def remove_hashfile(self, hashfile):
# Check if there is a running session
for session in Session.objects.filter(hashfile_id=hashfile.id):
node = session.node
try:
hashcat_api = HashcatAPI(node.hostname, node.port, node.username, node.password)
hashcat_api.action(session.name, "remove")
except Exception as e:
traceback.print_exc()
hashfile_path = os.path.join(os.path.dirname(__file__), "..", "Files", "Hashfiles", hashfile.hashfile)
# remove from disk
try:
os.remove(hashfile_path)
except Exception as e:
pass
del_hashfile_locks(hashfile)
start = time.perf_counter()
# deletion is faster using raw SQL queries
cursor = connection.cursor()
cursor.execute("DELETE FROM Hashcat_session WHERE hashfile_id = %s", [hashfile.id])
cursor.execute("DELETE FROM Hashcat_hash WHERE hashfile_id = %s", [hashfile.id])
cursor.close()
hashfile.delete()
end = time.perf_counter()
print(">>> Hashfile %s deleted from database in %fs" % (hashfile.name, end-start))
def api_error_sessions(request):
if request.method == "POST":
params = request.POST
else:
params = request.GET
result = {
"draw": params["draw"],
}
data = []
for session in Session.objects.all():
node = session.node
try:
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
session_info = hashcat_api.get_session_info(session.name)
if session_info['response'] != 'error' and not session_info[
"status"] in ["Not started", "Running", "Paused", "Done"]:
if session_info["crack_type"] == "dictionary":
rule_mask = session_info["rule"]
wordlist = session_info["wordlist"]
elif session_info["crack_type"] == "mask":
rule_mask = session_info["mask"]
wordlist = ""
data.append({
"hashfile": session.hashfile.name,
"node": node.name,
"type": session_info["crack_type"],
"rule_mask": rule_mask,
"wordlist": wordlist,
"status": session_info["status"],
"reason": session_info["reason"],
})
elif session_info['response'] == 'error':
data.append({
"hashfile": session.hashfile.name,
"node": node.name,
"type": "",
"rule_mask": "",
"wordlist": "",
"status": "Inexistant session on node",
"reason": "",
})
except ConnectionRefusedError:
pass
result["data"] = data
return HttpResponse(json.dumps(result), content_type="application/json")
def remove(request, node_name, session_name):
node = get_object_or_404(Node, name=node_name)
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
res = hashcat_api.remove(session_name)
if res["response"] == "error":
return index(request, error_msg=res["message"])
return redirect('index')
def new_session(request):
if request.method == 'POST':
#session_name = request.POST["name"]
node_name = request.POST["node"]
node = get_object_or_404(Node, name=node_name)
hashfile = get_object_or_404(Hashfile, id=request.POST['hashfile_id'])
crack_type = request.POST["crack_type"]
if crack_type == "dictionary":
rule = request.POST["rule"] if request.POST["rule"] != "None" else None
wordlist = request.POST["wordlist"]
elif crack_type == "mask":
mask = request.POST["mask"]
device_type = int(request.POST["device_type"])
brain_mode = int(request.POST["brain_mode"])
if request.POST["end_datetime"]:
end_timestamp = int(datetime.strptime(request.POST["end_datetime"], "%m/%d/%Y %I:%M %p").timestamp())
else:
end_timestamp = None
session_name = ("%s-%s" % (hashfile.name, ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(12)))).replace(" ", "_")
if "debug" in request.POST:
hashcat_debug_file = True
else:
hashcat_debug_file = False
hashcat_api = HashcatAPI(node.hostname, node.port, node.username, node.password)
if crack_type == "dictionary":
res = hashcat_api.create_dictionary_session(session_name, hashfile, rule, wordlist, device_type, brain_mode, end_timestamp, hashcat_debug_file)
elif crack_type == "mask":
res = hashcat_api.create_mask_session(session_name, hashfile, mask, device_type, brain_mode, end_timestamp, hashcat_debug_file)
if res["response"] == "error":
messages.error(request, res["message"])
return redirect('Hashcat:hashfiles')
messages.success(request, "Session successfully created")
session = Session(
name=session_name,
hashfile=hashfile,
node = node,
potfile_line_retrieved=0,
)
session.save()
return redirect('Hashcat:hashfiles')
