コード例 #1
0
ファイル: ntlmv2.py プロジェクト: CoalfireLabs/Doozer
    def check(self, value, initial_check=True):
        """
        """

        valid = True

        # check if it's malformed
        try:
            ntlm = value.split(':')[4]
            if len(ntlm) != 32:
                valid = false
        except:
            valid = False

        # check header
        if valid and not self.checktype()[0]:
            valid = False

        if not initial_check and valid and ntlm not in self.cracked_hashes:
            tmp = util.check_doozer(ntlm, self.type)
            if tmp:
                self.cracked(ntlm, tmp)
                valid = False

        if not initial_check and valid:
            # write out the entire line, because we need it
            util.msg("Appending hash %s" % value.upper())
            self.hashes.append(value.upper())
            self.clean_hash += 1

        if not initial_check:
            self.start_hash += 1

        return valid
コード例 #2
0
    def check(self, value, initial_check=True):
        """
        """

        valid = True

        # check if it's malformed
        try:
            ntlm = value.split(':')[4]
            if len(ntlm) != 32:
                valid = false
        except:
            valid = False

        # check header
        if valid and not self.checktype()[0]:
            valid = False

        if not initial_check and valid and ntlm not in self.cracked_hashes:
            tmp = util.check_doozer(ntlm, self.type)
            if tmp:
                self.cracked(ntlm, tmp)
                valid = False

        if not initial_check and valid:
            # write out the entire line, because we need it
            util.msg("Appending hash %s" % value.upper())
            self.hashes.append(value.upper())
            self.clean_hash += 1

        if not initial_check:
            self.start_hash += 1

        return valid
コード例 #3
0
ファイル: doozer.py プロジェクト: CoalfireLabs/Doozer
def readData():
    """ Reads in the supplied hash file and builds a list, one line per
    """

    master_input = None
    try:
        with open(settings.hash_file, "r") as f:
            master_input = [x.strip() for x in f.readlines()]
    except Exception, e:
        msg("FATAL: %s" % e, ERROR)
        sys.exit(1)
コード例 #4
0
def readData():
    """ Reads in the supplied hash file and builds a list, one line per
    """

    master_input = None
    try:
        with open(settings.hash_file, "r") as f:
            master_input = [x.strip() for x in f.readlines()]
    except Exception, e:
        msg("FATAL: %s" % e, ERROR)
        sys.exit(1)
コード例 #5
0
ファイル: doozer.py プロジェクト: CoalfireLabs/Doozer
    def _path_check(self):
        """ Validates file/folder locations defined in main
        """

        bpath = None
        if not os.path.exists(sethor.OPHCRACK_TABLES):
            bpath = sethor.OPHCRACK_TABLES
        elif not os.path.exists(sethor.WORDLIST_DIR):
            bpath = sethor.WORDLIST_DIR
        elif not os.path.exists(sethor.HASHCAT_BINARY):
            bpath = sethor.HASHCAT_BINARY
        elif not os.path.exists(sethor.HASHCAT_DIR):
            bpath = sethor.HASHCAT_DIR

        if bpath:
            msg("%s is an invalid path." % bpath, ERROR)
            sys.exit(1)
コード例 #6
0
    def _path_check(self):
        """ Validates file/folder locations defined in main
        """

        bpath = None
        if not os.path.exists(sethor.OPHCRACK_TABLES):
            bpath = sethor.OPHCRACK_TABLES
        elif not os.path.exists(sethor.WORDLIST_DIR):
            bpath = sethor.WORDLIST_DIR
        elif not os.path.exists(sethor.HASHCAT_BINARY):
            bpath = sethor.HASHCAT_BINARY
        elif not os.path.exists(sethor.HASHCAT_DIR):
            bpath = sethor.HASHCAT_DIR

        if bpath:
            msg("%s is an invalid path." % bpath, ERROR)
            sys.exit(1)
コード例 #7
0
ファイル: doozer.py プロジェクト: CoalfireLabs/Doozer
def main():
    """ 
    """
    
    # load all of our hash modules and read data
    attacks = loadAttacks()
    data = readData()

    if len(data) <= 0:
        # why?
        return

    for attack in attacks:
        
