def get(self): provider = Provider() wordlists = provider.wordlists() files = wordlists.get_wordlists() api_files = [] for name, file in files.items(): api_files.append(self.compile_file_object(file)) return self.send_valid_response(api_files)
def setup_hybrid(session_id): provider = Provider() sessions = provider.sessions() wordlists = provider.wordlists() if not sessions.can_access(current_user, session_id): flash('Access Denied', 'error') return redirect(url_for('home.index')) user_id = 0 if current_user.admin else current_user.id session = sessions.get(user_id=user_id, session_id=session_id)[0] return render_template('sessions/setup/hybrid.html', session=session, wordlists=wordlists.get_wordlists())
def __setup_wordlist(session_id, request): provider = Provider() sessions = provider.sessions() wordlists = provider.wordlists() wordlist_type = int(request.form['wordlist_type'].strip()) if wordlist_type == 0: # Global wordlist. wordlist = request.form['wordlist'].strip() if not wordlists.is_valid_wordlist(wordlist): flash('Invalid wordlist selected', 'error') return redirect(url_for('sessions.setup_wordlist', session_id=session_id)) wordlist_location = wordlists.get_wordlist_path(wordlist) sessions.set_hashcat_setting(session_id, 'wordlist', wordlist_location) elif wordlist_type == 1: # Custom wordlist. save_as = sessions.session_filesystem.get_custom_file_path(current_user.id, session_id, prefix='custom_wordlist') file = request.files['custom_wordlist'] if file.filename == '': # If file already exists, use that one instead. if not sessions.session_filesystem.custom_file_exists(save_as): flash('Uploaded wordlist file could not be found', 'error') return redirect(url_for('sessions.setup_wordlist', session_id=session_id)) else: # Otherwise upload new file. file.save(save_as) sessions.set_hashcat_setting(session_id, 'wordlist', save_as) elif wordlist_type == 2: # Create wordlist from cracked passwords. save_as = sessions.session_filesystem.get_custom_file_path(current_user.id, session_id, prefix='pwd_wordlist') sessions.export_cracked_passwords(session_id, save_as) sessions.set_hashcat_setting(session_id, 'wordlist', save_as) else: flash('Invalid wordlist option', 'error') return redirect(url_for('sessions.setup_wordlist', session_id=session_id)) sessions.set_hashcat_setting(session_id, 'wordlist_type', wordlist_type) return True
def set_global(self, user_id, session_id): required_fields = ['name'] data = self.get_json(required_fields) if data is False: return self.send_error_response(5000, 'Missing fields', 'Required fields are: ' + ', '.join(required_fields)) provider = Provider() sessions = provider.sessions() wordlists = provider.wordlists() session = sessions.get(user_id=user_id, session_id=session_id) if not session: return self.send_access_denied_response() elif not wordlists.is_valid_wordlist(data['name']): return self.send_error_response(5009, 'Invalid wordlist', '') wordlist_location = wordlists.get_wordlist_path(data['name']) sessions.set_hashcat_setting(session_id, 'wordlist', wordlist_location) return self.send_success_response()
def setup_wordlist(session_id): provider = Provider() sessions = provider.sessions() wordlists = provider.wordlists() rules = provider.rules() if not sessions.can_access(current_user, session_id): flash('Access Denied', 'error') return redirect(url_for('home.index')) user_id = 0 if current_user.admin else current_user.id session = sessions.get(user_id=user_id, session_id=session_id)[0] has_custom_wordlist = sessions.session_filesystem.custom_file_exists(sessions.session_filesystem.get_custom_file_path(current_user.id, session_id, prefix='custom_wordlist')) has_custom_rule = sessions.session_filesystem.custom_file_exists(sessions.session_filesystem.get_custom_file_path(current_user.id, session_id, prefix='custom_rule', extension='.rule')) return render_template( 'sessions/setup/wordlist.html', session=session, wordlists=wordlists.get_wordlists(), rules=rules.get_rules(), has_custom_wordlist=has_custom_wordlist, has_custom_rule=has_custom_rule )
def setup_wordlist(session_id): provider = Provider() sessions = provider.sessions() wordlists = provider.wordlists() rules = provider.rules() if not sessions.can_access(current_user, session_id): flash('Access Denied', 'error') return redirect(url_for('home.index')) user_id = 0 if current_user.admin else current_user.id session = sessions.get(user_id=user_id, session_id=session_id)[0] password_wordlists = wordlists.get_wordlists() hashcat_rules = rules.get_rules() return render_template('sessions/setup/wordlist.html', session=session, wordlists_json=json.dumps(password_wordlists, indent=4, sort_keys=True, default=str), rules=hashcat_rules)
