def create_wordlist(warning=True, verbose=False, add=False): """ Create a bruteforcing wordlist > :param max_length: max amount of words to have > :param max_word_length: how long the words should be > :param warning: output the warning message to say that BF'ing sucks > :return: a wordlist """ max_length, max_word_length, dirname = 10000000, 10, "bf-dicts" if add: max_word_length += 2 warn_msg = ( "It is highly advised to use a dictionary attack over bruteforce. " "Bruteforce requires extreme amounts of memory to accomplish and " "it is possible that it could take a lifetime to successfully " "crack your hash. To run a dictionary attack all you need to do is" " pass the wordlist switch ('-w/--wordlist PATH') with the path to " "your wordlist. (IE: --bruteforce -w ~/dicts/dict.txt)") if warning: LOGGER.warning(warn_msg) if verbose: LOGGER.debug( "Creating {} words with a max length of {} characters".format( max_length, max_word_length)) create_dir(dirname, verbose=verbose) with open(dirname + "/" + WORDLIST_NAME, "a+") as lib: word = Generators().word_generator(length_max=max_word_length) lib.seek(0, 0) line_count = len(lib.readlines()) try: for _ in range(line_count, max_length): lib.write(next(word) + "\n") except StopIteration: # SHOULD NEVER GET HERE # if we run out of mutations we'll retry with a different word length lib.seek(0, 0) err_msg = ( "Ran out of mutations at {} mutations. You can try upping " "the max length or just use what was processed. If you " "make the choice not to continue the program will add +2 " "to the max length and try to create the wordlist again.." ).format(len(lib.readlines())) LOGGER.error(err_msg) q = prompt("Would you like to continue", "y/N") if not q.startswith(("y", "Y")): lib.truncate(0) create_wordlist(warning=False, add=True) LOGGER.info( "Wordlist generated, words saved to: {}. Please re-run the application, exiting.." .format(WORDLIST_NAME)) shutdown()
def create_wordlist(max_length=10000000, max_word_length=10, warning=True, perms=""): """ Create a bruteforcing wordlist > :param max_length: max amount of words to have > :param max_word_length: how long the words should be > :param warning: output the warning message to say that BF'ing sucks > :return: a wordlist """ warn_msg = "It is highly advised to use a dictionary attack over bruteforce. " warn_msg += "Bruteforce requires extreme amounts of memory to accomplish and " warn_msg += "it is possible that it could take a lifetime to successfully crack " warn_msg += "your hash. To run a dictionary attack all you need to do is pass " warn_msg += "the wordlist switch ('--wordlist PATH') with the path to your wordlist. " warn_msg += "(IE: --bruteforce --wordlist ~/dicts/dict.txt)" if warning is True: LOGGER.warning(warn_msg) with open(WORDLIST_NAME, "a+") as lib: word = word_generator(length_max=max_word_length, perms=perms) lib.seek(0, 0) line_count = len(lib.readlines()) try: for _ in range(line_count, max_length): lib.write(next(word) + "\n") except StopIteration: # if we run out of mutations we'll retry with a different word length lib.seek(0, 0) err_msg = "Ran out of mutations at {} mutations. You can try upping the max length ".format( len(lib.readlines())) err_msg += "or just use what was processed. If you make the choice not to continue " err_msg += "the program will add +2 to the max length and try to create the wordlist again.." LOGGER.error(err_msg) q = prompt("Would you like to continue", "y/N") if q.lower().startswith("y"): pass else: lib.truncate(0) create_wordlist(max_word_length=max_length + 2, warning=False) LOGGER.info( "Wordlist generated, words saved to: {}. Please re-run the application, exiting.." .format(WORDLIST_NAME)) shutdown()
