def dictionary_attack(self, login, md5):
wordlist = get_dico()
for word in wordlist:
hash = hashlib.md5('%s\nskyper\n%s' % (login, word)).hexdigest()
if hash == md5:
return word
return False
def dictionary_attack(self, login, md5):
wordlist = get_dico()
for word in wordlist:
hash = hashlib.md5('%s\nskyper\n%s' % (login, word)).hexdigest()
if hash == md5:
return word
return False
def attack(self, user, cryptPwd):
# By default 500 most famous passwords are used for the dictionary attack
dic = get_dico()
# add the user on the list to found weak password (login equal password)
dic.insert(0, user)
# file for dictionnary attack entered
if constant.path:
if os.path.exists(constant.path):
dic = self.get_dic(constant.path)
else:
print_debug('WARNING', 'The file does not exist: %s' % str(constant.path))
# Different possible hash type
# ID | Method
# --------------------------------------------------------------------------
# 1 | MD5
# 2 | Blowfish (not in mainline glibc; added in some Linux distributions)
# 5 | SHA-256 (since glibc 2.7)
# 6 | SHA-512 (since glibc 2.7)
hashType = cryptPwd.split("$")[1]
values = {'Category': 'System Account'}
if hashType == '1': # MD5
print_debug('INFO', '[+] Hash type MD5 detected ...')
elif hashType == '2':
print_debug('INFO', '[+] Hash type Blowfish detected ...')
elif hashType == '5':
print_debug('INFO', '[+] Hash type SHA-256 detected ...')
elif hashType == '6': # ShA-512 => used by all modern computers
print_debug('INFO', '[+] Hash type SHA-512 detected ...')
salt = cryptPwd.split("$")[2]
realSalt = "$" + hashType + "$" + salt + "$"
# -------------------------- Dictionary attack --------------------------
print_debug('INFO', 'Dictionnary Attack on the hash !!! ')
try:
for word in dic:
try:
cryptWord = crypt.crypt(word, realSalt)
except Exception,e:
print_debug('DEBUG', '{0}'.format(e))
cryptWord = ''
if cryptWord == cryptPwd:
values['User'] = user
values['password'] = word
self.pwdFound.append(values)
return
except (KeyboardInterrupt, SystemExit):
print 'INTERRUPTED!'
print_debug('DEBUG', 'Dictionnary attack interrupted')
except Exception,e:
print_debug('DEBUG', '{0}'.format(e))
def attack(self, user, cryptPwd):
# By default 500 most famous passwords are used for the dictionary attack
dic = get_dico()
# add the user on the list to found weak password (login equal password)
dic.insert(0, user)
# file for dictionary attack entered
if constant.path:
if os.path.exists(constant.path):
dic = self.get_dic(constant.path)
else:
print_debug('WARNING', 'The file does not exist: %s' % str(constant.path))
# Different possible hash type
# ID | Method
# --------------------------------------------------------------------------
# 1 | MD5
# 2 | Blowfish (not in mainline glibc; added in some Linux distributions)
# 5 | SHA-256 (since glibc 2.7)
# 6 | SHA-512 (since glibc 2.7)
hashType = cryptPwd.split("$")[1]
values = {'Category': 'System Account'}
if hashType == '1': # MD5
print_debug('INFO', '[+] Hash type MD5 detected ...')
elif hashType == '2':
print_debug('INFO', '[+] Hash type Blowfish detected ...')
elif hashType == '5':
print_debug('INFO', '[+] Hash type SHA-256 detected ...')
elif hashType == '6': # ShA-512 => used by all modern computers
print_debug('INFO', '[+] Hash type SHA-512 detected ...')
salt = cryptPwd.split("$")[2]
realSalt = "$" + hashType + "$" + salt + "$"
# -------------------------- Dictionary attack --------------------------
print_debug('INFO', 'Dictionary Attack on the hash !!! ')
try:
for word in dic:
try:
cryptWord = crypt.crypt(word, realSalt)
except Exception,e:
print_debug('DEBUG', '{0}'.format(e))
cryptWord = ''
if cryptWord == cryptPwd:
values['User'] = user
values['password'] = word
self.pwdFound.append(values)
return
except (KeyboardInterrupt, SystemExit):
print 'INTERRUPTED!'
