def post(self): """ HcStat from dictionary """ args = makeMarkovFromDictionary_parser.parse_args(request) dict = FcDictionary.query.filter( FcDictionary.id == args['dictionary_id']).first() if not dict: abort(500, 'Can not find selected dictionary.') filename = secure_filename(args['name']) path = os.path.join(HCSTATS_DIR, filename) + '.hcstat2' # make hcstat2 file shellExec(HASHCAT_UTILS_PATH + '/hcstat2gen.' + EXE_OR_BIN + ' ' + path + '_tmp < ' + os.path.join(DICTIONARY_DIR, dict.name)) # comprime hcstat2 file shellExec('xz --compress --format=raw --stdout -9e ' + path + '_tmp > ' + path) # delete non-comprimed file os.remove(path + '_tmp') hcstats = FcHcstat(name=filename + '.hcstat2', path=path) try: db.session.add(hcstats) db.session.commit() except exc.IntegrityError as e: db.session().rollback() abort(500, 'HcStats with name ' + filename + ' already exists.') return { 'status': True, 'message': 'HcStat file with name ' + filename + ' created.' }
def post(self): """ Spravi slovník so suboru """ args = dictionaryFromFile_parser.parse_args(request) files = args.get('files') for file in files: if not allowed_file(file['name'], ALLOWED_EXTENSIONS): abort(500, 'Wrong file format ' + file['name']) newName = Path(file['name']).stem + '_' + str(int(time.time())) + Path(file['name']).suffix newPath = os.path.join(DICTIONARY_DIR, newName ) os.symlink(file['path'], newPath) hc_keyspace = int(shellExec(HASHCAT_PATH + ' --keyspace -a 0 ' + newPath, cwd=HASHCAT_DIR)) dictionary = FcDictionary(name=file['name'], path=newName, keyspace=hc_keyspace) try: db.session.add(dictionary) db.session.commit() except exc.IntegrityError as e: db.session().rollback() abort(500, 'Dictionary with name ' + file['filename'] + ' already exists.') return { 'message': 'Dictionaries successfuly uploaded.', 'status': True }
def post(self): """ Nahrava slovník na server """ # check if the post request has the file part if 'file' not in request.files: abort(500, 'No file part') return redirect(request.url) file = request.files['file'] # if user does not select file, browser also # submit a empty part without filename if file.filename == '': abort(500, 'No selected file') uploadedFile = fileUpload(file, DICTIONARY_DIR, ALLOWED_EXTENSIONS) if uploadedFile: hc_keyspace = int(shellExec(HASHCAT_PATH + ' --keyspace -a 0 ' + os.path.join(DICTIONARY_DIR, uploadedFile['path']), cwd=HASHCAT_DIR)) dictionary = FcDictionary(name=uploadedFile['filename'], path=uploadedFile['path'], keyspace=hc_keyspace) try: db.session.add(dictionary) db.session.commit() except exc.IntegrityError as e: db.session().rollback() abort(500, 'Dictionary with name ' + uploadedFile['filename'] + ' already exists.') return { 'message': 'Dictionary ' + uploadedFile['filename'] + ' successfuly uploaded.', 'status': True } else: abort(500, 'Wrong file format')
def compute_prince_keyspace(attackSettings): run_cmd = ["cat"] for dict in attackSettings['left_dictionaries']: run_cmd.append(os.path.join(DICTIONARY_DIR, dict['name'])) run_cmd.append("|") run_cmd.append(PRINCE_PROCESSOR_PATH) if attackSettings['case_permute']: run_cmd.append("--case-permute") if not attackSettings['check_duplicates']: run_cmd.append("--dupe-check-disable") if attackSettings['min_password_len']: run_cmd.append("--pw-min=" + str(attackSettings['min_password_len'])) if attackSettings['max_password_len']: run_cmd.append("--pw-max=" + str(attackSettings['max_password_len'])) if attackSettings['min_elem_in_chain']: run_cmd.append("--elem-cnt-min=" + str(attackSettings['min_elem_in_chain'])) if attackSettings['max_elem_in_chain']: run_cmd.append("--elem-cnt-max=" + str(attackSettings['max_elem_in_chain'])) run_cmd.append("--keyspace") compute_keyspace_command = ' '.join(run_cmd) print(compute_keyspace_command) try: return int(shellExec(compute_keyspace_command)) except Exception: return -1
