password_renewed)
elif password_format == 'LM-Password':
obj.value = lmhash.hash(password_renewed)
obj.save()
def setUp(self):
self.win_username = '******'
self.win_password = '******'
self.system_ip = '10.11.12.15'
self.sensor_ip = '10.11.12.14'
self.win_ip = '10.11.12.13'
self.win_domain = ''
self.agent_name = 'Host-{}'.format(self.win_ip)
self.agent_id = '001'
self.extra_vars = {
"target": "{}".format(self.sensor_ip),
"agent_name": "{}".format(self.agent_name),
"windows_ip": "{}".format(self.win_ip),
"windows_domain": "{}".format(self.win_domain),
"windows_username": "******".format(self.win_username),
"windows_password": "******".format(self.win_password),
"auth_str": "{}".format(self.win_username),
"hashes": "%s:%s" % (lmhash.hash(self.win_password), nthash.hash(self.win_password))
}
def enc():
awal()
putih = "\033[97m"
dfv = raw_input(W + "[" + B + "+" + W + "] Your Text " + B + ": " + G)
asw = raw_input(W + "[" + B + "+" + W + "] Your Password " + B + ": " + G)
print W + "\n* Generate Hash . . . . Please Wait !!!"
time.sleep(1)
print(W + ' ------------------------------------------------')
#md5
daf1 = hashlib.md5(dfv.encode("utf -8")).hexdigest()
print W + "[" + B + "+" + W + "] Md5 " + B + ":" + W, daf1
time.sleep(0.1)
#sha256
daf2 = hashlib.sha256(dfv.encode()).hexdigest()
print W + "[" + B + "+" + W + "] Sha256 " + B + ":" + W, daf2
time.sleep(0.1)
#sha224
daf4 = hashlib.sha224(dfv.encode()).hexdigest()
print W + "[" + B + "+" + W + "] Sha224 " + B + ":" + W, daf4
time.sleep(0.1)
#sha512
daf5 = hashlib.sha512(dfv.encode()).hexdigest()
print W + "[" + B + "+" + W + "] Sha512 " + B + ":" + W, daf5
time.sleep(0.1)
#sha384
daf6 = hashlib.sha384(dfv.encode()).hexdigest()
print W + "[" + B + "+" + W + "] Sha384 " + B + ":" + W, daf6
time.sleep(0.1)
#sha1
daf11 = hashlib.sha1(dfv.encode()).hexdigest()
print W + "[" + B + "+" + W + "] Sha1 " + B + ":" + W, daf11
time.sleep(0.1)
#pbkdf2_sha1
daf12 = pbkdf2_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Pbkdf2_sha1 " + B + ":" + W, daf12
time.sleep(0.1)
#pbkdf2_sha256
daf13 = pbkdf2_sha256.hash(dfv)
print W + "[" + B + "+" + W + "] Pbkdf2_sha256 " + B + ":" + W, daf13
time.sleep(0.1)
#pbkdf2_sha512
daf14 = pbkdf2_sha512.hash(dfv)
print W + "[" + B + "+" + W + "] Pbkdf2_sha512 " + B + ":" + W, daf14
time.sleep(0.1)
#sha256_crypt
daf15 = sha256_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Sha256_crypt " + B + ":" + W, daf15
time.sleep(0.1)
#sha512_crypt
daf16 = sha512_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Sha512_crypt " + B + ":" + W, daf16
time.sleep(0.1)
#md5_crypt
daf17 = md5_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Md5_crypt " + B + ":" + W, daf17
time.sleep(0.1)
#sha1_crypt
daf18 = sha1_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Sha_crypt " + B + ":" + W, daf18
time.sleep(0.1)
#sha1_crypt
daf18 = sha1_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Sha_crypt " + B + ":" + W, daf18
time.sleep(0.1)
#sun_md5_crypt
daf19 = sun_md5_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Sun_md5_crypt " + B + ":" + W, daf19
time.sleep(0)
#des_crypt
daf20 = des_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Des_crypt " + B + ":" + W, daf20
