def __init__(self):
if IS_WIN:
coloramainit()
Cmd.__init__(self)
os.system("clear")
conf.report = False
conf.retry = False
conf.delay = 0
conf.quiet = False
conf.isPocString = False
conf.isPycFile = False
conf.requires = False
conf.requiresFreeze = False
conf.url = None
conf.proxy = None
conf.params = None
conf.urlFile = None
conf.agent = None
conf.referer = None
conf.cookie = None
conf.proxy = None
conf.randomAgent = False
conf.threads = 1
conf.timeout = 5
conf.httpHeaders = HTTP_DEFAULT_HEADER
self.prompt = "Pcs> "
banner()
self.case_insensitive = False
def __init__(self):
if IS_WIN:
coloramainit()
Cmd.__init__(self)
os.system("clear")
conf.report = False
conf.retry = False
conf.delay = 0
conf.quiet = False
conf.isPocString = False
conf.isPycFile = False
conf.requires = False
conf.requiresFreeze = False
conf.url = None
conf.proxy = None
conf.params = None
conf.urlFile = None
conf.agent = None
conf.referer = None
conf.cookie = None
conf.proxy = None
conf.randomAgent = False
conf.threads = 1
conf.timeout = 5
conf.httpHeaders = HTTP_DEFAULT_HEADER
self.prompt = "Pcs> "
banner()
self.case_insensitive = False
def initOptions(inputOptions=AttribDict()):
if IS_WIN:
coloramainit()
# TODO
conf.url = inputOptions.url
conf.urlFile = inputOptions.urlFile
conf.mode = inputOptions.Mode
conf.pocFile = inputOptions.pocFile
conf.randomAgent = inputOptions.randomAgent
conf.agent = inputOptions.agent
conf.cookie = inputOptions.cookie
conf.referer = inputOptions.referer
conf.threads = inputOptions.threads
conf.report = inputOptions.report
conf.proxy = inputOptions.proxy
conf.proxyCred = inputOptions.proxyCred
conf.timeout = inputOptions.timeout
conf.params = None
conf.httpHeaders = HTTP_DEFAULT_HEADER
initializeKb()
def initOptions(inputOptions=AttribDict()):
if IS_WIN:
coloramainit()
# TODO
conf.url = inputOptions.url
conf.urlFile = inputOptions.urlFile
conf.mode = inputOptions.Mode
conf.pocFile = inputOptions.pocFile
conf.randomAgent = inputOptions.randomAgent
conf.agent = inputOptions.agent
conf.cookie = inputOptions.cookie
conf.referer = inputOptions.referer
conf.threads = inputOptions.threads
conf.report = inputOptions.report
conf.proxy = inputOptions.proxy
conf.proxyCred = inputOptions.proxyCred
conf.timeout = inputOptions.timeout
conf.params = None
conf.httpHeaders = HTTP_DEFAULT_HEADER
initializeKb()
def __init__(self):
if IS_WIN:
coloramainit()
Cmd.__init__(self)
os.system("clear")
banner()
self.case_insensitive = False
self.prompt = "Pcs> "
conf.url = None
conf.proxy = None
conf.params = None
conf.urlFile = None
conf.agent = None
conf.referer = None
conf.cookie = None
conf.proxy = None
conf.randomAgent = False
conf.threads = 1
conf.timeout = 5
conf.httpHeaders = HTTP_DEFAULT_HEADER
def __init__(self):
if IS_WIN:
coloramainit()
Cmd.__init__(self)
os.system("clear")
banner()
self.case_insensitive = False
self.prompt = "Pcs> "
conf.url = None
conf.proxy = None
conf.params = None
conf.urlFile = None
conf.agent = None
conf.referer = None
conf.cookie = None
conf.proxy = None
conf.randomAgent = False
conf.threads = 1
conf.timeout = 5
conf.httpHeaders = HTTP_DEFAULT_HEADER
def initOptions(inputOptions=AttribDict()):
if IS_WIN:
coloramainit()
# TODO
conf.url = inputOptions.url
conf.urlFile = inputOptions.urlFile
conf.mode = inputOptions.Mode
conf.pocFile = inputOptions.pocFile
conf.randomAgent = inputOptions.randomAgent
conf.agent = inputOptions.agent
conf.cookie = inputOptions.cookie
conf.headers = inputOptions.headers
conf.referer = inputOptions.referer
conf.threads = inputOptions.threads
conf.report = inputOptions.report
conf.proxy = inputOptions.proxy