def api_running_sessions(request):
if request.method == "POST":
params = request.POST
else:
params = request.GET
result = {
"draw": params["draw"],
}
data = []
for session in Session.objects.all():
node = session.node
try:
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
session_info = hashcat_api.get_session_info(session.name)
if session_info['response'] != 'error' and session_info[
"status"] == "Running":
if session_info["crack_type"] == "dictionary":
rule_mask = session_info["rule"]
wordlist = session_info["wordlist"]
elif session_info["crack_type"] == "mask":
rule_mask = session_info["mask"]
wordlist = ""
data.append({
"hashfile":
session.hashfile.name,
"node":
node.name,
"type":
session_info["crack_type"],
"rule_mask":
rule_mask,
"wordlist":
wordlist,
"remaining":
session_info["time_estimated"],
"progress":
"%s %%" % session_info["progress"],
"speed":
session_info["speed"].split('@')[0].strip(),
})
except ConnectionRefusedError:
pass
result["data"] = data
return HttpResponse(json.dumps(result), content_type="application/json")
def update_potfile(self):
updated_hashfile_ids = []
with transaction.atomic():
try:
# Lock: prevent the potfile from being modified
potfile_locks = list(Lock.objects.select_for_update().filter(
lock_ressource="potfile"))
# update the potfile
for session in Session.objects.all():
try:
node = session.node
hashcat_api = HashcatAPI(node.hostname, node.port,
node.username, node.password)
remaining = True
while (remaining):
potfile_data = hashcat_api.get_potfile(
session.name, session.potfile_line_retrieved)
if potfile_data[
"response"] == "ok" and potfile_data[
"line_count"] > 0:
f = open(self.get_potfile(),
"a",
encoding='utf-8')
f.write(potfile_data["potfile_data"])
f.close()
session.potfile_line_retrieved += potfile_data[
"line_count"]
session.save()
remaining = potfile_data["remaining_data"]
updated_hashfile_ids.append(
session.hashfile.id)
else:
remaining = False
except ConnectionRefusedError:
pass
del potfile_locks
except OperationalError as e:
# potfile is locked, no need to be concerned about it, this function is executed regularly
print("Error: potfile locked")
return list(set(updated_hashfile_ids))
def api_node_status(request):
if request.method == "POST":
params = request.POST
else:
params = request.GET
result = {
"draw": params["draw"],
}
node_object_list = Node.objects.all()
data = []
for node in node_object_list:
try:
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
node_data = hashcat_api.get_hashcat_info()
status = "Stopped"
for session in node_data["sessions"]:
if session["status"] == "Running":
status = "Running"
break
data.append([
node.name,
node_data["version"],
status,
])
except ConnectionRefusedError:
data.append([
node.name,
"",
"Error",
])
except requests.exceptions.ConnectionError:
data.append([
node.name,
"",
"Error",
])
result["data"] = data
for query in connection.queries[-1:]:
print(query["sql"])
print(query["time"])
return HttpResponse(json.dumps(result), content_type="application/json")
def action_session(request, node_name, session_name, action):
node = get_object_or_404(Node, name=node_name)
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
res = hashcat_api.action(session_name, action)
if res["response"] == "error":
return session(request,
node_name,
session_name,
error_msg=res["message"])
return redirect('session', node_name, session_name)
def update_potfile(self):
updated_hash_type = []
with transaction.atomic():
potfile_locks = list(Lock.objects.select_for_update().filter(lock_ressource="potfile"))
print("Updating potfile")
# update the potfile
for session in Session.objects.all():
try:
node = session.node
hashcat_api = HashcatAPI(node.hostname, node.port, node.username, node.password)
# Lock: prevent the potfile from being modified
remaining = True
while(remaining):
potfile_data = hashcat_api.get_potfile(session.name, session.potfile_line_retrieved)
if potfile_data["response"] == "ok" and potfile_data["line_count"] > 0:
updated_hash_type.append(session.hashfile.hash_type)
f = open(self.get_potfile(), "a", encoding='utf-8')
f.write(potfile_data["potfile_data"])
f.close()
session.potfile_line_retrieved += potfile_data["line_count"]