time.sleep(0.1)
#bsdi_crypt
daf21 = bsdi_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Bsdi_crypt " + B + ":" + W, daf21
time.sleep(0.1)
#bigcrypt
daf22 = bigcrypt.hash(dfv)
print W + "[" + B + "+" + W + "] Bigcrypt " + B + ":" + W, daf22
time.sleep(0.1)
#crypt16
daf23 = crypt16.hash(dfv)
print W + "[" + B + "+" + W + "] Crypt16 " + B + ":" + W, daf23
time.sleep(0.1)
#phpass
daf24 = phpass.hash(dfv)
print W + "[" + B + "+" + W + "] Phpass " + B + ":" + W, daf24
time.sleep(0.1)
#scram
daf25 = scram.hash(dfv)
print W + "[" + B + "+" + W + "] Scram " + B + ":" + W, daf25
time.sleep(0.1)
#apr_md5_crypt
daf27 = apr_md5_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Apr_Md5_Crypt " + B + ":" + W, daf27
time.sleep(0.1)
#cta_pbkdf2
daf28 = cta_pbkdf2_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Cta_pbkdf2_sha1 " + B + ":" + W, daf28
time.sleep(0.1)
#dlitz_pbdf2_sha1
daf29 = dlitz_pbkdf2_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Dlitz_pbkdf_sha1 " + B + ":" + W, daf29
time.sleep(0.1)
#ldap_md5_crypt
daf30 = ldap_md5_crypt.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_Md5_Crypt " + B + ":" + W, daf30
time.sleep(0.1)
#ldap_hex_md5
daf31 = ldap_hex_md5.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_Hex_Md5 " + B + ":" + W, daf31
time.sleep(0.1)
#ldao_hex_sha1
daf32 = ldap_hex_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_Hex_Sha1 " + B + ":" + W, daf32
time.sleep(0.1)
#ldap_pbkdf2_sha1
daf33 = ldap_pbkdf2_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_pbkdf2_sha1 " + B + ":" + W, daf33
time.sleep(0.1)
#ldap_pbkdf2_sha256
daf34 = ldap_pbkdf2_sha256.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_pbkdf2_sha256 " + B + ":" + W, daf34
time.sleep(0.1)
#ldap_pbkdf2_sha512
daf35 = ldap_pbkdf2_sha512.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_pbdf2_sha512 " + B + ":" + W, daf35
time.sleep(0.1)
#atlassian_pbkdf2_sha1
daf36 = atlassian_pbkdf2_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Atlassian_pbkdf2_sha1 " + B + ":" + W, daf36
time.sleep(0.1)
#fshp
daf37 = fshp.hash(dfv)
print W + "[" + B + "+" + W + "] Fshp " + B + ":" + W, daf37
time.sleep(0.1)
#mysql323
daf38 = mysql323.hash(dfv)
print W + "[" + B + "+" + W + "] Mysql323 " + B + ":" + W, daf38
time.sleep(0.1)
#mysql41
daf39 = mysql41.hash(dfv)
print W + "[" + B + "+" + W + "] Mysql41 " + B + ":" + W, daf39
time.sleep(0.1)
#postgres_md5
daf40 = postgres_md5.hash(dfv, user=asw)
print W + "[" + B + "+" + W + "] Postgres_md5 " + B + ":" + W, daf40
time.sleep(0.1)
#oracle10
daf41 = oracle10.hash(dfv, user=asw)
print W + "[" + B + "+" + W + "] Oracle10 " + B + ":" + W, daf41
time.sleep(0.1)
#oracle11
daf42 = oracle11.hash(dfv)
print W + "[" + B + "+" + W + "] Oracle11 " + B + ":" + W, daf42
time.sleep(0.1)
#lmhash
daf43 = lmhash.hash(dfv)
print W + "[" + B + "+" + W + "] Lmhash " + B + ":" + W, daf43
time.sleep(0.1)
#nthash
daf44 = nthash.hash(dfv)
print W + "[" + B + "+" + W + "] Nthash " + B + ":" + W, daf44
time.sleep(0.1)
#msdcc
daf45 = msdcc.hash(dfv, user=asw)
print W + "[" + B + "+" + W + "] Msdcc " + B + ":" + W, daf45
time.sleep(0.1)
#msdcc2
daf46 = msdcc2.hash(dfv, user=asw)
print W + "[" + B + "+" + W + "] Msdcc2 " + B + ":" + W, daf46