conf.proxyCred = inputOptions.proxyCred
conf.requires = inputOptions.requires
conf.requiresFreeze = inputOptions.requiresFreeze
conf.timeout = inputOptions.timeout
conf.httpHeaders = HTTP_DEFAULT_HEADER
conf.params = inputOptions.extra_params if inputOptions.extra_params else None
conf.retry = int(inputOptions.retry) if inputOptions.retry else None
conf.delay = float(inputOptions.delay) if inputOptions.delay else None
conf.quiet = inputOptions.quiet
conf.dork = inputOptions.dork if inputOptions.dork else None
conf.vulKeyword = inputOptions.vulKeyword if inputOptions.vulKeyword else None
if inputOptions.host:
conf.httpHeaders.update({'Host': inputOptions.host})
try:
conf.isPocString = inputOptions.isPocString
conf.pocname = inputOptions.pocname
except:
conf.isPocString = False
conf.isPycFile = False
initializeKb()
def initOptions(inputOptions=AttribDict()):
if IS_WIN:
coloramainit()
# TODO
conf.url = inputOptions.url
conf.urlFile = inputOptions.urlFile
conf.mode = inputOptions.Mode
conf.pocFile = inputOptions.pocFile
conf.randomAgent = inputOptions.randomAgent
conf.agent = inputOptions.agent
conf.cookie = inputOptions.cookie
conf.headers = inputOptions.headers
conf.referer = inputOptions.referer
conf.threads = inputOptions.threads
conf.report = inputOptions.report
conf.proxy = inputOptions.proxy
conf.proxyCred = inputOptions.proxyCred
conf.requires = inputOptions.requires
conf.requiresFreeze = inputOptions.requiresFreeze
conf.timeout = inputOptions.timeout
conf.httpHeaders = HTTP_DEFAULT_HEADER
conf.params = inputOptions.extra_params if inputOptions.extra_params else None
conf.retry = int(inputOptions.retry) if inputOptions.retry else None
conf.delay = float(inputOptions.delay) if inputOptions.delay else None
conf.quiet = inputOptions.quiet
conf.dork = inputOptions.dork if inputOptions.dork else None
conf.vulKeyword = inputOptions.vulKeyword if inputOptions.vulKeyword else None
if inputOptions.host:
conf.httpHeaders.update({'Host': inputOptions.host})
try:
conf.isPocString = inputOptions.isPocString
conf.pocname = inputOptions.pocname
except:
conf.isPocString = False
conf.isPycFile = False
initializeKb()
def _bruteProcessVariantB(user, hash_, kwargs, hash_regex, suffix, retVal,
found, proc_id, proc_count, wordlists,
custom_wordlist, api):
if IS_WIN:
coloramainit()
count = 0
rotator = 0
wordlist = Wordlist(wordlists, proc_id, getattr(proc_count, "value", 0),
custom_wordlist)
try:
for word in wordlist:
if found.value:
break
current = __functions__[hash_regex](password=word,
uppercase=False,
**kwargs)
count += 1
if not isinstance(word, basestring):
continue
if suffix:
word = word + suffix
try:
if hash_ == current:
if hash_regex == HASH.ORACLE_OLD: # only for cosmetic purposes
word = word.upper()
retVal.put((user, hash_, word))
clearConsoleLine()
infoMsg = "\r[%s] [INFO] cracked password '%s'" % (
time.strftime("%X"), word)
if user and not user.startswith(DUMMY_USER_PREFIX):
infoMsg += " for user '%s'\n" % user
else:
infoMsg += " for hash '%s'\n" % hash_
dataToStdout(infoMsg, True)
found.value = True
elif (proc_id == 0 or getattr(proc_count, "value", 0)
== 1) and count % HASH_MOD_ITEM_DISPLAY == 0:
rotator += 1
if rotator >= len(ROTATING_CHARS):
rotator = 0
status = 'current status: %s... %s' % (
word.ljust(5)[:5], ROTATING_CHARS[rotator])
if user and not user.startswith(DUMMY_USER_PREFIX):
status += ' (user: %s)' % user
if not api:
dataToStdout("\r[%s] [INFO] %s" %
(time.strftime("%X"), status))
except KeyboardInterrupt:
raise
except (UnicodeEncodeError, UnicodeDecodeError):
pass # ignore possible encoding problems caused by some words in custom dictionaries
except Exception, e:
