def NLTM_salt(self, i, data, salt): start_time = time.time() key = data + salt lmhash.hash(key) end_time = time.time() print("NTLM:", end_time - start_time, "s") self.fast_time_salt[i].append(end_time - start_time)
def encode_secret(attribute=settings.FREERADIUS_DEFAULT_SECRET_FORMAT, new_value=None): if attribute == 'Cleartext-Password': password_renewed = new_value elif attribute == 'NT-Password': password_renewed = nthash.hash(new_value) elif attribute == 'LM-Password': password_renewed = lmhash.hash(new_value) elif attribute == 'MD5-Password': password_renewed = md5(new_value.encode('utf-8')).hexdigest() elif attribute == 'SMD5-Password': salt = urandom(4) hash = md5(new_value.encode('utf-8')) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) password_renewed = hash_encoded.decode('utf-8')[:-1] elif attribute == 'SHA-Password': password_renewed = sha1(new_value.encode('utf-8')).hexdigest() elif attribute == 'SSHA-Password': salt = urandom(4) hash = sha1(new_value.encode('utf-8')) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) password_renewed = hash_encoded.decode('utf-8')[:-1] elif attribute == 'Crypt-Password': password_renewed = sha512_crypt.hash(new_value) return password_renewed
def _encode_secret(attribute, new_value=None): if attribute == 'NT-Password': attribute_value = nthash.hash(new_value) elif attribute == 'LM-Password': attribute_value = lmhash.hash(new_value) elif attribute == 'MD5-Password': attribute_value = md5(new_value.encode('utf-8')).hexdigest() elif attribute == 'SMD5-Password': salt = urandom(4) hash = md5(new_value.encode('utf-8')) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) attribute_value = hash_encoded.decode('utf-8')[:-1] elif attribute == 'SHA-Password': attribute_value = sha1(new_value.encode('utf-8')).hexdigest() elif attribute == 'SSHA-Password': salt = urandom(4) hash = sha1(new_value.encode('utf-8')) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) attribute_value = hash_encoded.decode('utf-8')[:-1] elif attribute == 'Crypt-Password': attribute_value = sha512_crypt.hash(new_value) else: attribute_value = new_value return attribute_value
def run(self): ''' Worker thread @param none @return none ''' for word in self.words: word = word.rstrip('\n') if not res_queue.empty(): break else: if hashlib.md5( word.encode('utf-8')).hexdigest() == self.target: res_queue.put(('MD5', str(word))) elif hashlib.sha224( word.encode('utf-8')).hexdigest() == self.target: res_queue.put(('SHA224', str(word))) elif hashlib.sha384( word.encode('utf-8')).hexdigest() == self.target: res_queue.put(('SHA384', str(word))) elif hashlib.sha512( word.encode('utf-8')).hexdigest() == self.target: res_queue.put(('SHA512', str(word))) elif hashlib.sha1( word.encode('utf-8')).hexdigest() == self.target: res_queue.put(('SHA1', str(word))) elif hashlib.sha256( word.encode('utf-8')).hexdigest() == self.target: res_queue.put(('SHA256', str(word))) elif lmhash.hash(word.encode('utf-8')) == self.target: res_queue.put(('LM', str(word))) elif base64.b64encode(word.encode('utf-8')) == self.target: res_queue.put(('BASE64', str(word)))
def _encode_secret(attribute, new_value=None): if attribute == 'Cleartext-Password': password_renewed = new_value elif attribute == 'NT-Password': password_renewed = nthash.hash(new_value) elif attribute == 'LM-Password': password_renewed = lmhash.hash(new_value) return password_renewed
def make_password_lanman(password): """Password implementation for LANMAN Args: password (string): the plain password Returns: string: the hashed password with prefix. """ return "{{LANMAN}}{}".format(lmhash.hash(password))