        # our attack needs to know about its potential session first 
        attack.session = settings.session
        attack.session_home = settings.session_home
        attack.hash_file = settings.hash_file

        #
        # Iterate over each attack until check returns True; this means
        # that we've identified the hash type and are ready to start cracking
        #
        if attack.check(data[0]):
    
            for entry in data:
                # iterate over each value and let the attack module
                # determine if the hash is acceptable or not
                attack.check(entry, False)

            msg("Starting attack on type %s" % attack.type)

            # set our pot file
            settings.pot_file = "%s/%s/%s.pot" % (sethor.WORKING_DIR, 
                                                  settings.session,
                                                  attack.type)

            # go go gadget hashcat
            attack.run()
            break

    # update doozer database with cracked hashes
    util.update_doozer(settings)
    msg("Cracked %d passwords" % len(attack.cracked_hashes))
コード例 #8
0
    def run(self):
        """
        """

        rules = self.getRules()

        for rule in rules:

            # write out our current to-crack hashes
            self.dump()

            # run the rule
            try:
                util.msg("Running %s" % rule)
                os.system(rules[rule])
            except Exception, e:
                util.msg("rule '%s' failed: %s" % (rule, e))
                continue

            # check if we cracked any and, if we did, remove them from our
            # list of hashes and update the pot file
            if os.path.exists("%s/%s.cracked" %
                              (self.session_home, self.type)):

                with open("%s/%s.cracked" %
                          (self.session_home, self.type)) as f:

                    lines = []
                    for line in f.readlines():
                        try:
                            # parse the cracked line out as per attack spec
                            (hsh, p) = self.parseCracked(line)
                            fdata = '%s:%s:%s' % (hsh, p, self.type)

                            # remove hash from local structure and add to cracked list
                            lines.append(fdata)
                            self.hashes.remove(hsh)
                            self.cracked_hashes.append(fdata)
                        except:
                            pass

                os.system("rm %s/%s.cracked" % (self.session_home, self.type))
            os.system("rm %s/%s.list" % (self.session_home, self.type))
コード例 #9
0
def main():
    """ 
    """

    # load all of our hash modules and read data
    attacks = loadAttacks()
    data = readData()

    if len(data) <= 0:
        # why?
        return

    for attack in attacks:

        # our attack needs to know about its potential session first
        attack.session = settings.session
        attack.session_home = settings.session_home
        attack.hash_file = settings.hash_file

        #
        # Iterate over each attack until check returns True; this means
        # that we've identified the hash type and are ready to start cracking
        #
        if attack.check(data[0]):

            for entry in data:
                # iterate over each value and let the attack module
                # determine if the hash is acceptable or not
                attack.check(entry, False)

            msg("Starting attack on type %s" % attack.type)

            # set our pot file
            settings.pot_file = "%s/%s/%s.pot" % (
                sethor.WORKING_DIR, settings.session, attack.type)

            # go go gadget hashcat
            attack.run()
            break

    # update doozer database with cracked hashes
    util.update_doozer(settings)
    msg("Cracked %d passwords" % len(attack.cracked_hashes))
コード例 #10
0
ファイル: generic_hash.py プロジェクト: CoalfireLabs/Doozer
    def run(self):
        """
        """

        rules = self.getRules()

        for rule in rules:

            # write out our current to-crack hashes
            self.dump()

            # run the rule
            try:
                util.msg("Running %s" % rule)
                os.system(rules[rule])
            except Exception, e:
                util.msg("rule '%s' failed: %s" % (rule, e)) 
                continue

            # check if we cracked any and, if we did, remove them from our
            # list of hashes and update the pot file
            if os.path.exists("%s/%s.cracked" % (self.session_home, self.type)):
                
                with open("%s/%s.cracked" % ( self.session_home, self.type)) as f:

                    lines = []
                    for line in f.readlines():
                        try:
                            # parse the cracked line out as per attack spec
                            (hsh, p) = self.parseCracked(line)
                            fdata = '%s:%s:%s' % (hsh, p, self.type)