def isComponentRunning(compName): out = shellExec("ps -ef | grep " + compName + " | grep -v grep") return True if len(out.splitlines()) >= 1: return True return False
def createPcfgGrammarBin(pcfgFileNameZip): test = PCFG_MANAGER_DIR + ' marshal -r ' \ + os.path.join(PCFG_DIR, extractNameFromZipfile(pcfgFileNameZip)) \ + ' -o ' + os.path.join(PCFG_DIR, extractNameFromZipfile(pcfgFileNameZip)) \ + '/grammar.bin' pcfgKeyspace = shellExec(PCFG_MANAGER_DIR + ' marshal -r ' \ + os.path.join(PCFG_DIR, extractNameFromZipfile(pcfgFileNameZip)) \ + ' -o ' + os.path.join(PCFG_DIR, extractNameFromZipfile(pcfgFileNameZip)) \ + '/grammar.bin')
def getHashFromFile(filename, path): res = shellExec('python3 ' + XTOHASHCAT_EXECUTABLE + ' ' + os.path.join(PROTECTEDFILES_DIR, path), cwd=XTOHASHCAT_PATH, getReturnCode=True) if res['returnCode'] == 2: abort(500, 'Hashcat doesn\'t support PKZIP.') if res['returnCode'] != 0: abort(500, 'Could not extract hash from file.') res = res['msg'].split('\n') return {'hash': res[0], 'hash_type': res[1]}
def getTable(tableName): out = shellExec(HASHCAT_PATH + " --help") twoNewLines = os.linesep + os.linesep hashtypes = getStringBetween(out, "- [ " + tableName + " ] -" + twoNewLines, twoNewLines) hashtypes = parserAsciiTable(hashtypes) return hashtypes
def get(self): """ Operácie so serverom (reštart, štart,stop) """ args = operation.parse_args(request) action = args.get('operation') if action == "start": out = shellExec('/usr/bin/python ' + PROJECT_DIR + '/bin/start') elif action == "stop": out = shellExec('/usr/bin/python ' + PROJECT_DIR + '/bin/stop') elif action == "restart": out = shellExec('/usr/bin/python ' + PROJECT_DIR + '/bin/stop') out = shellExec('/usr/bin/python ' + PROJECT_DIR + '/bin/start') else: abort(400, "Bad operation " + action) return { "status": True, "message": "Operation " + action + " finished sucesfull." }
def verifyHashFormat(hash, hash_type, abortOnFail=False, binaryHash=False): hashes = [] settings = FcSetting.query.first() if not settings.verify_hash_format: with open(hash, "r") as hashFile: hashes = [(hash.strip() + " OK") for hash in hashFile.readlines()] else: result = shellExec(HASHVALIDATOR_PATH + ' -m ' + hash_type + ' ' + "'" + hash + "'", getReturnCode=True) if result['returnCode'] != 0: abort(500, 'Error in hashValidator.') hashes = result['msg'].rstrip().split('\n') hashesArr = [] hasError = False for hash in hashes: hashArr = hash.split(' ') isInCache = False dbHash = FcHash.query.filter(FcHash.hash == bytes(hashArr[0], 'utf8'), FcHash.result != None).first() if dbHash: isInCache = True if abortOnFail and hashArr[1] != 'OK': abort( 500, 'Hash ' + hashArr[0] + ' has wrong format (' + hashArr[1] + ' exception).') if binaryHash: hashArr[0] = binaryHash if hashArr[0] == '': hashesArr.append({ 'hash': hashArr[0], 'result': 'Empty hash', 'isInCache': False }) hasError = True else: hashesArr.append({ 'hash': hashArr[0], 'result': hashArr[1], 'isInCache': isInCache }) if hashArr[1] != 'OK': hasError = True return {'items': hashesArr, 'error': hasError}
def calculateKeyspace(pcfgFileNameZip): pcfgKeyspace = 0 pcfgKeyspace = shellExec( PCFG_MOWER_DIR + ' -i ' + os.path.join(PCFG_DIR, extractNameFromZipfile(pcfgFileNameZip))) # Keyspace control INT_MAX = sys.maxsize - 1 if int(pcfgKeyspace) >= INT_MAX: pcfgKeyspace = INT_MAX return pcfgKeyspace
def make_dict_from_mask(mask, filename=None): if not filename: filename = 'hybrid_attack' + str(int(time.time())) + '.txt' filename = secure_filename(filename) path = os.path.join(DICTIONARY_DIR, filename) print(MASK_PROCESSOR_PATH + ' ' + mask + ' -o ' + path) print(shellExec(MASK_PROCESSOR_PATH + ' ' + mask + ' -o ' + path)) dictionary = FcDictionary(name=filename, path=filename, keyspace=compute_keyspace_from_mask(mask), deleted=True) db.session.add(dictionary) db.session.commit() return dictionary