session.save()
remaining = potfile_data["remaining_data"]
# Probably quicker than a python equivalent code
tmp_potfile = "/tmp/webhashcat_potfile"
os.system("sort %s | uniq > %s; mv %s %s" % (Hashcat.get_potfile(), tmp_potfile, tmp_potfile, Hashcat.get_potfile()))
else:
remaining = False
except ConnectionRefusedError:
pass
print("Done updating potfile")
del potfile_locks
return updated_hash_type
def api_hashfile_action(request):
if request.method == "POST":
params = request.POST
else:
params = request.GET
hashfile = get_object_or_404(Hashfile, id=params["hashfile_id"])
print("Hashfile %s action %s" % (hashfile.name, params["action"]))
if params["action"] == "remove":
# Check if there is a running session
for session in Session.objects.filter(hashfile_id=hashfile.id):
node = session.node
try:
hashcat_api = HashcatAPI(node.hostname, node.port,
node.username, node.password)
hashcat_api.action(session.name, "remove")
except Exception as e:
traceback.print_exc()
hashfile_path = os.path.join(os.path.dirname(__file__), "..", "Files",
"Hashfiles", hashfile.hashfile)
crackedfile_path = os.path.join(os.path.dirname(__file__), "..",
"Files", "Crackedfiles",
hashfile.crackedfile)
# remove from disk
try:
os.remove(hashfile_path)
except Exception as e:
messages.error(
request,
"Error when deleting %s: %s" % (hashfile_path, str(e)))
try:
os.remove(crackedfile_path)
except Exception as e:
messages.error(
request,
"Error when deleting %s: %s" % (crackedfile_path, str(e)))
del_hashfile_locks(hashfile)
hashfile.delete()
return HttpResponse(json.dumps({"result": "success"}),
content_type="application/json")
def api_session_action(request):
if request.method == "POST":
params = request.POST
else:
params = request.GET
session = get_object_or_404(Session, name=params["session_name"])
node = session.node
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
res = hashcat_api.action(session.name, params["action"])
if params["action"] == "remove":
session.delete()
return HttpResponse(json.dumps(res), content_type="application/json")
def session_hashes(request, node_name, session_name):
node = get_object_or_404(Node, name=node_name)
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
hashes_file = hashcat_api.get_hashes(session_name)
if hashes_file["response"] == "error":
return session(request,
node_name,
session_name,
error_msg=hashes_file["message"])
response = HttpResponse(
hashes_file["hashes"], content_type='application/force-download'
) # mimetype is replaced by content_type for django 1.7
response['Content-Disposition'] = 'attachment; filename=%s' % "hashes.txt"
return response
def new_session(request):
if request.method == 'POST':
#session_name = request.POST["name"]
node_name = request.POST["node"]
node = get_object_or_404(Node, name=node_name)
hashfile = get_object_or_404(Hashfile, id=request.POST['hashfile_id'])
crack_type = request.POST["crack_type"]
if crack_type == "dictionary":
rule = request.POST[
"rule"] if request.POST["rule"] != "None" else None
wordlist = request.POST["wordlist"]
elif crack_type == "mask":
mask = request.POST["mask"]
session_name = ("%s-%s" % (hashfile.name, ''.join(
random.choice(string.ascii_uppercase + string.digits)
for _ in range(12)))).replace(" ", "_")
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
if crack_type == "dictionary":
res = hashcat_api.create_dictionary_session(
session_name, hashfile, rule, wordlist)
elif crack_type == "mask":
res = hashcat_api.create_mask_session(session_name, hashfile, mask)
if res["response"] == "error":
messages.error(request, res["message"])
return redirect('Hashcat:hashfiles')
messages.success(request, "Session successfully created")
session = Session(
name=session_name,
hashfile=hashfile,
node=node,
potfile_line_retrieved=0,
)
session.save()
return redirect('Hashcat:hashfiles')
def upload_wordlist(request):
if request.method == 'POST':
node_name = request.POST["node"]
name = request.POST["name"]
if "file" in request.FILES:
# get from file
f = request.FILES["file"]
rule_file = f.read().decode()
node_item = get_object_or_404(Node, name=node_name)
hashcat_api = HashcatAPI(node_item.hostname, node_item.port,
