def dictionary_attack(self, login, md5): wordlist = get_dico() for word in wordlist: hash = hashlib.md5('%s\nskyper\n%s' % (login, word)).hexdigest() if hash == md5: return word return False
def attack(self, user, cryptPwd): # By default 500 most famous passwords are used for the dictionary attack dic = get_dico() # add the user on the list to found weak password (login equal password) dic.insert(0, user) # file for dictionnary attack entered if constant.path: if os.path.exists(constant.path): dic = self.get_dic(constant.path) else: print_debug('WARNING', 'The file does not exist: %s' % str(constant.path)) # Different possible hash type # ID | Method # -------------------------------------------------------------------------- # 1 | MD5 # 2 | Blowfish (not in mainline glibc; added in some Linux distributions) # 5 | SHA-256 (since glibc 2.7) # 6 | SHA-512 (since glibc 2.7) hashType = cryptPwd.split("$")[1] values = {'Category': 'System Account'} if hashType == '1': # MD5 print_debug('INFO', '[+] Hash type MD5 detected ...') elif hashType == '2': print_debug('INFO', '[+] Hash type Blowfish detected ...') elif hashType == '5': print_debug('INFO', '[+] Hash type SHA-256 detected ...') elif hashType == '6': # ShA-512 => used by all modern computers print_debug('INFO', '[+] Hash type SHA-512 detected ...') salt = cryptPwd.split("$")[2] realSalt = "$" + hashType + "$" + salt + "$" # -------------------------- Dictionary attack -------------------------- print_debug('INFO', 'Dictionnary Attack on the hash !!! ') try: for word in dic: try: cryptWord = crypt.crypt(word, realSalt) except Exception,e: print_debug('DEBUG', '{0}'.format(e)) cryptWord = '' if cryptWord == cryptPwd: values['User'] = user values['password'] = word self.pwdFound.append(values) return except (KeyboardInterrupt, SystemExit): print 'INTERRUPTED!' print_debug('DEBUG', 'Dictionnary attack interrupted') except Exception,e: print_debug('DEBUG', '{0}'.format(e))
def attack(self, user, cryptPwd): # By default 500 most famous passwords are used for the dictionary attack dic = get_dico() # add the user on the list to found weak password (login equal password) dic.insert(0, user) # file for dictionary attack entered if constant.path: if os.path.exists(constant.path): dic = self.get_dic(constant.path) else: print_debug('WARNING', 'The file does not exist: %s' % str(constant.path)) # Different possible hash type # ID | Method # -------------------------------------------------------------------------- # 1 | MD5 # 2 | Blowfish (not in mainline glibc; added in some Linux distributions) # 5 | SHA-256 (since glibc 2.7) # 6 | SHA-512 (since glibc 2.7) hashType = cryptPwd.split("$")[1] values = {'Category': 'System Account'} if hashType == '1': # MD5 print_debug('INFO', '[+] Hash type MD5 detected ...') elif hashType == '2': print_debug('INFO', '[+] Hash type Blowfish detected ...') elif hashType == '5': print_debug('INFO', '[+] Hash type SHA-256 detected ...') elif hashType == '6': # ShA-512 => used by all modern computers print_debug('INFO', '[+] Hash type SHA-512 detected ...') salt = cryptPwd.split("$")[2] realSalt = "$" + hashType + "$" + salt + "$" # -------------------------- Dictionary attack -------------------------- print_debug('INFO', 'Dictionary Attack on the hash !!! ') try: for word in dic: try: cryptWord = crypt.crypt(word, realSalt) except Exception,e: print_debug('DEBUG', '{0}'.format(e)) cryptWord = '' if cryptWord == cryptPwd: values['User'] = user values['password'] = word self.pwdFound.append(values) return except (KeyboardInterrupt, SystemExit): print 'INTERRUPTED!' print_debug('DEBUG', 'Dictionary attack interrupted') except Exception,e: print_debug('DEBUG', '{0}'.format(e))
def dictionary_attack(self, login, md5): wordlist = get_dico() # if the user specify the file path if constant.path: wordlist += self.get_dic_file(constant.path) for word in wordlist: hash = hashlib.md5("%s\nskyper\n%s" % (login, word)).hexdigest() if hash == md5: return word return False
def dictionary_attack(self, login, md5): wordlist = get_dico() # if the user specify the file path if constant.path: wordlist += self.get_dic_file(constant.path) for word in wordlist: hash = hashlib.md5('%s\nskyper\n%s' % (login, word)).hexdigest() if hash == md5: return word return False
def __init__(self, address, system=False, security=False, sam=False, ntds=False, history=False): self.__remoteAddr = address self.__lmhash = '' self.__nthash = '' self.__SAMHashes = None self.__NTDSHashes = None self.__LSASecrets = None self.__systemHive = system self.__securityHive = security self.__samHive = sam self.__ntdsFile = ntds self.__history = history self.__noLMHash = True self.__isRemote = False self.categoryName = '' self.wordlist = get_dico() + constant.passwordFound
for p in f: if self.is_masterpassword_correct(p.strip())[0]: print_debug('FIND', 'Master password found: %s' % p.strip()) return p.strip() except (KeyboardInterrupt, SystemExit): print 'INTERRUPTED!' print_debug('DEBUG', 'Dictionnary attack interrupted') except Exception,e: print_debug('DEBUG', '{0}'.format(e)) print_debug('WARNING', 'The Master password has not been found using the dictionnary attack') # 500 most used passwords if 'd' in self.toCheck: wordlist = get_dico() + constant.passwordFound num_lines = (len(wordlist)-1) print_debug('ATTACK', '%d most used passwords !!! ' % num_lines) for word in wordlist: if self.is_masterpassword_correct(word)[0]: print_debug('FIND', 'Master password found: %s' % word.strip()) return word print_debug('WARNING', 'No password has been found using the default list') # brute force attack if 'b' in self.toCheck: charset_list = 'abcdefghijklmnopqrstuvwxyz1234567890!?' tab = [i for i in charset_list]
return True except (KeyboardInterrupt, SystemExit): print 'INTERRUPTED!' print_debug('DEBUG', 'Dictionnary attack interrupted') except Exception, e: print_debug('DEBUG', '{0}'.format(e)) pass print_debug( 'WARNING', 'The Master password has not been found using the dictionnary attack' ) # 500 most used passwords if 'd' in self.toCheck: wordlist = get_dico() + constant.passwordFound num_lines = (len(wordlist) - 1) print_debug('ATTACK', '%d most used passwords !!! ' % num_lines) for word in wordlist: if self.is_masterpassword_correct(word): print_debug('FIND', 'Master password found: %s\n' % word.strip()) return True print_debug('WARNING', 'No password has been found using the default list') # brute force attack if 'b' in self.toCheck: charset_list = 'abcdefghijklmnopqrstuvwxyz1234567890!?'