def get(self): """ Returns new logs. """ args = newLogs_argument.parse_args(request) lastLog = args.get('log', 1) logs = [] skip = 0 while True: fewLastLogs = shellExec( 'head -n -' + str(skip) + ' /app/log_fitcrack/work_generator.log | tail -n 100') if fewLastLogs == '': return {'items': []} fewLastLogs = fewLastLogs.split('\n') for log in reversed(fewLastLogs): if log.startswith('LOG:') or log.startswith( 'ERROR:') or log.startswith('WARN:'): if (lastLog == log): return {'items': logs} else: logs.append(log_parser(log)) skip += 100
def get(self): """ Returns logs. """ args = logs_argument.parse_args(request) skip = args.get('skip_count', 0) lastLog = args.get('last_log', None) while True: logs = shellExec( 'head -n -' + str(skip) + ' /app/log_fitcrack/work_generator.log | tail -n 100') if logs == '': return {'items': []} logs = logs.split('\n') results = [] for log in reversed(logs): if log == lastLog: return {'items': results} if log.startswith('LOG:') or log.startswith( 'ERROR:') or log.startswith('WARN:'): results.append(log_parser(log)) if not lastLog: return {'items': results} skip += 100
def moveGrammarToPcfgDir(nameWithExt): test = 'mv ' + PCFG_TRAINER_RULE_DIR + '/' + extractNameFromZipfile( nameWithExt) + ' ' + PCFG_DIR + '/' + extractNameFromZipfile( nameWithExt) pcfgMoveGrammar = shellExec(test)
def makePcfgFolder(nameWithExt): test = PCFG_TRAINER_DIR + ' --coverage 1.0 ' \ + ' --rule ' + extractNameFromZipfile(nameWithExt) \ + ' -t ' + os.path.join(DICTIONARY_DIR, nameWithExt) pcfgMakeGrammar = shellExec(test)
def process_package_3(package, hashcatKeyspace=True): if not package['attack_settings'].get('attack_submode'): package['attack_settings']['attack_submode'] = 0 # check masks syntax for mask in package['attack_settings']['masks']: check_mask_syntax(mask) # charsets hashcatArgs = '' charsetsSize = [] if package['attack_settings'].get('charset'): if len(package['attack_settings']['charset']) > 4: abort(500, 'Maximum of charsets files is 4.') for i, charset in enumerate(package['attack_settings']['charset'], 1): charsetPath = os.path.join(CHARSET_DIR, charset['name']) charsetsSize = dict() with open(charsetPath, 'rb') as f: content = f.read() charsetsSize[i] = len(content) hashcatArgs += ' -' + str(i) + ' ' + charsetPath hexCharset = content.hex() package['config'] += '|||charset' + str(i) + '|String|' + lenStr( hexCharset) + '|' + hexCharset + '|||\n' package['charset' + str(i) + '_id'] = charset['id'] # compute keyspace package['mask_table'] = [] package['keyspace'] = 0 package['hc_keyspace'] = 0 for (i, mask) in enumerate(package['attack_settings']['masks']): keyspace_for_mask = compute_keyspace_from_mask(mask, charsetsSize) hc_keyspace_for_mask = 0 if hashcatKeyspace: hc_keyspace_for_mask = shellExec( HASHCAT_PATH + ' -m ' + package['hash_settings']['hash_type'] + ' --keyspace -a 3 ' + mask + ' ' + hashcatArgs, cwd=HASHCAT_DIR, abortOnError=True) if hc_keyspace_for_mask == '': abort(500, 'Server can not compute keyspace for mask ' + mask) try: package['hc_keyspace'] += int(hc_keyspace_for_mask) except ValueError: abort(500, 'Hashcat says: "' + hc_keyspace_for_mask + '".') package['keyspace'] += keyspace_for_mask package['mask_table'].append({ 'mask': mask, 'keyspace': keyspace_for_mask, 'hc_keyspace': hc_keyspace_for_mask }) if package['attack_settings'].get('markov'): markov = FcHcstat.query.filter( FcHcstat.id == package['attack_settings']['markov']['id']).first() if not markov: abort(500, 'Wrong markov file selected.') if not os.path.exists(os.path.join(HCSTATS_DIR, markov.path)): abort(500, 'Markov file does not exist.') package['markov_hcstat'] = markov.name package['attack_settings']['attack_submode'] = 1 markovTreshold = package['attack_settings'][ 'markov_treshold'] if package['attack_settings'].get( 'markov_treshold' ) and package['attack_settings']['markov_treshold'] > 1 else None package['attack_name'] = 'mask' package['markov_threshold'] = markovTreshold return package