warnMsg = "there was a problem while hashing entry: %s (%s). " % (
repr(word), e)
warnMsg += "Please report by e-mail to '%s'" % DEV_EMAIL_ADDRESS
logger.critical(warnMsg)
except KeyboardInterrupt:
pass
finally:
if hasattr(proc_count, "value"):
with proc_count.get_lock():
proc_count.value -= 1
def _bruteProcessVariantB(user, hash_, kwargs, hash_regex, suffix, retVal, found, proc_id, proc_count, wordlists, custom_wordlist):
if IS_WIN:
coloramainit()
count = 0
rotator = 0
wordlist = Wordlist(wordlists, proc_id, getattr(proc_count, "value", 0), custom_wordlist)
try:
for word in wordlist:
if found.value:
break
current = __functions__[hash_regex](password=word, uppercase=False, **kwargs)
count += 1
if not isinstance(word, basestring):
continue
if suffix:
word = word + suffix
try:
if hash_ == current:
if hash_regex == HASH.ORACLE_OLD: # only for cosmetic purposes
word = word.upper()
retVal.put((user, hash_, word))
clearConsoleLine()
infoMsg = "\r[%s] [INFO] cracked password '%s'" % (time.strftime("%X"), word)
if user and not user.startswith(DUMMY_USER_PREFIX):
infoMsg += " for user '%s'\n" % user
else:
infoMsg += " for hash '%s'\n" % hash_
dataToStdout(infoMsg, True)
found.value = True
elif (proc_id == 0 or getattr(proc_count, "value", 0) == 1) and count % HASH_MOD_ITEM_DISPLAY == 0:
rotator += 1
if rotator >= len(ROTATING_CHARS):
rotator = 0
status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator])
if not user.startswith(DUMMY_USER_PREFIX):
status += ' (user: %s)' % user
if not hasattr(conf, "api"):
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
except KeyboardInterrupt:
raise
except (UnicodeEncodeError, UnicodeDecodeError):
pass # ignore possible encoding problems caused by some words in custom dictionaries
except Exception, e:
warnMsg = "there was a problem while hashing entry: %s (%s). " % (repr(word), e)
warnMsg += "Please report by e-mail to %s" % ML
logger.critical(warnMsg)
except KeyboardInterrupt:
pass
finally:
if hasattr(proc_count, "value"):
with proc_count.get_lock():
proc_count.value -= 1
def _bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, proc_id,
proc_count, wordlists, custom_wordlist, api):
if IS_WIN:
coloramainit()
count = 0
rotator = 0
hashes = set(item[0][1] for item in attack_info)
wordlist = Wordlist(wordlists, proc_id, getattr(proc_count, "value", 0),
custom_wordlist)
try:
for word in wordlist:
if not attack_info:
break
count += 1
if not isinstance(word, basestring):
continue
if suffix:
word = word + suffix
try:
current = __functions__[hash_regex](password=word,
uppercase=False)
if current in hashes:
for item in attack_info[:]:
((user, hash_), _) = item
if hash_ == current:
retVal.put((user, hash_, word))
clearConsoleLine()
infoMsg = "\r[%s] [INFO] cracked password '%s'" % (
time.strftime("%X"), word)
if user and not user.startswith(DUMMY_USER_PREFIX):
infoMsg += " for user '%s'\n" % user
else:
infoMsg += " for hash '%s'\n" % hash_
dataToStdout(infoMsg, True)
attack_info.remove(item)
elif (
proc_id == 0 or getattr(proc_count, "value", 0) == 1
) and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
rotator += 1
if rotator >= len(ROTATING_CHARS):
rotator = 0
status = "current status: %s... %s" % (
word.ljust(5)[:5], ROTATING_CHARS[rotator])
if not api:
dataToStdout("\r[%s] [INFO] %s" %
(time.strftime("%X"), status))
except KeyboardInterrupt:
raise
except (UnicodeEncodeError, UnicodeDecodeError):
pass # ignore possible encoding problems caused by some words in custom dictionaries
except Exception as ex:
warnMsg = "there was a problem while hashing entry: %s ('%s'). " % (
repr(word), getSafeExString(ex))