node_item.username, node_item.password)
res = hashcat_api.upload_wordlist(name, rule_file)
if res["response"] == "error":
return node(request, node_name, error_msg=res["message"])
return redirect('node', node_name)
def node(request, node_name, error_msg=""):
context = {}
context["Section"] = "Nodes"
if len(error_msg) != 0:
context["error_message"] = error_msg
template = loader.get_template('Hashcat/node.html')
return HttpResponse(template.render(context, request))
node_item = get_object_or_404(Node, name=node_name)
context["node_name"] = node_item.name
context["hostname"] = node_item.hostname
context["port"] = node_item.port
hashcat_api = HashcatAPI(node_item.hostname, node_item.port,
node_item.username, node_item.password)
node_data = hashcat_api.get_hashcat_info()
if node_data["response"] == "error":
return node(request, node_name, error_msg=node_data["message"])
rule_list = node_data["rules"]
rule_list.sort()
mask_list = node_data["masks"]
mask_list.sort()
wordlist_list = node_data["wordlists"]
wordlist_list.sort()
hash_type_list = sorted(node_data["hash_types"], key=itemgetter('id'))
context["version"] = node_data["version"]
context["rule_list"] = rule_list
context["mask_list"] = mask_list
context["wordlist_list"] = wordlist_list
context["hash_type_list"] = hash_type_list
template = loader.get_template('Hashcat/node.html')
return HttpResponse(template.render(context, request))
def new_session(request):
if request.method == 'POST':
session_name = request.POST["name"]
node_name = request.POST["node"]
hash_type_id = request.POST["hash_type"]
crack_type = request.POST["crack_type"]
if crack_type == "rule":
rule = request.POST["rule"]
wordlist = request.POST["wordlist"]
elif crack_type == "mask":
mask = request.POST["mask"]
hashes = request.POST["hashes"]
username_included = "username_included" in request.POST
if len(hashes) == 0 and "hash_file" in request.FILES:
# get from file
f = request.FILES["hash_file"]
hashes = f.read().decode()
node = get_object_or_404(Node, name=node_name)
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
if crack_type == "rule":
res = hashcat_api.create_rule_session(session_name, hash_type_id,
rule, wordlist, hashes,
username_included)
elif crack_type == "mask":
res = hashcat_api.create_mask_session(session_name, hash_type_id,
mask, hashes,
username_included)
if res["response"] == "error":
return index(request, error_msg=res["message"])
return redirect('index')
def session(request, node_name, session_name, error_msg=''):
context = {}
context["Section"] = "Sessions"
if len(error_msg) != 0:
context["error_message"] = error_msg
template = loader.get_template('Hashcat/session.html')
return HttpResponse(template.render(context, request))
node = get_object_or_404(Node, name=node_name)
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
session_info = hashcat_api.get_session_info(session_name)
if session_info["response"] == "error":
return session(request,
node_name,
session_name,
error_msg=session_info["message"])
context["node"] = node_name
context["session"] = session_name
context["crack_type"] = session_info["crack_type"]
context["status"] = session_info["status"]
context["time_started"] = session_info["time_started"]
context["time_estimated"] = session_info["time_estimated"]
context["speed"] = session_info["speed"]
context["recovered"] = session_info["recovered"]
context["progress"] = session_info["progress"]
context["results"] = session_info["results"]
# top10 graph
data = [
go.Bar(x=[item[1] for item in session_info["top10_passwords"]][::-1],
y=[item[0] for item in session_info["top10_passwords"]][::-1],
orientation='h')
]
layout = go.Layout(
title="Top 10 passwords",
margin=go.Margin(l=150, r=0, pad=4),
)
figure = go.Figure(data=data, layout=layout)
div = opy.plot(figure, auto_open=False, output_type='div', show_link=False)
context['top10_graph'] = div
# password_lengths graph
data = [
go.Bar(x=[item[1] for item in session_info["password_lengths"]][::-1],
y=[item[0] for item in session_info["password_lengths"]][::-1],
orientation='h')
]
layout = go.Layout(
title="Password lengths",
margin=go.Margin(l=150, r=0, pad=4),