def bruteforce_main(verf_hash, algorithm=None, wordlist=None, salt=None, placement=None, all_algs=False): """ Main function to be used for bruteforcing a hash """ wordlist_created = False if wordlist is None: for item in os.listdir(os.getcwd()): if WORDLIST_RE.match(item): wordlist_created = True wordlist = item if wordlist_created is True: pass else: LOGGER.info("Creating wordlist..") create_wordlist() else: LOGGER.info("Reading from, {}..".format(wordlist)) if algorithm is None: hash_type = verify_hash_type(verf_hash, least_likely=all_algs) LOGGER.info("Found {} possible hash types to run against {} ".format(len(hash_type), hash_type)) for alg in hash_type: LOGGER.info("Starting bruteforce with {}..".format(alg.upper())) bruteforcing = hash_words(verf_hash, wordlist, alg, salt=salt, placement=placement) if bruteforcing is None: LOGGER.warning("Unable to find a match for '{}', using {}..".format(verf_hash, alg.upper())) else: match_found(bruteforcing) break else: LOGGER.info("Using algorithm, {}..".format(algorithm.upper())) results = hash_words(verf_hash, wordlist, algorithm, salt=salt, placement=placement) if results is None: LOGGER.warning("Unable to find a match using {}..".format(algorithm.upper())) verifiy = prompt("Would you like to attempt to verify the hash type automatically and crack it", "y/N") if verifiy.lower().startswith("y"): bruteforce_main(verf_hash, wordlist=wordlist, salt=salt, placement=placement) else: LOGGER.warning("Unable to produce a result for given hash '{}' using {}.. Exiting..".format( verf_hash, algorithm.upper())) else: match_found(results)
else: try: # Check that you provided a mandatory argument for i, _ in enumerate(sys.argv): if sys.argv[i] in required_args: args_in_params += 1 # If you provided an argument continue.. if args_in_params > 0: if opt.downloadWordList is True: download_rand_wordlist() # Benchmark testing if opt.runBenchMarkTest is True: start_time = time.time() LOGGER.info("Benchmark test start: {}".format(start_time)) # Creating random salts and random placements if opt.randomSaltAndPlacement is True: salt, placement = random_salt_generator( opt.useCharsAsSalt, opt.useIntAsSalt, opt.saltSizeToUse) LOGGER.info( "Using random salt: '{}' and random placement: '{}'..." .format(salt, placement)) # If you provided your own salt and your own placements elif opt.saltToUseAndPlacement is not None: salt, placement = opt.saltToUseAndPlacement[ 0], opt.saltToUseAndPlacement[1].lower() LOGGER.info(
subprocess.call("python dagon.py --help", shell=True) else: try: # Download a random wordlist if opt.downloadWordList is True: download_rand_wordlist() exit(0) # Output all supported algorithms if opt.showAvailableAlgorithms is True: show_available_algs(show_all=opt.showAllAlgorithms) exit(0) # Display the version and exit if opt.displayVersionInfo is True: LOGGER.info(VERSION_STRING) exit(0) # Update Dagon if opt.updateDagon is True: LOGGER.info("Update in progress..") update_status = update_system() if update_status == 1: LOGGER.info("Dagon is already equal with origin master.") elif update_status == -1: LOGGER.error( "Dagon experienced an error while updating, please download manually from: {}" .format(CLONE)) else: LOGGER.info( "Dagon has successfully updated to the latest version."
show_banner() if opt.hideBanner else show_hidden_banner() if len(sys.argv) <= 1: LOGGER.fatal( "You have failed to provide a flag to the application and have been redirected to the help menu." ) time.sleep(1.7) subprocess.call("python dagon.py --help", shell=True) else: try: if opt.testProgramIntegrity: status = integrity_check() if status: LOGGER.info( "Integrity check has passed successfully, there are no updates " "available at the moment and you are running the latest version." ) exit(0) # Download a random wordlist if opt.downloadWordList or opt.downloadMultiple: download_rand_wordlist(verbose=opt.runInVerbose, multi=opt.downloadMultiple if opt.downloadMultiple is not None else 1) exit(0) # Output all supported algorithms if opt.showAvailableAlgorithms: show_available_algs(show_all=opt.showAllAlgorithms) exit(0)
def bruteforce_main(verf_hash, algorithm=None, wordlist=None, salt=None, placement=None, all_algs=False, posx="", use_hex=False, verbose=False, batch=False, rounds=10): """ Main function to be used for bruteforcing a hash """ wordlist_created = False if wordlist is None: create_dir("bf-dicts", verbose=verbose) for item in os.listdir(os.getcwd() + "/bf-dicts"): if WORDLIST_RE.match(item): wordlist_created = True wordlist = "{}/bf-dicts/{}".format(os.getcwd(), item) if not wordlist_created: LOGGER.info("Creating wordlist..") create_wordlist(verbose=verbose) else: LOGGER.info("Reading from, {}..".format(wordlist)) if algorithm is None: hash_type = verify_hash_type(verf_hash, least_likely=all_algs) LOGGER.info( "Found {} possible hash type(s) to run against: {} ".format( len(hash_type) - 1 if hash_type[1] is