def readingFromFolderPostProcces(DictionaryModel): DictionaryModel.keyspace = int( shellExec(HASHCAT_PATH + ' --keyspace -a 0 "' + os.path.join(DICTIONARY_DIR, DictionaryModel.path + '"'), cwd=HASHCAT_DIR)) return DictionaryModel
def process_job_3(job, hashcatKeyspace=True): if not job['attack_settings'].get('attack_submode'): job['attack_settings']['attack_submode'] = 0 # check masks syntax for mask in job['attack_settings']['masks']: check_mask_syntax(mask) # charsets hashcatArgs = '' charsetsSize = {} if job['attack_settings'].get('charset'): if len(job['attack_settings']['charset']) > 4: abort(500, 'Maximum of charsets files is 4.') for i, charset in enumerate(job['attack_settings']['charset'], 1): charsetPath = os.path.join(CHARSET_DIR, charset['name'] + '.hcchr') charsetsSize = dict() with open(charsetPath, 'rb') as f: content = f.read() charsetsSize[i] = len(content) hashcatArgs += ' -' + str(i) + ' ' + charsetPath hexCharset = content.hex() job['charset' + str(i)] = hexCharset # compute keyspace if job['attack_settings'].get('markov_treshold') and job[ 'attack_settings']['markov_treshold'] > 1: markovTresh = job['attack_settings']['markov_treshold'] job['markov_threshold'] = job['attack_settings']['markov_treshold'] job['mask_table'] = [] job['keyspace'] = 0 job['hc_keyspace'] = 0 for (i, mask) in enumerate(job['attack_settings']['masks']): keyspace_for_mask = compute_keyspace_from_mask( mask, charsetsSize, markovTresh) hc_keyspace_for_mask = 0 if hashcatKeyspace: tmp = HASHCAT_PATH + ' -m ' + job['hash_settings'][ 'hash_type'] + ' -a 3 ' + mask + ' --markov-threshold ' + str( job['attack_settings']['markov_treshold']) hc_keyspace_for_mask = shellExec( HASHCAT_PATH + ' -m ' + job['hash_settings']['hash_type'] + ' --keyspace -a 3 ' + mask + ' --markov-threshold ' + str(job['attack_settings']['markov_treshold']), cwd=HASHCAT_DIR, abortOnError=True) if hc_keyspace_for_mask == '': abort(500, 'Server can not compute keyspace for mask ' + mask) try: job['hc_keyspace'] += int(hc_keyspace_for_mask) except ValueError: abort(500, 'Hashcat says: "' + hc_keyspace_for_mask + '".') job['keyspace'] += keyspace_for_mask job['mask_table'].append({ 'mask': mask, 'keyspace': keyspace_for_mask, 'hc_keyspace': hc_keyspace_for_mask }) else: job['mask_table'] = [] job['keyspace'] = 0 job['hc_keyspace'] = 0 for (i, mask) in enumerate(job['attack_settings']['masks']): keyspace_for_mask = compute_keyspace_from_mask(mask, charsetsSize) hc_keyspace_for_mask = 0 if hashcatKeyspace: hc_keyspace_for_mask = shellExec( HASHCAT_PATH + ' -m ' + job['hash_settings']['hash_type'] + ' --keyspace -a 3 ' + mask + ' ' + hashcatArgs, cwd=HASHCAT_DIR, abortOnError=True) if hc_keyspace_for_mask == '': abort(500, 'Server can not compute keyspace for mask ' + mask) try: job['hc_keyspace'] += int(hc_keyspace_for_mask) except ValueError: abort(500, 'Hashcat says: "' + hc_keyspace_for_mask + '".') job['keyspace'] += keyspace_for_mask job['mask_table'].append({ 'mask': mask, 'keyspace': keyspace_for_mask, 'hc_keyspace': hc_keyspace_for_mask }) if job['attack_settings'].get('markov'): markov = FcHcstat.query.filter( FcHcstat.id == job['attack_settings']['markov']['id']).first() if not markov: abort(500, 'Wrong markov file selected.') if not os.path.exists(os.path.join(HCSTATS_DIR, markov.path)): abort(500, 'Markov file does not exist.') job['markov_hcstat'] = markov.name job['attack_name'] = 'mask' return job