def calculateLM(text): try: hashed = lmhash.hash("hello").upper() print("[+] The LM hash of '{0}' is: \n{1}\n".format(text, hashed)) try: clipboard.copy(hashed) print("[+] Hash successfully copied to the clipboard") except: print("[!] Warning: Cannot access the clipboard") except: print("[-] Error: LM hash calculating is not supported")
def lmhash(password=b''): """ Generates lanman password hash for a given password. Note that the author thinks LanMan hashes should be banished from the face of the earth. """ if not config.useLMhash(): return lmhash_locked() return passlib_lmhash.hash(password).encode('ascii').upper()
def bf(h, dictionary): f = open(dictionary, 'r') lines = f.readlines() print('\033[1;34m[*]\033[0m Starting Brute Force - hash = ' + h) for i in lines: h2 = lmhash.hash(i[:-1]) if h == h2: print('\033[1;32m[+]\033[0m Hash Cracked! - Password = ' + i)
def ossec_win_deploy(sensor_ip, agent_name, windows_ip, windows_username, windows_domain, windows_password): """ @param sensor_ip: The sensor IP from where to deploy the ossec agent @agent_name: @windows_ip: @windows_username: @windows_domain: @windows_password: @return: A tuple (success, data). """ response = None try: # Create temporary files outside playbook auth_file_samba = NamedTemporaryFile(delete=False) agent_config_file = NamedTemporaryFile(delete=False) agent_key_file = NamedTemporaryFile(delete=False) # Auth string for `wmiexec` tool: e.g. domain/username or username domain_str = "%s/" % windows_domain if windows_domain else "" windows_auth_sting = "%s%s" % (domain_str, windows_username) evars = {"target": "%s" % sensor_ip, "auth_file_samba": "%s" % auth_file_samba.name, "agent_config_file": "%s" % agent_config_file.name, "agent_key_file": "%s" % agent_key_file.name, "agent_name": "%s" % agent_name, "windows_ip": "%s" % windows_ip, "windows_domain": "%s" % windows_domain, "windows_username": "******" % windows_username, "windows_password": "******" % windows_password, "auth_str": "%s" % windows_auth_sting, "hashes": "%s:%s" % (lmhash.hash(windows_password), nthash.hash(windows_password))} response = _ansible.run_playbook(playbook=PLAYBOOKS['OSSEC_WIN_DEPLOY'], host_list=[sensor_ip], extra_vars=evars) # Remove temporary files os.remove(auth_file_samba.name) os.remove(agent_config_file.name) os.remove(agent_key_file.name) except Exception, exc: trace = traceback.format_exc() api_log.error("Ansible Error: An error occurred while running an windows OSSEC agent deployment:" "%s \n trace: %s" % (exc, trace))
def save_model(self, request, obj, form, change): password_renewed = form.data['new_value'] password_format = form.data['attribute'] if password_format in app_settings.DISABLED_SECRET_FORMAT: messages.add_message( request, messages.ERROR, '{} is not currently enabled. The password' ' was not changed'.format(password_format)) return if password_renewed: if password_format == 'Cleartext-Password': obj.value = password_renewed elif password_format == 'NT-Password': obj.value = nthash.hash(password_renewed) elif password_format == 'LM-Password': obj.value = lmhash.hash(password_renewed) obj.save()
def setUp(self): self.win_username = '******' self.win_password = '******' self.system_ip = '10.11.12.15' self.sensor_ip = '10.11.12.14' self.win_ip = '10.11.12.13' self.win_domain = '' self.agent_name = 'Host-{}'.format(self.win_ip) self.agent_id = '001' self.extra_vars = { "target": "{}".format(self.sensor_ip), "agent_name": "{}".format(self.agent_name), "windows_ip": "{}".format(self.win_ip), "windows_domain": "{}".format(self.win_domain), "windows_username": "******".format(self.win_username), "windows_password": "******".format(self.win_password), "auth_str": "{}".format(self.win_username), "hashes": "%s:%s" % (lmhash.hash(self.win_password), nthash.hash(self.win_password)) }