time.sleep(0.1)
#cisco_type7
daf47 = cisco_type7.hash(dfv)
print W + "[" + B + "+" + W + "] Cisco_type7 " + B + ":" + W, daf47
time.sleep(0.1)
#grub_pbkdf2_sha512
daf48 = grub_pbkdf2_sha512.hash(dfv)
print W + "[" + B + "+" + W + "] Grub_pbkdf2_sha512 " + B + ":" + W, daf48
time.sleep(0.1)
#hex_sha1
daf49 = hex_sha1.hash(dfv)
print W + "[" + B + "+" + W + "] Hex_Sha1 " + B + ":" + W, daf49
time.sleep(0.1)
#pwd
daf50 = pwd.genword()
print W + "[" + B + "+" + W + "] Pwd " + B + ":" + W, daf50
time.sleep(0.1)
#mssql2005
daf51 = cuk.hash(dfv)
print W + "[" + B + "+" + W + "] Mssql2005 " + B + ":" + W, daf51
time.sleep(0.1)
#Mssql2000
daf52 = cak.hash(dfv)
print W + "[" + B + "+" + W + "] Mssql2000 " + B + ":" + W, daf52
time.sleep(0.1)
#ldap_salted_md5
daf52 = cik.hash(dfv)
print W + "[" + B + "+" + W + "] Ldap_salted_md5 " + B + ":" + W, daf52
time.sleep(0.1)
from passlib.hash import nthash
import random
val = "abcdefghijklmnopqrstuvwxyz"
with open("sol.txt", "w") as sol:
with open("password.txt", "w") as file:
for i in range(5000):
password = ""
for j in range(3):
password += random.choice(val)
sol.write(password + "\n")
file.write(nthash.hash(password) + "\n")
def nt(HASH, password):
test_hash = nthash.hash(password.decode())
if test_hash == HASH:
print(HASH + ':' + password.decode())
exit()
def ossec_win_deploy(sensor_ip, agent_name, windows_ip, windows_username,
windows_domain, windows_password):
"""
@param sensor_ip: The sensor IP from where to deploy the ossec agent
@agent_name:
@windows_ip:
@windows_username:
@windows_domain:
@windows_password:
@return: A tuple (success, data).
"""
response = None
try:
# Create temporary files outside playbook
auth_file_samba = NamedTemporaryFile(delete=False)
agent_config_file = NamedTemporaryFile(delete=False)
agent_key_file = NamedTemporaryFile(delete=False)
# Auth string for `wmiexec` tool: e.g. domain/username or username
domain_str = "%s/" % windows_domain if windows_domain else ""
windows_auth_sting = "%s%s" % (domain_str, windows_username)
evars = {
"target":
"%s" % sensor_ip,
"auth_file_samba":
"%s" % auth_file_samba.name,
"agent_config_file":
"%s" % agent_config_file.name,
"agent_key_file":
"%s" % agent_key_file.name,
"agent_name":
"%s" % agent_name,
"windows_ip":
"%s" % windows_ip,
"windows_domain":
"%s" % windows_domain,
"windows_username":
"******" % windows_username,
"windows_password":
"******" % windows_password,
"auth_str":
"%s" % windows_auth_sting,
"hashes":
"%s:%s" %
(lmhash.hash(windows_password), nthash.hash(windows_password))
}
response = _ansible.run_playbook(
playbook=PLAYBOOKS['OSSEC_WIN_DEPLOY'],
host_list=[sensor_ip],
extra_vars=evars)
# Remove temporary files
os.remove(auth_file_samba.name)
os.remove(agent_config_file.name)
os.remove(agent_key_file.name)
except Exception, exc:
trace = traceback.format_exc()
api_log.error(
"Ansible Error: An error occurred while running an windows OSSEC agent deployment:"
"%s \n trace: %s" % (exc, trace))
uid: %(uid)s
cn: %(cn)s
uidNumber: %(uid_num)s
gidNumber: %(uid_num)s
homeDirectory: %(home_dir)s
sambaSID: %(sid)s
sambaNTPassword: %(ntpwd)s
sambaLMPassword: %(lmpwd)s
userPassword: %(pwd)s
"""
n = int(sys.argv.pop(1))
