def _calc_checksum(self, secret): # check if this is a mysql hash # it is possible that we will generate a false positive if the users password happens to be 40 hex chars proceeded # by an * char, but this seems highly unlikely if not (secret[0] == "*" and len(secret) == 41 and all(c in string.hexdigits for c in secret[1:])): secret = mysql41.hash(secret + self.salt.decode('utf-8')) return super(LegacyPassword, self)._calc_checksum(secret)
def bf(h, dictionary): f = open(dictionary, 'r') lines = f.readlines() print('\033[1;34m[*]\033[0m Starting Brute Force - hash = ' + h) for i in lines: h2 = mysql41.hash(i[:-1]) if h == h2: print('\033[1;32m[+]\033[0m Hash Cracked! - Password = ' + i)
def return_mysql41(self, secret, options): from passlib.hash import mysql41 return mysql41.hash(secret)
def hash(a): h = mysql41.hash(a) return h
def Crypter(args): if args.encrypt == 'pbkdf2_sha256': return pbkdf2_sha256.hash(args.text) elif args.encrypt == 'oracle11': return oracle11.hash(args.text) elif args.encrypt == 'argon2': return argon2.hash(args.text) elif args.encrypt == 'bcrypt': return bcrypt.hash(args.text) elif args.encrypt == 'bcrypt_sha256': return bcrypt_sha256.hash(args.text) elif args.encrypt == 'cisco_asa': return cisco_asa.hash(args.text) elif args.encrypt == 'cisco_pix': return cisco_pix.hash(args.text) elif args.encrypt == 'cisco_type7': return cisco_type7.hash(args.text) elif args.encrypt == 'bigcrypt': return bigcrypt.hash(args.text) elif args.encrypt == 'bsdi_crypt': return bsdi_crypt.hash(args.text) elif args.encrypt == 'des_crypt': return des_crypt.hash(args.text) elif args.encrypt == 'hex_md4': return hex_md4.hash(args.text) elif args.encrypt == 'hex_md5': return hex_md5.hash(args.text) elif args.encrypt == 'hex_sha1': return hex_sha1.hash(args.text) elif args.encrypt == 'hex_sha256': return hex_sha256.hash(args.text) elif args.encrypt == 'hex_sha512': return hex_sha512.hash(args.text) elif args.encrypt == 'django_bcrypt': return django_bcrypt.hash(args.text) elif args.encrypt == 'django_disabled': return django_disabled.hash(args.text) elif args.encrypt == 'django_bcrypt_sha256': return django_bcrypt_sha256.hash(args.text) elif args.encrypt == 'django_des_crypt': return django_des_crypt.hash(args.text) elif args.encrypt == 'django_pbkdf2_sha1': return django_pbkdf2_sha1.hash(args.text) elif args.encrypt == 'django_pbkdf2_sha256': return django_pbkdf2_sha256.hash(args.text) elif args.encrypt == 'django_salted_md5': return django_salted_md5.hash(args.text) elif args.encrypt == 'django_salted_sha1': return django_salted_sha1.hash(args.text) elif args.encrypt == 'fshp': return fshp.hash(args.text) elif args.encrypt == 'ldap_bcrypt': return ldap_bcrypt.hash(args.text) elif args.encrypt == 'ldap_md5': return ldap_md5.hash(args.text) elif args.encrypt == 'ldap_plaintext': return ldap_plaintext.hash(args.text) elif args.encrypt == 'ldap_sha1': return ldap_sha1.hash(args.text) elif args.encrypt == 'ldap_bsdi_crypt': return ldap_bsdi_crypt.hash(args.text) elif args.encrypt == 'ldap_hex_md5': return ldap_hex_md5.hash(args.text) elif args.encrypt == 'ldap_hex_sha1': return ldap_hex_sha1.hash(args.text) elif args.encrypt == 'ldap_md5_crypt': return ldap_md5_crypt.hash(args.text) elif args.encrypt == 'ldap_pbkdf2_sha1': return ldap_pbkdf2_sha1.hash(args.text) elif args.encrypt == 'ldap_pbkdf2_sha256': return ldap_pbkdf2_sha256.hash(args.text) elif args.encrypt == 'ldap_pbkdf2_sha512': return ldap_pbkdf2_sha512.hash(args.text) elif args.encrypt == 'ldap_salted_md5': return