def Crypter(args): if args.encrypt == 'pbkdf2_sha256': return pbkdf2_sha256.hash(args.text) elif args.encrypt == 'oracle11': return oracle11.hash(args.text) elif args.encrypt == 'argon2': return argon2.hash(args.text) elif args.encrypt == 'bcrypt': return bcrypt.hash(args.text) elif args.encrypt == 'bcrypt_sha256': return bcrypt_sha256.hash(args.text) elif args.encrypt == 'cisco_asa': return cisco_asa.hash(args.text) elif args.encrypt == 'cisco_pix': return cisco_pix.hash(args.text) elif args.encrypt == 'cisco_type7': return cisco_type7.hash(args.text) elif args.encrypt == 'bigcrypt': return bigcrypt.hash(args.text) elif args.encrypt == 'bsdi_crypt': return bsdi_crypt.hash(args.text) elif args.encrypt == 'des_crypt': return des_crypt.hash(args.text) elif args.encrypt == 'hex_md4': return hex_md4.hash(args.text) elif args.encrypt == 'hex_md5': return hex_md5.hash(args.text) elif args.encrypt == 'hex_sha1': return hex_sha1.hash(args.text) elif args.encrypt == 'hex_sha256': return hex_sha256.hash(args.text) elif args.encrypt == 'hex_sha512': return hex_sha512.hash(args.text) elif args.encrypt == 'django_bcrypt': return django_bcrypt.hash(args.text) elif args.encrypt == 'django_disabled': return django_disabled.hash(args.text) elif args.encrypt == 'django_bcrypt_sha256': return django_bcrypt_sha256.hash(args.text) elif args.encrypt == 'django_des_crypt': return django_des_crypt.hash(args.text) elif args.encrypt == 'django_pbkdf2_sha1': return django_pbkdf2_sha1.hash(args.text) elif args.encrypt == 'django_pbkdf2_sha256': return django_pbkdf2_sha256.hash(args.text) elif args.encrypt == 'django_salted_md5': return django_salted_md5.hash(args.text) elif args.encrypt == 'django_salted_sha1': return django_salted_sha1.hash(args.text) elif args.encrypt == 'fshp': return fshp.hash(args.text) elif args.encrypt == 'ldap_bcrypt': return ldap_bcrypt.hash(args.text) elif args.encrypt == 'ldap_md5': return ldap_md5.hash(args.text) elif args.encrypt == 'ldap_plaintext': return ldap_plaintext.hash(args.text) elif args.encrypt == 'ldap_sha1': return ldap_sha1.hash(args.text) elif args.encrypt == 'ldap_bsdi_crypt': return ldap_bsdi_crypt.hash(args.text) elif args.encrypt == 'ldap_hex_md5': return ldap_hex_md5.hash(args.text) elif args.encrypt == 'ldap_hex_sha1': return ldap_hex_sha1.hash(args.text) elif args.encrypt == 'ldap_md5_crypt': return ldap_md5_crypt.hash(args.text) elif args.encrypt == 'ldap_pbkdf2_sha1': return ldap_pbkdf2_sha1.hash(args.text) elif args.encrypt == 'ldap_pbkdf2_sha256': return ldap_pbkdf2_sha256.hash(args.text) elif args.encrypt == 'ldap_pbkdf2_sha512': return ldap_pbkdf2_sha512.hash(args.text) elif args.encrypt == 'ldap_salted_md5': return ldap_salted_md5.hash(args.text) elif args.encrypt == 'ldap_salted_sha1': return ldap_salted_sha1.hash(args.text) elif args.encrypt == 'ldap_sha1_crypt': return ldap_sha1_crypt.hash(args.text) elif args.encrypt == 'ldap_sha256_crypt': return ldap_sha256_crypt.hash(args.text) elif args.encrypt == 'ldap_sha512_crypt': return ldap_sha512_crypt.hash(args.text) elif args.encrypt == 'apr_md5_crypt': return apr_md5_crypt.hash(args.text) elif args.encrypt == 'md5_crypt': return md5_crypt.hash(args.text) elif args.encrypt == 'plaintext': return plaintext.hash(args.text) elif args.encrypt == 