)
figure = go.Figure(data=data, layout=layout)
div = opy.plot(figure, auto_open=False, output_type='div', show_link=False)
context['pass_len_graph'] = div
# password_charset graph
data = [
go.Bar(x=[item[1] for item in session_info["password_charsets"]][::-1],
y=[item[0] for item in session_info["password_charsets"]][::-1],
orientation='h')
]
layout = go.Layout(
title="Password charsets",
margin=go.Margin(l=150, r=0, pad=4),
)
figure = go.Figure(data=data, layout=layout)
div = opy.plot(figure, auto_open=False, output_type='div', show_link=False)
context['pass_charset_graph'] = div
template = loader.get_template('Hashcat/session.html')
return HttpResponse(template.render(context, request))
def index(request, error_msg=''):
context = {}
context["Section"] = "Sessions"
if len(error_msg) != 0:
context["error_message"] = error_msg
node_object_list = Node.objects.all()
session_list = []
rule_list = []
mask_list = []
hash_type_list = {}
node_list = []
wordlist_list = []
connection_error_nodes = []
for node in node_object_list:
try:
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
node_data = hashcat_api.get_hashcat_info()
node_list.append(node.name)
for session in node_data["sessions"]:
session_list.append({
"name": session["name"],
"node": node.name,
"crack_type": session["crack_type"],
"status": session["status"],
"cracked": int(session["cracked"]),
"progress": session["progress"],
})
rule_list += node_data["rules"]
mask_list += node_data["masks"]
wordlist_list += node_data["wordlists"]
for hash_type in node_data["hash_types"]:
hash_type_list[hash_type["id"]] = hash_type
except ConnectionRefusedError:
connection_error_nodes.append(node.name)
rule_list = list(set(rule_list))
rule_list.sort()
mask_list = list(set(mask_list))
mask_list.sort()
wordlist_list = list(set(wordlist_list))
wordlist_list.sort()
hash_type_list = sorted(list(hash_type_list.values()),
key=itemgetter('name'))
context["node_list"] = node_list
context["session_list"] = session_list
context["rule_list"] = rule_list
context["mask_list"] = mask_list
context["wordlist_list"] = wordlist_list
context["hash_type_list"] = hash_type_list
if len(connection_error_nodes) != 0:
context[
"error_message"] = "Connection error with the following nodes : %s" % ", ".join(
connection_error_nodes)
template = loader.get_template('Hashcat/index.html')
return HttpResponse(template.render(context, request))
def api_hashfile_sessions(request):
if request.method == "POST":
params = request.POST
else:
params = request.GET
result = {
"draw": params["draw"],
}
hashfile_id = int(params["hashfile_id"][4:] if params["hashfile_id"].
startswith("row_") else params["hashfile_id"])
data = []
for session in Session.objects.filter(hashfile_id=hashfile_id):
node = session.node
try:
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
session_info = hashcat_api.get_session_info(session.name)
print(session_info)
if session_info["response"] != "error":
if session_info["status"] == "Not started":
buttons = "<button title='Start session' type='button' class='btn btn-success btn-xs' onClick='session_action(\"%s\", \"%s\")'><span class='glyphicon glyphicon-play'></span></button>" % (
session.name, "start")
buttons += "<button title='Remove session' style='margin-left: 5px' type='button' class='btn btn-danger btn-xs' onClick='session_action(\"%s\", \"%s\")'><span class='glyphicon glyphicon-remove'></span></button>" % (
session.name, "remove")
elif session_info["status"] == "Running":
buttons = "<button title='Pause session' type='button' class='btn btn-warning btn-xs' onClick='session_action(\"%s\", \"%s\")'><span class='glyphicon glyphicon-pause'></span></button>" % (
session.name, "pause")
buttons += "<button title='Stop session' style='margin-left: 5px' type='button' class='btn btn-danger btn-xs' onClick='session_action(\"%s\", \"%s\")'><span class='glyphicon glyphicon-stop'></span></button>" % (
session.name, "quit")
elif session_info["status"] == "Paused":
buttons = "<button title='Resume session' type='button' class='btn btn-success btn-xs' onClick='session_action(\"%s\", \"%s\")'><span class='glyphicon glyphicon-play'></span></button>" % (