print(container_template)
for x in range(n):
secret = 'secret%d' % x
nt_secret = nthash.hash(secret)
lm_secret = lmhash.hash(secret)
print(user_template % dict(
uid='uid%d' % x,
cn='cn%d' % x,
uid_num=str(x),
gid_num=str(x),
home_dir='/home/uid%d' % x,
sid='12345-%d' % x,
pwd=secret,
ntpwd=nt_secret,
lmpwd=lm_secret,
))
def Crypter(args):
if args.encrypt == 'pbkdf2_sha256':
return pbkdf2_sha256.hash(args.text)
elif args.encrypt == 'oracle11':
return oracle11.hash(args.text)
elif args.encrypt == 'argon2':
return argon2.hash(args.text)
elif args.encrypt == 'bcrypt':
return bcrypt.hash(args.text)
elif args.encrypt == 'bcrypt_sha256':
return bcrypt_sha256.hash(args.text)
elif args.encrypt == 'cisco_asa':
return cisco_asa.hash(args.text)
elif args.encrypt == 'cisco_pix':
return cisco_pix.hash(args.text)
elif args.encrypt == 'cisco_type7':
return cisco_type7.hash(args.text)
elif args.encrypt == 'bigcrypt':
return bigcrypt.hash(args.text)
elif args.encrypt == 'bsdi_crypt':
return bsdi_crypt.hash(args.text)
elif args.encrypt == 'des_crypt':
return des_crypt.hash(args.text)
elif args.encrypt == 'hex_md4':
return hex_md4.hash(args.text)
elif args.encrypt == 'hex_md5':
return hex_md5.hash(args.text)
elif args.encrypt == 'hex_sha1':
return hex_sha1.hash(args.text)
elif args.encrypt == 'hex_sha256':
return hex_sha256.hash(args.text)
elif args.encrypt == 'hex_sha512':
return hex_sha512.hash(args.text)
elif args.encrypt == 'django_bcrypt':
return django_bcrypt.hash(args.text)
elif args.encrypt == 'django_disabled':
return django_disabled.hash(args.text)
elif args.encrypt == 'django_bcrypt_sha256':
return django_bcrypt_sha256.hash(args.text)
elif args.encrypt == 'django_des_crypt':
return django_des_crypt.hash(args.text)
elif args.encrypt == 'django_pbkdf2_sha1':
return django_pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'django_pbkdf2_sha256':
return django_pbkdf2_sha256.hash(args.text)
elif args.encrypt == 'django_salted_md5':
return django_salted_md5.hash(args.text)
elif args.encrypt == 'django_salted_sha1':
return django_salted_sha1.hash(args.text)
elif args.encrypt == 'fshp':
return fshp.hash(args.text)
elif args.encrypt == 'ldap_bcrypt':
return ldap_bcrypt.hash(args.text)
elif args.encrypt == 'ldap_md5':
return ldap_md5.hash(args.text)
elif args.encrypt == 'ldap_plaintext':
return ldap_plaintext.hash(args.text)
elif args.encrypt == 'ldap_sha1':
return ldap_sha1.hash(args.text)
elif args.encrypt == 'ldap_bsdi_crypt':
return ldap_bsdi_crypt.hash(args.text)
elif args.encrypt == 'ldap_hex_md5':
return ldap_hex_md5.hash(args.text)
elif args.encrypt == 'ldap_hex_sha1':
return ldap_hex_sha1.hash(args.text)
elif args.encrypt == 'ldap_md5_crypt':
return ldap_md5_crypt.hash(args.text)
elif args.encrypt == 'ldap_pbkdf2_sha1':
return ldap_pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'ldap_pbkdf2_sha256':
return ldap_pbkdf2_sha256.hash(args.text)
elif args.encrypt == 'ldap_pbkdf2_sha512':
return ldap_pbkdf2_sha512.hash(args.text)
elif args.encrypt == 'ldap_salted_md5':
return ldap_salted_md5.hash(args.text)
elif args.encrypt == 'ldap_salted_sha1':
return ldap_salted_sha1.hash(args.text)
elif args.encrypt == 'ldap_sha1_crypt':
return ldap_sha1_crypt.hash(args.text)