ldap_salted_md5.hash(args.text) elif args.encrypt == 'ldap_salted_sha1': return ldap_salted_sha1.hash(args.text) elif args.encrypt == 'ldap_sha1_crypt': return ldap_sha1_crypt.hash(args.text) elif args.encrypt == 'ldap_sha256_crypt': return ldap_sha256_crypt.hash(args.text) elif args.encrypt == 'ldap_sha512_crypt': return ldap_sha512_crypt.hash(args.text) elif args.encrypt == 'apr_md5_crypt': return apr_md5_crypt.hash(args.text) elif args.encrypt == 'md5_crypt': return md5_crypt.hash(args.text) elif args.encrypt == 'plaintext': return plaintext.hash(args.text) elif args.encrypt == 'unix_disabled': return unix_disabled.hash(args.text) elif args.encrypt == 'unix_fallback': return unix_fallback.hash(args.text) elif args.encrypt == 'mssql2000': return mssql2000.hash(args.text) elif args.encrypt == 'mssql2005': return mssql2005.hash(args.text) elif args.encrypt == 'mysql323': return mysql323.hash(args.text) elif args.encrypt == 'mysql41': return mysql41.hash(args.text) elif args.encrypt == 'atlassian_pbkdf2_sha1': return atlassian_pbkdf2_sha1.hash(args.text) elif args.encrypt == 'cta_pbkdf2_sha1': return cta_pbkdf2_sha1.hash(args.text) elif args.encrypt == 'dlitz_pbkdf2_sha1': return dlitz_pbkdf2_sha1.hash(args.text) elif args.encrypt == 'grub_pbkdf2_sha512': return grub_pbkdf2_sha512.hash(args.text) elif args.encrypt == 'pbkdf2_sha1': return pbkdf2_sha1.hash(args.text) elif args.encrypt == 'pbkdf2_sha512': return pbkdf2_sha512.hash(args.text) elif args.encrypt == 'phpass': return phpass.hash(args.text) elif args.encrypt == 'roundup_plaintext': return roundup_plaintext.hash(args.text) elif args.encrypt == 'sun_md5_crypt': return sun_md5_crypt.hash(args.text) elif args.encrypt == 'scram': return scram.hash(args.text) elif args.encrypt == 'scrypt': return scrypt.hash(args.text) elif args.encrypt == 'sha1_crypt': return sha1_crypt.hash(args.text) elif args.encrypt == 'sha256_crypt': return sha256_crypt.hash(args.text) elif args.encrypt == 'sha512_crypt': return sha512_crypt.hash(args.text) elif args.encrypt == 'bsd_nthash': return bsd_nthash.hash(args.text) elif args.encrypt == 'lmhash': return lmhash.hash(args.text) elif args.encrypt == 'nthash': return nthash.hash(args.text)
def start_cracking(hash_value, wordlist, hash_type, verbose, start_from_line=1): # Define a counter for keeping track of current word number c = 0 try: # Check if required to start cracking from a specific line in wordlist if start_from_line == 1: pass else: print(info('Restoring from a previous cracking session...')) # Check if the hash provided is valid if hash_type == '': hash_type = check_hash(hash_value) auto_detected = True else: hash_type = hash_type.upper() auto_detected = False # Count the amount of words in the wordlist with open(wordlist) as f: print( info( 'Counting words from wordlist, this might take a while, please wait...' )) word_count = sum(1 for _ in f) # If the -v or --verbose flag was set, print the info set by the user if verbose: print(info('Hash: ' + str(hash_value))) if auto_detected: print(info('Hash type (auto-detected): ' + str(hash_type))) else: print(info('Hash type (user-specified): ' + str(hash_type))) print(info('Wordlist path: ' + str(wordlist))) print(info('Word count: ' + str(word_count))) hash_cracked = False current_word = '' # Inform the user that HashJack is starting start_time = datetime.now() print('\n' + info('HashJack {} starting at {}'.format(version, start_time))) # Open the user specified wordlist with open(wordlist, 'rb') as f: restored_from_line = False # Read the wordlist file line by