                            # remove hash from local structure and add to cracked list
                            lines.append(fdata)
                            self.hashes.remove(hsh)
                            self.cracked_hashes.append(fdata)
                        except:
                            pass

                os.system("rm %s/%s.cracked" % (self.session_home, self.type))
            os.system("rm %s/%s.list" % (self.session_home, self.type))
コード例 #11
0
    def run(self):
        """ Override default behavior because the way we crack and store NTLMv2 hashes
        is different than the base case.
        """

        rules = self.getRules()

        for rule in rules:

            # write out current to-crack hashes
            self.dump()

            try:
                util.msg("Running %s" % rule)
                os.system(rules[rule])
            except Exception, e:
                util.msg("rule '%s' failed: %s" % (rule, e))
                continue

            if os.path.exists("%s/%s.cracked" %
                              (self.session_home, self.type)):

                with open("%s/%s.cracked" %
                          (self.session_home, self.type)) as f:

                    for line in f.readlines():
                        try:
                            (hsh, p) = self.parseCracked(line)
                            fdata = "%s:%s:%s" % (hsh, p, self.type)
                            util.msg("Created fdata %s from line %s" %
                                     (fdata, line))
                            # remove hash from local struct; hashcat appends the pwd
                            # to the end, so we need to rebuild
                            self.hashes.remove(':'.join(
                                line.split(':')[:-1]).upper())
                            self.cracked_hashes.append(fdata)
                        except Exception, e:
                            util.msg("Failed to format cracked line '%s': %s" %
                                     (line, e))

                os.system("rm %s/%s.cracked" % (self.session_home, self.type))
コード例 #12
0
ファイル: ntlmv2.py プロジェクト: CoalfireLabs/Doozer
    def run(self):
        """ Override default behavior because the way we crack and store NTLMv2 hashes
        is different than the base case.
        """

        rules = self.getRules()

        for rule in rules:

            # write out current to-crack hashes
            self.dump()

            try:
                util.msg("Running %s" % rule)
                os.system(rules[rule])
            except Exception, e:
                util.msg("rule '%s' failed: %s" % (rule, e))
                continue

            if os.path.exists("%s/%s.cracked" % (self.session_home, self.type)):

                with open("%s/%s.cracked" % (self.session_home, self.type)) as f:
                    
                    for line in f.readlines():
                        try:
                            (hsh, p) = self.parseCracked(line)
                            fdata = "%s:%s:%s" % (hsh, p, self.type)
                            util.msg("Created fdata %s from line %s" % (fdata, line)) 
                            # remove hash from local struct; hashcat appends the pwd
                            # to the end, so we need to rebuild
                            self.hashes.remove(':'.join(line.split(':')[:-1]).upper())
                            self.cracked_hashes.append(fdata)
                        except Exception, e:
                            util.msg("Failed to format cracked line '%s': %s" % (line, e))

                os.system("rm %s/%s.cracked" % (self.session_home, self.type))
コード例 #13
0
ファイル: doozer.py プロジェクト: CoalfireLabs/Doozer
    """ Parse arguments to doozer 
    """

    parser = ArgumentParser(usage="[options]")
    parser.add_argument("-p", help="pwdump file", action='store', dest='pwdump',
                        required=True)
    parser.add_argument("-s", help="Session name", action='store', dest='session')

    options = parser.parse_args()

    return options


if __name__ == "__main__":
    """
    """

    if platform.system() == 'Windows':
        sys.exit(0)

    if os.geteuid() is not 0:
        sys.exit(0)

    options = parse_args()
    settings = Settings()
    settings.configure(options)

    # run
    main()
    msg("Session %s successfully completed." % settings.session)
コード例 #14
0
                        action='store',
                        dest='pwdump',
                        required=True)
    parser.add_argument("-s",
                        help="Session name",
                        action='store',
                        dest='session')

    options = parser.parse_args()

    return options


if __name__ == "__main__":
    """
    """

    if platform.system() == 'Windows':
        sys.exit(0)

    if os.geteuid() is not 0:
        sys.exit(0)

    options = parse_args()
    settings = Settings()
    settings.configure(options)

    # run
    main()
    msg("Session %s successfully completed." % settings.session)