elif args.encrypt == 'ldap_sha256_crypt':
return ldap_sha256_crypt.hash(args.text)
elif args.encrypt == 'ldap_sha512_crypt':
return ldap_sha512_crypt.hash(args.text)
elif args.encrypt == 'apr_md5_crypt':
return apr_md5_crypt.hash(args.text)
elif args.encrypt == 'md5_crypt':
return md5_crypt.hash(args.text)
elif args.encrypt == 'plaintext':
return plaintext.hash(args.text)
elif args.encrypt == 'unix_disabled':
return unix_disabled.hash(args.text)
elif args.encrypt == 'unix_fallback':
return unix_fallback.hash(args.text)
elif args.encrypt == 'mssql2000':
return mssql2000.hash(args.text)
elif args.encrypt == 'mssql2005':
return mssql2005.hash(args.text)
elif args.encrypt == 'mysql323':
return mysql323.hash(args.text)
elif args.encrypt == 'mysql41':
return mysql41.hash(args.text)
elif args.encrypt == 'atlassian_pbkdf2_sha1':
return atlassian_pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'cta_pbkdf2_sha1':
return cta_pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'dlitz_pbkdf2_sha1':
return dlitz_pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'grub_pbkdf2_sha512':
return grub_pbkdf2_sha512.hash(args.text)
elif args.encrypt == 'pbkdf2_sha1':
return pbkdf2_sha1.hash(args.text)
elif args.encrypt == 'pbkdf2_sha512':
return pbkdf2_sha512.hash(args.text)
elif args.encrypt == 'phpass':
return phpass.hash(args.text)
elif args.encrypt == 'roundup_plaintext':
return roundup_plaintext.hash(args.text)
elif args.encrypt == 'sun_md5_crypt':
return sun_md5_crypt.hash(args.text)
elif args.encrypt == 'scram':
return scram.hash(args.text)
elif args.encrypt == 'scrypt':
return scrypt.hash(args.text)
elif args.encrypt == 'sha1_crypt':
return sha1_crypt.hash(args.text)
elif args.encrypt == 'sha256_crypt':
return sha256_crypt.hash(args.text)
elif args.encrypt == 'sha512_crypt':
return sha512_crypt.hash(args.text)
elif args.encrypt == 'bsd_nthash':
return bsd_nthash.hash(args.text)
elif args.encrypt == 'lmhash':
return lmhash.hash(args.text)
elif args.encrypt == 'nthash':
return nthash.hash(args.text)
from passlib.hash import lmhash
from passlib.hash import nthash
myPass = "******"
mySecPass = "******"
lmhash1 = lmhash.hash(myPass)
nthash1 = nthash.hash(myPass)
lmhash2 = lmhash.hash(mySecPass)
nthash2 = nthash.hash(mySecPass)
print("LM Hash of {}: {}".format(myPass, lmhash1))
print("NT Hash of {}: {}\n".format(myPass, nthash1))
print("LM Hash of {}: {}".format(mySecPass, lmhash2))
print("NT Hash of {}: {}".format(mySecPass, nthash2))
for line in file:
hashList.append(line[0:-1])
hashSet.add(line[0:-1])
for h in range(len(hashList)):
text = "New hash chain : {}".format(hashList[h])
newHash = hashList[h]
for i in range(0, 21, 3):
# print(newHash)
# print(newHash[i:i+3])
# print(newHash[i+1:i+4])
# print(newHash[i+2:i+5])
chunck1 = int(newHash[i:i + 3], 16)
chunck2 = int(newHash[i + 1:i + 4], 16)
chunck3 = int(newHash[i + 2:i + 5], 16)
newWord = "{}{}{}".format(toChar(chunck1), toChar(chunck2),
toChar(chunck3))
newHash = nthash.hash(newWord)
hashSet.add(newHash)
text += " - {} - {}".format(newWord, newHash)
RT.write("{}:{}\n".format(solList[h], newHash))
text += "\n"
print(text)
print("Covering " + str(len(hashSet)) + " passwords over 17576!")
