def setup_hashcat(session_id):
provider = Provider()
sessions = provider.sessions()
hashcat = provider.hashcat()
system = provider.system()
if not sessions.can_access(current_user, session_id):
flash('Access Denied', 'error')
return redirect(url_for('home.index'))
user_id = 0 if current_user.admin else current_user.id
session = sessions.get(user_id=user_id, session_id=session_id)[0]
supported_hashes = hashcat.get_supported_hashes()
# We need to process the array in a way to make it easy for JSON usage.
supported_hashes = hashcat.compact_hashes(supported_hashes)
if len(supported_hashes) == 0:
home_directory = system.get_system_user_home_directory()
flash('Could not get the supported hashes from hashcat', 'error')
flash(
'If you have compiled hashcat from source, make sure %s/.hashcat directory exists and is writable'
% home_directory, 'error')
return render_template('sessions/setup/hashcat.html',
session=session,
hashes_json=json.dumps(supported_hashes,
indent=4,
sort_keys=True,
default=str))
def get_types(self):
provider = Provider()
hashcat = provider.hashcat()
supported_hashes = hashcat.get_supported_hashes()
api_hashes = []
for type, hashes in supported_hashes.items():
for code, hash in hashes.items():
api_hashes.append(
self.__compile_hashtype(code, type + ' / ' + hash))
return self.send_valid_response(api_hashes)
def setup_hashcat_save(session_id):
provider = Provider()
sessions = provider.sessions()
hashcat = provider.hashcat()
if not sessions.can_access(current_user, session_id):
flash('Access Denied', 'error')
return redirect(url_for('home.index'))
hash_type = request.form['hash-type'].strip()
optimised_kernel = int(request.form.get('optimised_kernel', 0))
workload = int(request.form.get('workload', 2))
mode = int(request.form['mode'].strip())
if mode != 0 and mode != 3 and mode != 6:
# As all the conditions below depend on the mode, if it's wrong return to the previous page immediately.
flash('Invalid attack mode selected', 'error')
return redirect(
url_for('sessions.setup_hashcat', session_id=session_id))
elif workload not in [1, 2, 3, 4]:
flash('Invalid workload selected', 'error')
return redirect(
url_for('sessions.setup_hashcat', session_id=session_id))
has_errors = False
if not hashcat.is_valid_hash_type(hash_type):
has_errors = True
flash('Invalid hash type selected', 'error')
if has_errors:
return redirect(
url_for('sessions.setup_hashcat', session_id=session_id))
sessions.set_hashcat_setting(session_id, 'mode', mode)
sessions.set_hashcat_setting(session_id, 'hashtype', hash_type)
sessions.set_hashcat_setting(session_id, 'optimised_kernel',
optimised_kernel)
sessions.set_hashcat_setting(session_id, 'workload', workload)
if mode == 0:
redirect_to = 'wordlist'
elif mode == 3:
redirect_to = 'mask'
elif mode == 6:
redirect_to = 'hybrid'
return redirect(
url_for('sessions.setup_' + redirect_to, session_id=session_id))
def view(session_id):
provider = Provider()
sessions = provider.sessions()
hashcat = provider.hashcat()
if not sessions.can_access(current_user, session_id):
flash('Access Denied', 'error')
return redirect(url_for('home.index'))
user_id = 0 if current_user.admin else current_user.id
session = sessions.get(user_id=user_id, session_id=session_id)[0]
supported_hashes = hashcat.get_supported_hashes()
# We need to process the array in a way to make it easy for JSON usage.
supported_hashes = hashcat.compact_hashes(supported_hashes)
return render_template('sessions/view.html',
session=session,
supported_hashes=supported_hashes)
def set_type(self, user_id, session_id):
required_fields = ['type']
data = self.get_json(required_fields)
if data is False:
return self.send_error_response(
5000, 'Missing fields',
'Required fields are: ' + ', '.join(required_fields))
provider = Provider()
sessions = provider.sessions()
hashcat = provider.hashcat()
hash_type = str(data['type'])
session = sessions.get(user_id=user_id, session_id=session_id)
if not session:
return self.send_access_denied_response()
elif not hashcat.is_valid_hash_type(hash_type):
return self.send_error_response(5003, 'Invalid type selected', '')
sessions.set_hashcat_setting(session_id, 'hashtype', hash_type)
return self.send_success_response()