None else len(hash_type), hash_type[0] if hash_type[1] is None else hash_type)) for alg in hash_type: if alg is None: err_msg = ( "Ran out of algorithms to try. There are no more " "algorithms currently available that match this hashes " "length, and complexity.") LOGGER.fatal(err_msg.format(DAGON_ISSUE_LINK)) break else: if ":::" in verf_hash: LOGGER.debug( "It appears that you are trying to crack an '{}' hash, " "these hashes have a certain sequence to them that looks " "like this 'USERNAME:SID:LM_HASH:NTLM_HASH:::'. What you're " "wanting is the NTLM part, of the hash, fix your hash and try " "again..".format(alg.upper())) shutdown(1) LOGGER.info("Starting bruteforce with {}..".format( alg.upper())) bruteforcing = hash_words(verf_hash, wordlist, alg, salt=salt, placement=placement, posx=posx, use_hex=use_hex, verbose=verbose, rounds=rounds) if bruteforcing is None: LOGGER.warning( "Unable to find a match for '{}', using {}..".format( verf_hash, alg.upper())) else: match_found(bruteforcing) break else: LOGGER.info("Using algorithm, {}..".format(algorithm.upper())) results = hash_words(verf_hash, wordlist, algorithm, salt=salt, placement=placement, posx=posx, verbose=verbose) if results is None: LOGGER.warning("Unable to find a match using {}..".format( algorithm.upper())) if not batch: verify = prompt( "Would you like to attempt to verify the hash type automatically and crack it", "y/N") else: verify = "n" if verify.startswith(("y", "Y")): bruteforce_main(verf_hash, wordlist=wordlist, salt=salt, placement=placement, posx=posx, use_hex=use_hex, verbose=verbose) else: LOGGER.warning( "Unable to produce a result for given hash '{}' using {}.." .format(verf_hash, algorithm.upper())) else: match_found(results)
def bruteforce_main(verf_hash, algorithm=None, wordlist=None, salt=None, placement=None, all_algs=False, perms="", posx="", use_hex=False): """ Main function to be used for bruteforcing a hash """ wordlist_created = False if wordlist is None: for item in os.listdir(os.getcwd()): if WORDLIST_RE.match(item): wordlist_created = True wordlist = item if wordlist_created is True: pass else: LOGGER.info("Creating wordlist..") create_wordlist(perms=perms) else: LOGGER.info("Reading from, {}..".format(wordlist)) if algorithm is None: hash_type = verify_hash_type(verf_hash, least_likely=all_algs) LOGGER.info("Found {} possible hash types to run against: {} ".format( len(hash_type) - 1 if hash_type[1] is None else len(hash_type), hash_type[0] if hash_type[1] is None else hash_type)) for alg in hash_type: if alg is None: err_msg = "Ran out of algorithms to try. There are no more algorithms " err_msg += "currently available that match this hashes length, and complexity. " err_msg += "Please attempt to use your own wordlist (switch '--wordlist'), " err_msg += "download one (switch '--download'), use salt (switch '-S SALT'), " err_msg += "or find the algorithm type and create a issue here {}.. " LOGGER.fatal(err_msg.format(DAGON_ISSUE_LINK)) break else: if ":" in verf_hash: LOGGER.debug( "It appears that you are trying to crack an '{}' hash, " "these hashes have a certain sequence to them that looks " "like this 'USERNAME:SID:LM_HASH:NTLM_HASH:::'. What you're " "wanting is the NTLM part, of the hash, fix your hash and try " "again..".format(alg.upper())) shutdown(1) LOGGER.info("Starting bruteforce with {}..".format( alg.upper())) bruteforcing = hash_words(verf_hash, wordlist, alg, salt=salt, placement=placement, posx=posx, use_hex=use_hex) if bruteforcing is None: LOGGER.warning( "Unable to find a match for '{}', using {}..".format( verf_hash, alg.upper())) else: match_found(bruteforcing) break else: LOGGER.info("Using algorithm, {}..".format(algorithm.upper())) results = hash_words(verf_hash, wordlist, algorithm, salt=salt, placement=placement, posx=posx) if results is None: LOGGER.warning("Unable to find a match using {}..".format( algorithm.upper())) verifiy = prompt( "Would you like to attempt to verify the hash type automatically and crack it", "y/N") if verifiy.lower().startswith("y"): bruteforce_main(verf_hash, wordlist=wordlist, salt=salt, placement=placement, posx=posx, use_hex=use_hex) else: LOGGER.warning( "Unable to produce a result for given hash '{}' using {}.. Exiting.." .format(verf_hash, algorithm.upper())) else: match_found(results)