def encode_secret(enc, new_value=None):
"""
https://docs.python.org/3.5/library/hashlib.html
http://passlib.readthedocs.io/en/stable/lib/passlib.hash.ldap_std.html
"""
password_renewed = None
if enc == 'Plaintext':
password_renewed = ldap_plaintext.hash(new_value)
elif enc == 'NT':
password_renewed = nthash.hash(new_value)
elif enc == 'LM':
password_renewed = lmhash.hash(new_value)
elif enc == 'MD5':
password_renewed = ldap_md5.hash(new_value.encode(_CHARSET))
elif enc == 'SMD5':
password_renewed = ldap_salted_md5.hash(new_value.encode(_CHARSET))
elif enc == 'SHA':
password_renewed = ldap_sha1.hash(new_value.encode(_CHARSET))
elif enc == 'SSHA':
salt = urandom(8)
hash = sha1(new_value.encode(_CHARSET))
hash.update(salt)
hash_encoded = encodestring(hash.digest() + salt)
password_renewed = hash_encoded.decode(_CHARSET)[:-1]
password_renewed = '{%s}%s' % (enc, password_renewed)
elif enc == 'SHA256':
password_renewed = sha256(new_value.encode(_CHARSET)).digest()
password_renewed = '{%s}%s' % (
enc, encodestring(password_renewed).decode(_CHARSET)[:-1])
elif enc == 'SSHA256':
salt = urandom(_LDAP_SALT_LENGHT)
hash = sha256(new_value.encode(_CHARSET))
hash.update(salt)
hash_encoded = encodestring(hash.digest() + salt)
password_renewed = hash_encoded.decode(_CHARSET)[:-1]
password_renewed = '{%s}%s' % (enc, password_renewed)
elif enc == 'SHA384':
password_renewed = sha384(new_value.encode(_CHARSET)).digest()
password_renewed = '{%s}%s' % (
enc, encodestring(password_renewed).decode(_CHARSET)[:-1])
elif enc == 'SSHA384':
salt = urandom(_LDAP_SALT_LENGHT)
hash = sha384(new_value.encode(_CHARSET))
hash.update(salt)
hash_encoded = encodestring(hash.digest() + salt)
password_renewed = hash_encoded.decode(_CHARSET)[:-1]
password_renewed = '{%s}%s' % (enc, password_renewed)
elif enc == 'SHA512':
password_renewed = sha512(new_value.encode(_CHARSET)).digest()
password_renewed = '{%s}%s' % (
enc, encodestring(password_renewed).decode(_CHARSET)[:-1])
elif enc == 'SSHA512':
salt = urandom(_LDAP_SALT_LENGHT)
hash = sha512(new_value.encode(_CHARSET))
hash.update(salt)
hash_encoded = encodestring(hash.digest() + salt)
password_renewed = hash_encoded.decode(_CHARSET)[:-1]
password_renewed = '{%s}%s' % (enc, password_renewed)
elif enc == 'PKCS5S2':
return atlassian_pbkdf2_sha1.encrypt(new_value)
elif enc == 'CRYPT':
password_renewed = crypt.crypt(new_value,
crypt.mksalt(crypt.METHOD_CRYPT))
password_renewed = '{%s}%s' % (enc, password_renewed)
elif enc == 'CRYPT-MD5':
# this worked too
# return ldap_md5_crypt.encrypt(new_value)
password_renewed = crypt.crypt(new_value,
crypt.mksalt(crypt.METHOD_MD5))
password_renewed = '{CRYPT}%s' % (password_renewed)
elif enc == 'CRYPT-SHA-256':
password_renewed = crypt.crypt(new_value,
crypt.mksalt(crypt.METHOD_SHA256))
password_renewed = '{CRYPT}%s' % (password_renewed)
elif enc == 'CRYPT-SHA-512':
password_renewed = crypt.crypt(new_value,
crypt.mksalt(crypt.METHOD_SHA512))
password_renewed = '{CRYPT}%s' % (password_renewed)
return password_renewed
def sambaNTPassword(passwd):
return nthash.hash(passwd)
#!/usr/bin/env python2
#!/usr/bin/env python3
from passlib.hash import nthash
input = open('/tmp/password', 'r')
a = input.read().replace("\n", "").replace("\r", "")
print(a)
h = nthash.hash(a)
print(h)
output = open('/tmp/password', 'w')
output.write(h)
output.close()
def ntHash(a):
'''pip3 install passlib
case sensitive'''
from passlib.hash import nthash
return nthash.hash(a).upper()
# COMP3550-1 Lab1
# MacchiaroliM 5-17-2020
# Question A1
#############
#Create a Python script to determine the LM
#hash and NTLM hash of the following
#words:"Napier","Foxtrot"
#############
from passlib.hash import lmhash, nthash
words = ["Napier", "Foxtrot"]
for x in words:
print("Hashes for \"" + x + "\":")
print("LM Hash: " +
lmhash.hash(x)) # .encrypt deprecated, using hash instead
print("NT Hash: " +
nthash.hash(x)) # .encrypt deprecated, using hash instead
import sys
from passlib.hash import nthash
_help = """
dependencies:
pip install passlib
just type:
python nt_hash.py password
"""
if len(sys.argv) < 2:
sys.exit(_help)
nt_hash = nthash.hash(sys.argv[1])
print(nt_hash)
def ntlm(guess):
nt = nthash.hash(guess)
lm = lmhash.hash(guess)
final_ntlm = lm + nt
return final_ntlm
def nthash(password=b''):
"""Generates nt md4 password hash for a given password."""
return passlib_nthash.hash(password[:128]).encode('ascii').upper()