'unix_disabled': return unix_disabled.hash(args.text) elif args.encrypt == 'unix_fallback': return unix_fallback.hash(args.text) elif args.encrypt == 'mssql2000': return mssql2000.hash(args.text) elif args.encrypt == 'mssql2005': return mssql2005.hash(args.text) elif args.encrypt == 'mysql323': return mysql323.hash(args.text) elif args.encrypt == 'mysql41': return mysql41.hash(args.text) elif args.encrypt == 'atlassian_pbkdf2_sha1': return atlassian_pbkdf2_sha1.hash(args.text) elif args.encrypt == 'cta_pbkdf2_sha1': return cta_pbkdf2_sha1.hash(args.text) elif args.encrypt == 'dlitz_pbkdf2_sha1': return dlitz_pbkdf2_sha1.hash(args.text) elif args.encrypt == 'grub_pbkdf2_sha512': return grub_pbkdf2_sha512.hash(args.text) elif args.encrypt == 'pbkdf2_sha1': return pbkdf2_sha1.hash(args.text) elif args.encrypt == 'pbkdf2_sha512': return pbkdf2_sha512.hash(args.text) elif args.encrypt == 'phpass': return phpass.hash(args.text) elif args.encrypt == 'roundup_plaintext': return roundup_plaintext.hash(args.text) elif args.encrypt == 'sun_md5_crypt': return sun_md5_crypt.hash(args.text) elif args.encrypt == 'scram': return scram.hash(args.text) elif args.encrypt == 'scrypt': return scrypt.hash(args.text) elif args.encrypt == 'sha1_crypt': return sha1_crypt.hash(args.text) elif args.encrypt == 'sha256_crypt': return sha256_crypt.hash(args.text) elif args.encrypt == 'sha512_crypt': return sha512_crypt.hash(args.text) elif args.encrypt == 'bsd_nthash': return bsd_nthash.hash(args.text) elif args.encrypt == 'lmhash': return lmhash.hash(args.text) elif args.encrypt == 'nthash': return nthash.hash(args.text)
def hash(a): h = lmhash.hash(a) return h
from passlib.hash import lmhash from passlib.hash import nthash myPass = "******" mySecPass = "******" lmhash1 = lmhash.hash(myPass) nthash1 = nthash.hash(myPass) lmhash2 = lmhash.hash(mySecPass) nthash2 = nthash.hash(mySecPass) print("LM Hash of {}: {}".format(myPass, lmhash1)) print("NT Hash of {}: {}\n".format(myPass, nthash1)) print("LM Hash of {}: {}".format(mySecPass, lmhash2)) print("NT Hash of {}: {}".format(mySecPass, nthash2))
def NLTM_saltless(self, i, data): start_time = time.time() lmhash.hash(data) end_time = time.time() print("NTLM:", end_time - start_time, "s") self.fast_time_saltless[i].append(end_time - start_time)
import json from passlib.hash import lmhash, pbkdf2_sha256 from flask import Flask, redirect, url_for, request app = Flask(__name__) form = '''<p>Enter your credentials to access secret information.</p> <form id="login" action="login" method="post"> <p><label for="username"><b>Username</b></label> <input type="text" placeholder="Enter your username" name="username" required></p> <p><label for="password"><b>Password</b></label> <input type="password" placeholder="Enter your password" name="password" required></p> <p><button type="submit">Connect</button></p> </form>''' with open('db.json', 'r') as f: hashPassword = lmhash.hash(json.load(f)['password']) ok = None @app.route('/') def index(): if ok is None: return form return form + '<h1 id="connected">{}</h1>'.format('OK' if ok else 'KO') @app.route('/login', methods=['POST']) def login(): global ok if request.method == 'POST':
def do_hashpw(self, cmd): origpw = raw_input("Original password: "******":" + binascii.hexlify(ntlmhash))