line for i, word in enumerate(f): # Increase the word counter by 1 each time a new line is read c += 1 if i + 1 == start_from_line: restored_from_line = True if not restored_from_line: continue # Strip new line characters from current wordlist word current_word = str(word).strip('\n') # If verbose output mode is enabled, print HashJack cracking status if verbose: if word_count % c == 0: # Log the current cracking status of HashJack print( log('Cracking hash ' + yellow + bold + str(hash_value) + white + green + ' with ' + 'word (%d/%d): ' % (c, word_count) + bold + blue + current_word + white)) # If the hash type is MD5, use MD5 hashing function for cracking if hash_type == 'MD5': current_word_hash = hashlib.md5(current_word).hexdigest() # If the hash type is SHA-1, use SHA-1 hashing function for cracking elif hash_type == 'SHA-1': current_word_hash = hashlib.sha1(current_word).hexdigest() # If the hash type is SHA-224, use SHA-224 hashing function for cracking elif hash_type == 'SHA-224': current_word_hash = hashlib.sha224( current_word).hexdigest() # If the hash type is SHA-256, use SHA-256 hashing function for cracking elif hash_type == 'SHA-256': current_word_hash = hashlib.sha256( current_word).hexdigest() # If the hash type is SHA-384, use SHA-384 hashing function for cracking elif hash_type == 'SHA-384': current_word_hash = hashlib.sha384( current_word).hexdigest() # If the hash type is SHA-512, use SHA-512 hashing function for cracking elif hash_type == 'SHA-512': current_word_hash = hashlib.sha512( current_word).hexdigest() # If the hash type is MYSQL-41, use MYSQL-41 hashing function for cracking elif hash_type == 'MYSQL-41': try: current_word_hash = mysql41.hash(current_word) except PasswordSizeError: print( info( 'The password "{}" in the wordlist is too long for a MySQL 4.1+ hash. ' 'Skipping this one...'.format(current_word))) continue # If the hash type is LM, use LM hashing function for cracking elif hash_type == 'LM': try: if lmhash.verify(current_word, hash_value): hash_cracked = True break else: continue except ValueError: print( error( 'The specified hash is not a valid LM hash (must be exactly 32 chars long).' )) sys.exit(1) # If the hash type is NTLM, use NTLM hashing function for cracking elif hash_type == 'NTLM': try: if nthash.verify(current_word, hash_value): hash_cracked = True break else: continue except PasswordSizeError: print( info( 'The password "{}" in the wordlist is too long for a NTLM hash. ' 'Skipping this one...'.format(current_word))) continue except ValueError: print( error( 'The specified hash is not a valid NTLM hash (must be exactly 32 chars long).' )) sys.exit(1) # If the hash type does not exist, throw an error and exit else: print(error('There is no function for this hash type.')) sys.exit(1) # If a password match was found, stop the cracking process and show the hash value to the user if hash_value.lower() == current_word_hash.lower(): hash_cracked = True break else: # If no hash match was found, try the next available word in dictionary / wordlist continue # If a password hash match was found if hash_cracked: print('') hash_found(start_time, hash_value, current_word) sys.exit(0) # If no password hash match was found else: print('') hash_not_found(start_time) sys.exit(1) except KeyboardInterrupt: print('\n' + info('Operation cancelled by User. HashJack shutting down...')) print(info('Writing a HashJack restore file...')) restore_filename = 'hashjack' extension = '.restore' while True: current_time = str(datetime.now()) restore_filename = (restore_filename + '-' + current_time + extension).replace(' ', '-') # If a file with the restore_filename name does not exist, create it if not os.path.isfile(restore_filename): with open(restore_filename, 'wb') as f: f.write( str( dict(hash_value=hash_value, wordlist=wordlist, line=c, hash_type=hash_type)) + '\n') break # If the restore file exists, generate a new name and write it else: print( error( 'Failed to create restore file. File "{}" already exists. Trying again...' .format(restore_filename))) continue print( success( 'Restore file written to "{}".\n'.format(restore_filename))) sys.exit(0)
def enc(): awal() putih = "\033[97m" dfv = raw_input(W + "[" + B + "+" + W + "] Your Text " + B + ": " + G) asw = raw_input(W + "[" + B + "+" + W + "] Your Password " + B + ": " + G) print W + "\n* Generate Hash . . . . Please Wait !!!" time.sleep(1) print(W + ' ------------------------------------------------') #md5 daf1 = hashlib.md5(dfv.encode("utf -8")).hexdigest() print W + "[" + B + "+" + W + "] Md5 " + B + ":" + W, daf1 time.sleep(0.1) #sha256 daf2 = hashlib.sha256(dfv.encode()).hexdigest() print W + "[" + B + "+" + W + "] Sha256 " + B + ":" + W, daf2 time.sleep(0.1) #sha224 daf4 = hashlib.sha224(dfv.encode()).hexdigest() print W + "[" + B + "+" + W + "] Sha224 " + B + ":" + W, daf4 time.sleep(0.1) #sha512 daf5 = hashlib.sha512(dfv.encode()).hexdigest() print W + "[" + B + "+" + W + "] Sha512 " + B + ":" + W, daf5 time.sleep(0.1) #sha384 daf6 = hashlib.sha384(dfv.encode()).hexdigest() print W + "[" + B + "+" + W + "] Sha384 " + B + ":" + W, daf6 time.sleep(0.1) #sha1 daf11 = hashlib.sha1(dfv.encode()).hexdigest() print W + "[" + B + "+" + W + "] Sha1 " + B + ":" + W, daf11 time.sleep(0.1) #pbkdf2_sha1 daf12 = pbkdf2_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Pbkdf2_sha1 " + B + ":" + W, daf12 time.sleep(0.1) #pbkdf2_sha256 daf13 = pbkdf2_sha256.hash(dfv) print W + "[" + B + "+" + W + "] Pbkdf2_sha256 " + B + ":" + W, daf13 time.sleep(0.1) #pbkdf2_sha512 daf14 = pbkdf2_sha512.hash(dfv) print W + "[" + B + "+" + W + "] Pbkdf2_sha512 " + B + ":" + W, daf14 time.sleep(0.1) #sha256_crypt daf15 = sha256_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Sha256_crypt " + B + ":" + W, daf15 time.sleep(0.1) #sha512_crypt daf16 = sha512_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Sha512_crypt " + B + ":" + W, daf16 time.sleep(0.1) #md5_crypt daf17 = md5_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Md5_crypt " + B + ":" + W, daf17 time.sleep(0.1) #sha1_crypt daf18 = sha1_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Sha_crypt " + B + ":" + W, daf18 time.sleep(0.1) #sha1_crypt daf18 = sha1_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Sha_crypt " + B + ":" + W, daf18 time.sleep(0.1) #sun_md5_crypt daf19 = sun_md5_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Sun_md5_crypt " + B + ":" + W, daf19 time.sleep(0) #des_crypt daf20 = des_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Des_crypt " + B + ":" + W, daf20 time.sleep(0.1) #bsdi_crypt daf21 = bsdi_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Bsdi_crypt " + B + ":" + W, daf21 time.sleep(0.1) #bigcrypt daf22 = bigcrypt.hash(dfv) print W + "[" + B + "+" + W + "] Bigcrypt " + B + ":" + W, daf22 time.sleep(0.1) #crypt16 daf23 = crypt16.hash(dfv) print W + "[" + B + "+" + W + "] Crypt16 " + B + ":" + W, daf23 time.sleep(0.1) #phpass daf24 = phpass.hash(dfv) print W + "[" + B + "+" + W + "] Phpass " + B + ":" + W, daf24 time.sleep(0.1) #scram daf25 = scram.hash(dfv) print W + "[" + B + "+" + W + "] Scram " + B + ":" + W, daf25 time.sleep(0.1) #apr_md5_crypt daf27 = apr_md5_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Apr_Md5_Crypt " + B + ":" + W, daf27 time.sleep(0.1) #cta_pbkdf2 daf28 = cta_pbkdf2_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Cta_pbkdf2_sha1 " + B + ":" + W, daf28 time.sleep(0.1) #dlitz_pbdf2_sha1 daf29 = dlitz_pbkdf2_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Dlitz_pbkdf_sha1 " + B + ":" + W, daf29 time.sleep(0.1) #ldap_md5_crypt daf30 = ldap_md5_crypt.