print_debug('DEBUG', 'Dictionary attack interrupted')
except Exception,e:
print_debug('DEBUG', '{0}'.format(e))
def dictionary_attack(self, login, md5):
wordlist = get_dico()
# if the user specify the file path
if constant.path:
wordlist += self.get_dic_file(constant.path)
for word in wordlist:
hash = hashlib.md5("%s\nskyper\n%s" % (login, word)).hexdigest()
if hash == md5:
return word
return False
def dictionary_attack(self, login, md5):
wordlist = get_dico()
# if the user specify the file path
if constant.path:
wordlist += self.get_dic_file(constant.path)
for word in wordlist:
hash = hashlib.md5('%s\nskyper\n%s' % (login, word)).hexdigest()
if hash == md5:
return word
return False
def __init__(self, address, system=False, security=False, sam=False, ntds=False, history=False): self.__remoteAddr = address self.__lmhash = '' self.__nthash = '' self.__SAMHashes = None self.__NTDSHashes = None self.__LSASecrets = None self.__systemHive = system self.__securityHive = security self.__samHive = sam self.__ntdsFile = ntds self.__history = history self.__noLMHash = True self.__isRemote = False self.categoryName = '' self.wordlist = get_dico() + constant.passwordFound
def __init__(self,
address,
system=False,
security=False,
sam=False,
ntds=False,
history=False):
self.__remoteAddr = address
self.__lmhash = ''
self.__nthash = ''
self.__SAMHashes = None
self.__NTDSHashes = None
self.__LSASecrets = None
self.__systemHive = system
self.__securityHive = security
self.__samHive = sam
self.__ntdsFile = ntds
self.__history = history
self.__noLMHash = True
self.__isRemote = False
self.categoryName = ''
self.wordlist = get_dico() + constant.passwordFound
for p in f:
if self.is_masterpassword_correct(p.strip())[0]:
print_debug('FIND', 'Master password found: %s' % p.strip())
return p.strip()
except (KeyboardInterrupt, SystemExit):
print 'INTERRUPTED!'
print_debug('DEBUG', 'Dictionnary attack interrupted')
except Exception,e:
print_debug('DEBUG', '{0}'.format(e))
print_debug('WARNING', 'The Master password has not been found using the dictionnary attack')
# 500 most used passwords
if 'd' in self.toCheck:
wordlist = get_dico() + constant.passwordFound
num_lines = (len(wordlist)-1)
print_debug('ATTACK', '%d most used passwords !!! ' % num_lines)
for word in wordlist:
if self.is_masterpassword_correct(word)[0]:
print_debug('FIND', 'Master password found: %s' % word.strip())
return word
print_debug('WARNING', 'No password has been found using the default list')
# brute force attack
if 'b' in self.toCheck:
charset_list = 'abcdefghijklmnopqrstuvwxyz1234567890!?'
tab = [i for i in charset_list]
return True
except (KeyboardInterrupt, SystemExit):
print 'INTERRUPTED!'
print_debug('DEBUG', 'Dictionnary attack interrupted')
except Exception, e:
print_debug('DEBUG', '{0}'.format(e))
pass
print_debug(
'WARNING',
'The Master password has not been found using the dictionnary attack'
)
# 500 most used passwords
if 'd' in self.toCheck:
wordlist = get_dico() + constant.passwordFound
num_lines = (len(wordlist) - 1)
print_debug('ATTACK', '%d most used passwords !!! ' % num_lines)
for word in wordlist:
if self.is_masterpassword_correct(word):
print_debug('FIND',
'Master password found: %s\n' % word.strip())
return True
print_debug('WARNING',
'No password has been found using the default list')
# brute force attack
if 'b' in self.toCheck:
charset_list = 'abcdefghijklmnopqrstuvwxyz1234567890!?'