def ossec_win_deploy(sensor_ip, agent_name, windows_ip, windows_username, windows_domain, windows_password): """ @param sensor_ip: The sensor IP from where to deploy the ossec agent @agent_name: @windows_ip: @windows_username: @windows_domain: @windows_password: @return: A tuple (success, data). """ response = None try: # Create temporary files outside playbook auth_file_samba = NamedTemporaryFile(delete=False) agent_config_file = NamedTemporaryFile(delete=False) agent_key_file = NamedTemporaryFile(delete=False) # Auth string for `wmiexec` tool: e.g. domain/username or username domain_str = "%s/" % windows_domain if windows_domain else "" windows_auth_sting = "%s%s" % (domain_str, windows_username) evars = { "target": "%s" % sensor_ip, "auth_file_samba": "%s" % auth_file_samba.name, "agent_config_file": "%s" % agent_config_file.name, "agent_key_file": "%s" % agent_key_file.name, "agent_name": "%s" % agent_name, "windows_ip": "%s" % windows_ip, "windows_domain": "%s" % windows_domain, "windows_username": "******" % windows_username, "windows_password": "******" % windows_password, "auth_str": "%s" % windows_auth_sting, "hashes": "%s:%s" % (lmhash.hash(windows_password), nthash.hash(windows_password)) } response = _ansible.run_playbook( playbook=PLAYBOOKS['OSSEC_WIN_DEPLOY'], host_list=[sensor_ip], extra_vars=evars) # Remove temporary files os.remove(auth_file_samba.name) os.remove(agent_config_file.name) os.remove(agent_key_file.name) except Exception, exc: trace = traceback.format_exc() api_log.error( "Ansible Error: An error occurred while running an windows OSSEC agent deployment:" "%s \n trace: %s" % (exc, trace))
def enc(): awal() putih = "\033[97m" dfv = raw_input(W + "[" + B + "+" + W + "] Your Text " + B + ": " + G) asw = raw_input(W + "[" + B + "+" + W + "] Your Password " + B + ": " + G) print W + "\n* Generate Hash . . . . Please Wait !!!" time.sleep(1) print(W + ' ------------------------------------------------') #md5 daf1 = hashlib.md5(dfv.encode("utf -8")).hexdigest() print W + "[" + B + "+" + W + "] Md5 " + B + ":" + W, daf1 time.sleep(0.1) #sha256 daf2 = hashlib.sha256(dfv.encode()).hexdigest() print W + "[" + B + "+" + W + "] Sha256 " + B + ":" + W, daf2 time.sleep(0.1) #sha224 daf4 = hashlib.sha224(dfv.encode()).hexdigest() print W + "[" + B + "+" + W + "] Sha224 " + B + ":" + W, daf4 time.sleep(0.1) #sha512 daf5 = hashlib.sha512(dfv.encode()).hexdigest() print W + "[" + B + "+" + W + "] Sha512 " + B + ":" + W, daf5 time.sleep(0.1) #sha384 daf6 = hashlib.sha384(dfv.encode()).hexdigest() print W + "[" + B + "+" + W + "] Sha384 " + B + ":" + W, daf6 time.sleep(0.1) #sha1 daf11 = hashlib.sha1(dfv.encode()).hexdigest() print W + "[" + B + "+" + W + "] Sha1 " + B + ":" + W, daf11 time.sleep(0.1) #pbkdf2_sha1 daf12 = pbkdf2_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Pbkdf2_sha1 " + B + ":" + W, daf12 time.sleep(0.1) #pbkdf2_sha256 daf13 = pbkdf2_sha256.hash(dfv) print W + "[" + B + "+" + W + "] Pbkdf2_sha256 " + B + ":" + W, daf13 time.sleep(0.1) #pbkdf2_sha512 daf14 = pbkdf2_sha512.hash(dfv) print W + "[" + B + "+" + W + "] Pbkdf2_sha512 " + B + ":" + W, daf14 time.sleep(0.1) #sha256_crypt daf15 = sha256_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Sha256_crypt " + B + ":" + W, daf15 time.sleep(0.1) #sha512_crypt daf16 = sha512_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Sha512_crypt " + B + ":" + W, daf16 time.sleep(0.1) #md5_crypt daf17 = md5_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Md5_crypt " + B + ":" + W, daf17 time.sleep(0.1) #sha1_crypt daf18 = sha1_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Sha_crypt " + B + ":" + W, daf18 time.sleep(0.1) #sha1_crypt daf18 = sha1_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Sha_crypt " + B + ":" + W, daf18 time.sleep(0.1) #sun_md5_crypt daf19 = sun_md5_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Sun_md5_crypt " + B + ":" + W, daf19 time.sleep(0) #des_crypt daf20 = des_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Des_crypt " + B + ":" + W, daf20 time.sleep(0.1) #bsdi_crypt daf21 = bsdi_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Bsdi_crypt " + B + ":" + W, daf21 time.sleep(0.1) #bigcrypt daf22 = bigcrypt.hash(dfv) print W + "[" + B + "+" + W + "] Bigcrypt " + B + ":" + W, daf22 time.sleep(0.1) #crypt16 daf23 = crypt16.hash(dfv) print W + "[" + B + "+" + W + "] Crypt16 " + B + ":" + W, daf23 time.sleep(0.1) #phpass daf24 = phpass.hash(dfv) print W + "[" + B + "+" + W + "] Phpass " + B + ":" + W, daf24 time.sleep(0.1) #scram daf25 = scram.hash(dfv) print W + "[" + B + "+" + W + "] Scram " + B + ":" + W, daf25 time.sleep(0.1) #apr_md5_crypt daf27 = apr_md5_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Apr_Md5_Crypt " + B + ":" + W, daf27 time.sleep(0.1) #cta_pbkdf2 daf28 = cta_pbkdf2_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Cta_pbkdf2_sha1 " + B + ":" + W, daf28 time.sleep(0.1) #dlitz_pbdf2_sha1 daf29 = dlitz_pbkdf2_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Dlitz_pbkdf_sha1 " + B + ":" + W, daf29 time.sleep(0.1) #ldap_md5_crypt daf30 = ldap_md5_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_Md5_Crypt " + B + ":" + W, daf30 time.sleep(0.1) #ldap_hex_md5 daf31 = ldap_hex_md5.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_Hex_Md5 " + B + ":" + W, daf31 time.sleep(0.1) #ldao_hex_sha1 daf32 = ldap_hex_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_Hex_Sha1 " + B + ":" + W, daf32 time.sleep(0.1) #ldap_pbkdf2_sha1 daf33 = ldap_pbkdf2_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_pbkdf2_sha1 " + B + ":" + W, daf33 time.sleep(0.1) #ldap_pbkdf2_sha256 daf34 = ldap_pbkdf2_sha256.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_pbkdf2_sha256 " + B + ":" + W, daf34 time.sleep(0.1) #ldap_pbkdf2_sha512 daf35 = ldap_pbkdf2_sha512.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_pbdf2_sha512 " + B + ":" + W, daf35 time.sleep(0.1) #atlassian_pbkdf2_sha1 daf36 = atlassian_pbkdf2_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Atlassian_pbkdf2_sha1 " + B + ":" + W, daf36 time.sleep(0.1) #fshp daf37 = fshp.hash(dfv) print W + "[" + B + "+" + W + "] Fshp " + B + ":" + W, daf37 time.sleep(0.1) #mysql323 daf38 = mysql323.hash(dfv) print W + "[" + B + "+" + W + "] Mysql323 " + B + ":" + W, daf38 time.sleep(0.1) #mysql41 daf39 = mysql41.hash(dfv) print W + "[" + B + "+" + W + "] Mysql41 " + B + ":" + W, daf39 time.sleep(0.1) #postgres_md5 daf40 = postgres_md5.hash(dfv, user=asw) print W + "[" + B + "+" + W + "] Postgres_md5 " + B + ":" + W, daf40 time.sleep(0.1) #oracle10 daf41 = oracle10.hash(dfv, user=asw) print W + "[" + B + "+" + W + "] Oracle10 " + B + ":" + W, daf41 time.sleep(0.1) #oracle11 daf42 = oracle11.hash(dfv) print W + "[" + B + "+" + W + "] Oracle11 " + B + ":" + W, daf42 time.sleep(0.1) #lmhash daf43 = lmhash.hash(dfv) print W + "[" + B + "+" + W + "] Lmhash " + B + ":" + W, daf43 time.sleep(0.1) #nthash daf44 = nthash.hash(dfv) print W + "[" + B + "+" + W + "] Nthash " + B + ":" + W, daf44 time.sleep(0.1) #msdcc daf45 = msdcc.hash(dfv, user=asw) print W + "[" + B + "+" + W + "] Msdcc " + B + ":" + W, daf45 time.sleep(0.1) #msdcc2 daf46 = msdcc2.hash(dfv, user=asw) print W + "[" + B + "+" + W + "] Msdcc2 " + B + ":" + W, daf46 time.sleep(0.1) #cisco_type7 daf47 = cisco_type7.hash(dfv) print W + "[" + B + "+" + W + "] Cisco_type7 " + B + ":" + W, daf47 time.sleep(0.1) #grub_pbkdf2_sha512 