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_Md5_Crypt " + B + ":" + W, daf30 time.sleep(0.1) #ldap_hex_md5 daf31 = ldap_hex_md5.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_Hex_Md5 " + B + ":" + W, daf31 time.sleep(0.1) #ldao_hex_sha1 daf32 = ldap_hex_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_Hex_Sha1 " + B + ":" + W, daf32 time.sleep(0.1) #ldap_pbkdf2_sha1 daf33 = ldap_pbkdf2_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_pbkdf2_sha1 " + B + ":" + W, daf33 time.sleep(0.1) #ldap_pbkdf2_sha256 daf34 = ldap_pbkdf2_sha256.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_pbkdf2_sha256 " + B + ":" + W, daf34 time.sleep(0.1) #ldap_pbkdf2_sha512 daf35 = ldap_pbkdf2_sha512.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_pbdf2_sha512 " + B + ":" + W, daf35 time.sleep(0.1) #atlassian_pbkdf2_sha1 daf36 = atlassian_pbkdf2_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Atlassian_pbkdf2_sha1 " + B + ":" + W, daf36 time.sleep(0.1) #fshp daf37 = fshp.hash(dfv) print W + "[" + B + "+" + W + "] Fshp " + B + ":" + W, daf37 time.sleep(0.1) #mysql323 daf38 = mysql323.hash(dfv) print W + "[" + B + "+" + W + "] Mysql323 " + B + ":" + W, daf38 time.sleep(0.1) #mysql41 daf39 = mysql41.hash(dfv) print W + "[" + B + "+" + W + "] Mysql41 " + B + ":" + W, daf39 time.sleep(0.1) #postgres_md5 daf40 = postgres_md5.hash(dfv, user=asw) print W + "[" + B + "+" + W + "] Postgres_md5 " + B + ":" + W, daf40 time.sleep(0.1) #oracle10 daf41 = oracle10.hash(dfv, user=asw) print W + "[" + B + "+" + W + "] Oracle10 " + B + ":" + W, daf41 time.sleep(0.1) #oracle11 daf42 = oracle11.hash(dfv) print W + "[" + B + "+" + W + "] Oracle11 " + B + ":" + W, daf42 time.sleep(0.1) #lmhash daf43 = lmhash.hash(dfv) print W + "[" + B + "+" + W + "] Lmhash " + B + ":" + W, daf43 time.sleep(0.1) #nthash daf44 = nthash.hash(dfv) print W + "[" + B + "+" + W + "] Nthash " + B + ":" + W, daf44 time.sleep(0.1) #msdcc daf45 = msdcc.hash(dfv, user=asw) print W + "[" + B + "+" + W + "] Msdcc " + B + ":" + W, daf45 time.sleep(0.1) #msdcc2 daf46 = msdcc2.hash(dfv, user=asw) print W + "[" + B + "+" + W + "] Msdcc2 " + B + ":" + W, daf46 time.sleep(0.1) #cisco_type7 daf47 = cisco_type7.hash(dfv) print W + "[" + B + "+" + W + "] Cisco_type7 " + B + ":" + W, daf47 time.sleep(0.1) #grub_pbkdf2_sha512 daf48 = grub_pbkdf2_sha512.hash(dfv) print W + "[" + B + "+" + W + "] Grub_pbkdf2_sha512 " + B + ":" + W, daf48 time.sleep(0.1) #hex_sha1 daf49 = hex_sha1.hash(dfv) print W + "[" + B + "+" + W + "] Hex_Sha1 " + B + ":" + W, daf49 time.sleep(0.1) #pwd daf50 = pwd.genword() print W + "[" + B + "+" + W + "] Pwd " + B + ":" + W, daf50 time.sleep(0.1) #mssql2005 daf51 = cuk.hash(dfv) print W + "[" + B + "+" + W + "] Mssql2005 " + B + ":" + W, daf51 time.sleep(0.1) #Mssql2000 daf52 = cak.hash(dfv) print W + "[" + B + "+" + W + "] Mssql2000 " + B + ":" + W, daf52 time.sleep(0.1) #ldap_salted_md5 daf52 = cik.hash(dfv) print W + "[" + B + "+" + W + "] Ldap_salted_md5 " + B + ":" + W, daf52 time.sleep(0.1)