session.name, "resume")
buttons += "<button title='Stop session' style='margin-left: 5px' type='button' class='btn btn-danger btn-xs' onClick='session_action(\"%s\", \"%s\")'><span class='glyphicon glyphicon-stop'></span></button>" % (
session.name, "quit")
else:
buttons = "<button title='Start session' type='button' class='btn btn-success btn-xs' onClick='session_action(\"%s\", \"%s\")'><span class='glyphicon glyphicon-play'></span></button>" % (
session.name, "start")
buttons += "<button title='Remove session' style='margin-left: 5px' type='button' class='btn btn-danger btn-xs' onClick='session_action(\"%s\", \"%s\")'><span class='glyphicon glyphicon-remove'></span></button>" % (
session.name, "remove")
buttons = "<div style='float: right'>%s</div>" % buttons
if session_info["crack_type"] == "dictionary":
rule_mask = session_info["rule"]
wordlist = session_info["wordlist"]
elif session_info["crack_type"] == "mask":
rule_mask = session_info["mask"]
wordlist = ""
status = session_info["status"]
if status == "Error":
status += ' <a href="#" data-toggle="tooltip" data-placement="right" title="%s"><span class="glyphicon glyphicon-info-sign" aria-hidden="true"></span></a>' % session_info[
"reason"]
crack_type = session_info["crack_type"]
remaining = session_info["time_estimated"]
progress = "%s %%" % session_info["progress"]
speed = session_info["speed"]
else:
status = "Inexistant"
crack_type = ""
rule_mask = ""
wordlist = ""
remaining = ""
progress = ""
speed = ""
buttons = "<button title='Remove session' style='margin-left: 5px' type='button' class='btn btn-danger btn-xs' onClick='session_action(\"%s\", \"%s\")'><span class='glyphicon glyphicon-remove'></span></button>" % (
session.name, "remove")
data.append({
"node": node.name,
"type": crack_type,
"rule_mask": rule_mask,
"wordlist": wordlist,
"status": status,
"remaining": remaining,
"progress": progress,
"speed": speed,
"buttons": buttons,
})
except ConnectionRefusedError:
data.append({
"node": node.name,
"type": "",
"rule_mask": "",
"wordlist": "",
"status": "",
"remaining": "",
"progress": "",
"speed": "",
"buttons": "",
})
result["data"] = data
for query in connection.queries[-1:]:
print(query["sql"])
print(query["time"])
return HttpResponse(json.dumps(result), content_type="application/json")
def api_hashfiles(request):
if request.method == "POST":
params = request.POST
else:
params = request.GET
result = {
"draw": params["draw"],
}
session_status = {}
node_object_list = Node.objects.all()
for node in node_object_list:
try:
hashcat_api = HashcatAPI(node.hostname, node.port, node.username,
node.password)
hashcat_info = hashcat_api.get_hashcat_info()
for session in hashcat_info["sessions"]:
session_status[session["name"]] = session["status"]
except ConnectionRefusedError:
pass
except requests.exceptions.ConnectTimeout:
pass
sort_index = [
"name", "name", "hash_type", "line_count", "cracked_count", "name",
"name", "name"
][int(params["order[0][column]"])]
sort_index = "-" + sort_index if params[
"order[0][dir]"] == "desc" else sort_index
hashfile_list = Hashfile.objects.filter(
name__contains=params["search[value]"]).order_by(
sort_index)[int(params["start"]):int(params["start"]) +
int(params["length"])]
data = []
for hashfile in hashfile_list:
buttons = "<a href='%s'><button title='Export cracked results' class='btn btn-info btn-xs' ><span class='glyphicon glyphicon-download-alt'></span></button></a>" % reverse(
'Hashcat:export_cracked', args=(hashfile.id, ))
buttons += "<button title='Create new cracking session' style='margin-left: 5px' class='btn btn-primary btn-xs' data-toggle='modal' data-target='#action_new' data-hashfile='%s' data-hashfile_id=%d ><span class='glyphicon glyphicon-plus'></span></button>" % (
hashfile.name, hashfile.id)
buttons += "<button title='Remove hashfile' style='margin-left: 5px' type='button' class='btn btn-danger btn-xs' onClick='hashfile_action(%d, \"%s\")'><span class='glyphicon glyphicon-remove'></span></button>" % (
hashfile.id, "remove")
buttons = "<div style='float: right'>%s</div>" % buttons
running_session_count = 0
total_session_count = Session.objects.filter(