daf48 = grub_pbkdf2_sha512.hash(dfv) print W + "[" + B + "+" + W + "] Grub_pbkdf2_sha512 " + B + ":" + W, daf48 time.sleep(0.1) #hex_sha1 daf49 = hex_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Hex_Sha1 " + B + ":" + W, daf49 time.sleep(0.1) #pwd daf50 = pwd.genword() print W + "[" + B + "+" + W + "] Pwd " + B + ":" + W, daf50 time.sleep(0.1) #mssql2005 daf51 = cuk.hash(dfv) print W + "[" + B + "+" + W + "] Mssql2005 " + B + ":" + W, daf51 time.sleep(0.1) #Mssql2000 daf52 = cak.hash(dfv) print W + "[" + B + "+" + W + "] Mssql2000 " + B + ":" + W, daf52 time.sleep(0.1) #ldap_salted_md5 daf52 = cik.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_salted_md5 " + B + ":" + W, daf52 time.sleep(0.1)
def get_lm_hash(value): return lmhash.hash(value)
def sambaLMPassword(passwd): return lmhash.hash(passwd)
max = 0 # if attack mode is dictionary user must supply dictionary if attack_mode == "dictionary": file_path = input( "enter file path to dictionary where list is contained: ") # if attack mode is brute force user must supply min and max password length if attack_mode == "brute_force": crunch = input( "enter crunch mode [yes/no] (user input possible chracters) ") # if crunch mode chosen the user inputs the chars for program to permutate if crunch == "yes": user_crunch = input("input crunch string to permutate into password ") min = input("input min password length: ") max = input("input max password length: ") h = lmhash.hash(password) print("the password's hash is: ") print(h) if attack_mode == "brute_force": # all possible permutations of these chracaters will be tested if crunch == "yes": asciichars = user_crunch else: asciichars = 'abcdefghijklmnopqrstuvwxyz0123456789' tries = 0 # create permutations of length min to max for length in range(int(min), (int(max)+1)): # create permutations with set of chracters specified with specified length # repeat option allows permutations with repeating characters
def ch(s): h = lmhash.hash(s) for k in range(len(h)): if (h[k] != HASH[k]): return h return True
def lm(HASH, password): test_hash = lmhash.hash(password.decode()) if test_hash == HASH: print(HASH + ':' + password.decode()) exit()
# COMP3550-1 Lab1 # MacchiaroliM 5-17-2020 # Question A1 ############# #Create a Python script to determine the LM #hash and NTLM hash of the following #words:"Napier","Foxtrot" ############# from passlib.hash import lmhash, nthash words = ["Napier", "Foxtrot"] for x in words: print("Hashes for \"" + x + "\":") print("LM Hash: " + lmhash.hash(x)) # .encrypt deprecated, using hash instead print("NT Hash: " + nthash.hash(x)) # .encrypt deprecated, using hash instead
def encode_secret(enc, new_value=None): """ https://docs.python.org/3.5/library/hashlib.html http://passlib.readthedocs.io/en/stable/lib/passlib.hash.ldap_std.html """ password_renewed = None if enc == 'Plaintext': password_renewed = ldap_plaintext.hash(new_value) elif enc == 'NT': password_renewed = nthash.hash(new_value) elif enc == 'LM': password_renewed = lmhash.hash(new_value) elif enc == 'MD5': password_renewed = ldap_md5.hash(new_value.encode(_CHARSET)) elif enc == 'SMD5': password_renewed = ldap_salted_md5.hash(new_value.encode(_CHARSET)) elif enc == 'SHA': password_renewed = ldap_sha1.hash(new_value.encode(_CHARSET)) elif enc == 'SSHA': salt = urandom(8) hash = sha1(new_value.encode(_CHARSET)) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) password_renewed = hash_encoded.decode(_CHARSET)[:-1] password_renewed = '{%s}%s' % (enc, password_renewed) elif enc == 'SHA256': password_renewed = sha256(new_value.encode(_CHARSET)).digest() password_renewed = '{%s}%s' % ( enc, encodestring(password_renewed).decode(_CHARSET)[:-1]) elif enc == 'SSHA256': salt = urandom(_LDAP_SALT_LENGHT) hash = sha256(new_value.encode(_CHARSET)) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) password_renewed = hash_encoded.decode(_CHARSET)[:-1] password_renewed = '{%s}%s' % (enc, password_renewed) elif enc == 'SHA384': password_renewed = sha384(new_value.encode(_CHARSET)).digest() password_renewed = '{%s}%s' % ( enc, encodestring(password_renewed).decode(_CHARSET)[:-1]) elif enc == 'SSHA384': salt = urandom(_LDAP_SALT_LENGHT) hash = sha384(new_value.encode(_CHARSET)) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) password_renewed = hash_encoded.decode(_CHARSET)[:-1] password_renewed = '{%s}%s' % (enc, password_renewed) elif enc == 'SHA512': password_renewed = sha512(new_value.encode(_CHARSET)).digest() password_renewed = '{%s}%s' % ( enc, encodestring(password_renewed).decode(_CHARSET)[:-1]) elif enc == 'SSHA512': salt = urandom(_LDAP_SALT_LENGHT) hash = sha512(new_value.encode(_CHARSET)) hash.update(salt) hash_encoded = encodestring(hash.digest() + salt) password_renewed = hash_encoded.decode(_CHARSET)[:-1] password_renewed = '{%s}%s' % (enc, password_renewed) elif enc == 'PKCS5S2': return atlassian_pbkdf2_sha1.encrypt(new_value) elif enc == 'CRYPT': password_renewed = crypt.crypt(new_value, crypt.mksalt(crypt.METHOD_CRYPT)) password_renewed = '{%s}%s' % (enc, password_renewed) elif enc == 'CRYPT-MD5': # this worked too # return ldap_md5_crypt.encrypt(new_value) password_renewed = crypt.crypt(new_value, crypt.mksalt(crypt.METHOD_MD5)) password_renewed = '{CRYPT}%s' % (password_renewed) elif enc == 'CRYPT-SHA-256': password_renewed = crypt.crypt(new_value, crypt.mksalt(crypt.METHOD_SHA256)) password_renewed = '{CRYPT}%s' % (password_renewed) elif enc == 'CRYPT-SHA-512': password_renewed = crypt.crypt(new_value, crypt.mksalt(crypt.METHOD_SHA512)) password_renewed = '{CRYPT}%s' % (password_renewed) return password_renewed
uid: %(uid)s cn: %(cn)s uidNumber: %(uid_num)s gidNumber: %(uid_num)s homeDirectory: %(home_dir)s sambaSID: %(sid)s sambaNTPassword: %(ntpwd)s sambaLMPassword: %(lmpwd)s userPassword: %(pwd)s """ n = int(sys.argv.pop(1)) print(container_template) for x in range(n): secret = 'secret%d' % x nt_secret = nthash.hash(secret) lm_secret = lmhash.hash(secret) print(user_template % dict( uid='uid%d' % x, cn='cn%d' % x, uid_num=str(x), gid_num=str(x), home_dir='/home/uid%d' % x, sid='12345-%d' % x, pwd=secret, ntpwd=nt_secret, lmpwd=lm_secret, ))
1, byteorder='big') s += (((key[4] & 0x1f) << 2 | ((key[5] >> 6) & 0x03)) << 1).to_bytes( 1, byteorder='big') s += (((key[5] & 0x3f) << 1 | ((key[6] >> 7) & 0x01)) << 1).to_bytes( 1, byteorder='big') s += ((key[6] & 0x7f) << 1).to_bytes(1, byteorder='big') return s LM_SECRET = b'KGS!@#$%' #LMhash=DESeach(DOSCHARSET(UPPERCASE(password)), "KGS!@#$%") secret = 'PASSWORD' pl_hash = lmhash.hash(secret) t1 = secret[:14].ljust(14, '\x00').upper() print(t1) p1 = t1[:7].encode('ascii') print(p1) p2 = t1[7:].encode('ascii') print(p2) d = des(__expand_DES_key(p1)) r1 = d.encrypt(LM_SECRET) d = des(__expand_DES_key(p2)) r2 = d.encrypt(LM_SECRET) lm_hash = r1 + r2 print(lm_hash.hex())
def login(): global ok if request.method == 'POST': ok = request.form['username'] == 'me' and lmhash.hash( request.form['password']) == lmhash.hash("cb") return redirect(url_for('index'))
def ntlm(guess): nt = nthash.hash(guess) lm = lmhash.hash(guess) final_ntlm = lm + nt return final_ntlm