def setup_wordlist_save(session_id): provider = Provider() sessions = provider.sessions() wordlists = provider.wordlists() rules = provider.rules() if not sessions.can_access(current_user, session_id): flash('Access Denied', 'error') return redirect(url_for('home.index')) wordlist_type = int(request.form['wordlist_type'].strip()) if wordlist_type == 0: # Global wordlist. wordlist = request.form['wordlist'].strip() if not wordlists.is_valid_wordlist(wordlist): flash('Invalid wordlist selected', 'error') return redirect( url_for('sessions.setup_wordlist', session_id=session_id)) wordlist_location = wordlists.get_wordlist_path(wordlist) sessions.set_hashcat_setting(session_id, 'wordlist', wordlist_location) elif wordlist_type == 1: # Custom wordlist. save_as = sessions.session_filesystem.get_custom_wordlist_path( current_user.id, session_id, prefix='custom_wordlist_', random=True) if len(request.files) != 1: flash('Uploaded file could not be found', 'error') return redirect( url_for('sessions.setup_wordlist', session_id=session_id)) file = request.files['custom_wordlist'] if file.filename == '': flash('No hashes uploaded', 'error') return redirect( url_for('sessions.setup_wordlist', session_id=session_id)) file.save(save_as) sessions.set_hashcat_setting(session_id, 'wordlist', save_as) elif wordlist_type == 2: # Create wordlist from cracked passwords. save_as = sessions.session_filesystem.get_custom_wordlist_path( current_user.id, session_id, prefix='pwd_wordlist') sessions.export_cracked_passwords(session_id, save_as) sessions.set_hashcat_setting(session_id, 'wordlist', save_as) else: flash('Invalid wordlist option', 'error') return redirect( url_for('sessions.setup_wordlist', session_id=session_id)) sessions.set_hashcat_setting(session_id, 'wordlist_type', wordlist_type) rule = request.form['rule'].strip() if len(rule) > 0 and not rules.is_valid_rule(rule): flash('Invalid rule selected', 'error') return redirect( url_for('sessions.setup_wordlist', session_id=session_id)) rule_location = rules.get_rule_path(rule) sessions.set_hashcat_setting(session_id, 'rule', rule_location) return redirect(url_for('sessions.settings', session_id=session_id))
def setup_hybrid_save(session_id): provider = Provider() sessions = provider.sessions() wordlists = provider.wordlists() has_errors = False if not sessions.can_access(current_user, session_id): flash('Access Denied', 'error') return redirect(url_for('home.index')) #WORDLIST wordlist_type = int(request.form['wordlist_type'].strip()) if wordlist_type == 0: # Global wordlist. wordlist = request.form['wordlist'].strip() if not wordlists.is_valid_wordlist(wordlist): flash('Invalid wordlist selected', 'error') has_errors = True wordlist_location = wordlists.get_wordlist_path(wordlist) sessions.set_hashcat_setting(session_id, 'wordlist', wordlist_location) elif wordlist_type == 1: # Custom wordlist. save_as = sessions.session_filesystem.get_custom_wordlist_path( current_user.id, session_id, prefix='custom_wordlist_', random=True) if len(request.files) != 1: flash('Uploaded file could not be found', 'error') has_errors = True file = request.files['custom_wordlist'] if file.filename == '': flash('No hashes uploaded', 'error') has_errors = True file.save(save_as) sessions.set_hashcat_setting(session_id, 'wordlist', save_as) elif wordlist_type == 2: # Create wordlist from cracked passwords. save_as = sessions.session_filesystem.get_custom_wordlist_path( current_user.id, session_id, prefix='pwd_wordlist') sessions.export_cracked_passwords(session_id, save_as) sessions.set_hashcat_setting(session_id, 'wordlist', save_as) else: flash('Invalid wordlist option', 'error') has_errors = True #MASK mask = request.form['compiled-mask'].strip() enable_increments = int(request.form.get('enable_increments', 0)) if enable_increments == 1: increment_min = int(request.form['increment-min'].strip()) increment_max = int(request.form['increment-max'].strip()) else: increment_min = 0 increment_max = 0 if len(mask) == 0: flash('No mask set', 'error') has_errors = True if enable_increments == 1: if increment_min <= 0: has_errors = True flash('Min Increment is invalid', 'error') if increment_max <= 0: has_errors = True flash('Max Increment is invalid', 'error') if increment_min > increment_max: has_errors = True flash('Min Increment cannot be bigger than Max Increment', 'error') else: increment_min = 0 increment_max = 0 if has_errors: return redirect(url_for('sessions.setup_hybrid', session_id=session_id)) sessions.set_hashcat_setting(session_id, 'wordlist_type', wordlist_type) sessions.set_hashcat_setting(session_id, 'mask', mask) sessions.set_hashcat_setting(session_id, 'increment_min', increment_min) sessions.set_hashcat_setting(session_id, 'increment_max', increment_max) return redirect(url_for('sessions.settings', session_id=session_id))