warnMsg += "Please report by e-mail to '%s'" % DEV_EMAIL_ADDRESS
logger.critical(warnMsg)
except KeyboardInterrupt:
pass
finally:
if hasattr(proc_count, "value"):
with proc_count.get_lock():
proc_count.value -= 1
def _bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, proc_id, proc_count, wordlists, custom_wordlist):
if IS_WIN:
coloramainit()
count = 0
rotator = 0
hashes = set([item[0][1] for item in attack_info])
wordlist = Wordlist(wordlists, proc_id, getattr(proc_count, "value", 0), custom_wordlist)
try:
for word in wordlist:
if not attack_info:
break
if not isinstance(word, basestring):
continue
if suffix:
word = word + suffix
try:
current = __functions__[hash_regex](password=word, uppercase=False)
count += 1
if current in hashes:
for item in attack_info[:]:
((user, hash_), _) = item
if hash_ == current:
retVal.put((user, hash_, word))
clearConsoleLine()
infoMsg = "\r[%s] [INFO] cracked password '%s'" % (time.strftime("%X"), word)
if user and not user.startswith(DUMMY_USER_PREFIX):
infoMsg += " for user '%s'\n" % user
else:
infoMsg += " for hash '%s'\n" % hash_
dataToStdout(infoMsg, True)
attack_info.remove(item)
elif (proc_id == 0 or getattr(proc_count, "value", 0) == 1) and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
rotator += 1
if rotator >= len(ROTATING_CHARS):
rotator = 0
status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator])
if not hasattr(conf, "api"):
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
except KeyboardInterrupt:
raise
except (UnicodeEncodeError, UnicodeDecodeError):
pass # ignore possible encoding problems caused by some words in custom dictionaries
except Exception, e:
warnMsg = "there was a problem while hashing entry: %s (%s). " % (repr(word), e)
warnMsg += "Please report by e-mail to '*****@*****.**'"
logger.critical(warnMsg)
except KeyboardInterrupt:
pass
finally:
if hasattr(proc_count, "value"):
with proc_count.get_lock():
proc_count.value -= 1
def banner():
if IS_WIN:
coloramainit()
data_to_stdout(BANNER)
def _bruteProcessVariantA(attack_info, hash_regex, suffix, retVal, proc_id,
proc_count, wordlists, custom_wordlist, api):
if IS_WIN:
coloramainit()
count = 0
rotator = 0
hashes = set([item[0][1] for item in attack_info])
wordlist = Wordlist(wordlists, proc_id, getattr(proc_count, "value", 0),
custom_wordlist)
try:
for word in wordlist:
if not attack_info:
break
if not isinstance(word, basestring):
continue
if suffix:
word = word + suffix
try:
current = __functions__[hash_regex](password=word,
uppercase=False)
count += 1
if current in hashes:
for item in attack_info[:]:
((user, hash_), _) = item
if hash_ == current:
retVal.put((user, hash_, word))
clearConsoleLine()
infoMsg = u"\r[%s] [INFO] 破解密码'%s'" % (
time.strftime("%X"), word)
if user and not user.startswith(DUMMY_USER_PREFIX):
infoMsg += u" 对于用户'%s'\n" % user
else:
infoMsg += u" 对于哈希 '%s'\n" % hash_
dataToStdout(infoMsg, True)
attack_info.remove(item)
elif (
proc_id == 0 or getattr(proc_count, "value", 0) == 1
) and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
rotator += 1
if rotator >= len(ROTATING_CHARS):
rotator = 0
status = u'当前状态: %s... %s' % (word.ljust(5)[:5],
ROTATING_CHARS[rotator])
if not api:
dataToStdout("\r[%s] [INFO] %s" %
(time.strftime("%X"), status))
except KeyboardInterrupt:
raise
except (UnicodeEncodeError, UnicodeDecodeError):
pass # 忽略自定义词典中由某些单词引起的可能的编码问题
except Exception, e:
warnMsg = u"哈希输入时出现问题: %s (%s). " % (repr(word), e)
warnMsg += u"请通过电子邮件报告'*****@*****.**'"
logger.critical(warnMsg)
except KeyboardInterrupt:
pass
finally:
if hasattr(proc_count, "value"):
with proc_count.get_lock():
proc_count.value -= 1