hashfile_id=hashfile.id).count()
for session in Session.objects.filter(hashfile_id=hashfile.id):
try:
if session_status[session.name] == "Running":
running_session_count += 1
except KeyError:
pass
data.append({
"DT_RowId":
"row_%d" % hashfile.id,
"name":
"<a href='%s'>%s<a/>" %
(reverse('Hashcat:hashfile', args=(hashfile.id, )), hashfile.name),
"type":
"Plaintext" if hashfile.hash_type == -1 else
Hashcat.get_hash_types()[hashfile.hash_type]["name"],
"line_count":
humanize.intcomma(hashfile.line_count),
"cracked":
"%s (%.2f%%)" %
(humanize.intcomma(hashfile.cracked_count),
hashfile.cracked_count / hashfile.line_count * 100)
if hashfile.line_count > 0 else "0",
"username_included":
"yes" if hashfile.username_included else "no",
"sessions_count":
"%d / %d" % (running_session_count, total_session_count),
"buttons":
buttons,
})
result["data"] = data
result["recordsTotal"] = Hashfile.objects.all().count()
result["recordsFiltered"] = Hashfile.objects.filter(
name__contains=params["search[value]"]).count()
for query in connection.queries[-4:]:
print(query["sql"])
print(query["time"])
return HttpResponse(json.dumps(result), content_type="application/json")
def node(request, node_name, error_msg=""):
context = {}
context["Section"] = "Nodes"
if len(error_msg) != 0:
context["error_message"] = error_msg
template = loader.get_template('Nodes/node.html')
return HttpResponse(template.render(context, request))
node_item = get_object_or_404(Node, name=node_name)
context["node_name"] = node_item.name
context["hostname"] = node_item.hostname
context["port"] = node_item.port
if request.method == 'POST':
if request.POST["action"] == "synchronize":
hashcat_api = HashcatAPI(node_item.hostname, node_item.port,
node_item.username, node_item.password)
node_data = hashcat_api.get_hashcat_info()
rule_list = Hashcat.get_rules()
mask_list = Hashcat.get_masks()
wordlist_list = Hashcat.get_wordlists()
for rule in rule_list:
if not rule["name"] in node_data["rules"]:
hashcat_api.upload_rule(rule["name"],
open(rule["path"], 'rb').read())
elif node_data["rules"][rule["name"]]["md5"] != rule["md5"]:
hashcat_api.upload_rule(rule["name"],
open(rule["path"], 'rb').read())
for mask in mask_list:
if not mask["name"] in node_data["masks"]:
hashcat_api.upload_mask(mask["name"],
open(mask["path"], 'rb').read())
elif node_data["masks"][mask["name"]]["md5"] != mask["md5"]:
hashcat_api.upload_mask(mask["name"],
open(mask["path"], 'rb').read())
for wordlist in wordlist_list:
if not wordlist["name"] in node_data["wordlists"]:
hashcat_api.upload_wordlist(
wordlist["name"],
open(wordlist["path"], 'rb').read())
elif node_data["wordlists"][
wordlist["name"]]["md5"] != wordlist["md5"]:
hashcat_api.upload_wordlist(
wordlist["name"],
open(wordlist["path"], 'rb').read())
hashcat_api = HashcatAPI(node_item.hostname, node_item.port,
node_item.username, node_item.password)
node_data = hashcat_api.get_hashcat_info()
if node_data["response"] == "error":
return node(request, node_name, error_msg=node_data["message"])
rule_list = Hashcat.get_rules()
mask_list = Hashcat.get_masks()
wordlist_list = Hashcat.get_wordlists()
for rule in rule_list:
if not rule["name"] in node_data["rules"]:
rule["synchro"] = False
elif node_data["rules"][rule["name"]]["md5"] != rule["md5"]:
rule["synchro"] = False
else:
rule["synchro"] = True
for mask in mask_list:
if not mask["name"] in node_data["masks"]:
mask["synchro"] = False
elif node_data["masks"][mask["name"]]["md5"] != mask["md5"]:
mask["synchro"] = False
else:
mask["synchro"] = True
for wordlist in wordlist_list:
if not wordlist["name"] in node_data["wordlists"]:
wordlist["synchro"] = False
elif node_data["wordlists"][
wordlist["name"]]["md5"] != wordlist["md5"]:
wordlist["synchro"] = False
else:
wordlist["synchro"] = True
hash_type_list = sorted(node_data["hash_types"], key=itemgetter('id'))
context["version"] = node_data["version"]
context["rule_list"] = rule_list
context["mask_list"] = mask_list
context["wordlist_list"] = wordlist_list
context["hash_type_list"] = hash_type_list
template = loader.get_template('Nodes/node.html')
return HttpResponse(template.render(context, request))
