Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 3583d6d

Browse files
stamparmstamparm
committed
quick fixes, more work to do
1 parent 0126b8e commit 3583d6d

2 files changed

Lines changed: 28 additions & 24 deletions

File tree

lib/core/common.py

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -172,13 +172,16 @@ def append(self, value):
172172
def closeFP(self):
173173
if self.fp:
174174
self.fp.close()
175+
self.fp = None
175176

176177
def next(self):
178+
retVal = None
177179
try:
178-
return self.iter.next().rstrip()
180+
retVal = self.iter.next().rstrip()
179181
except StopIteration:
180182
self.adjust()
181-
return self.iter.next().rstrip()
183+
retVal = self.iter.next().rstrip()
184+
return retVal
182185

183186
def percentage(self):
184187
retVal = 0

lib/utils/hash.py

Lines changed: 23 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -239,11 +239,10 @@ def attackCachedUsersPasswords():
239239
if kb.data.cachedUsersPasswords:
240240
results = dictionaryAttack(kb.data.cachedUsersPasswords)
241241

242-
for result in results:
243-
for (user, hash_, password) in result:
244-
for i in xrange(len(kb.data.cachedUsersPasswords[user])):
245-
if kb.data.cachedUsersPasswords[user][i] and hash_.lower() in kb.data.cachedUsersPasswords[user][i].lower():
246-
kb.data.cachedUsersPasswords[user][i] += "%s clear-text password: %s" % ('\n' if kb.data.cachedUsersPasswords[user][i][-1] != '\n' else '', password)
242+
for (user, hash_, password) in results:
243+
for i in xrange(len(kb.data.cachedUsersPasswords[user])):
244+
if kb.data.cachedUsersPasswords[user][i] and hash_.lower() in kb.data.cachedUsersPasswords[user][i].lower():
245+
kb.data.cachedUsersPasswords[user][i] += "%s clear-text password: %s" % ('\n' if kb.data.cachedUsersPasswords[user][i][-1] != '\n' else '', password)
247246

248247
def attackDumpedTable():
249248
if kb.data.dumpedTable:
@@ -290,20 +289,19 @@ def attackDumpedTable():
290289

291290
results = dictionaryAttack(attack_dict)
292291

293-
for result in results:
294-
for (user, hash_, password) in result:
295-
for i in range(count):
296-
for column in columns:
297-
if column == colUser or column == '__infos__':
298-
continue
299-
if len(table[column]['values']) <= i:
300-
continue
292+
for (user, hash_, password) in results:
293+
for i in range(count):
294+
for column in columns:
295+
if column == colUser or column == '__infos__':
296+
continue
297+
if len(table[column]['values']) <= i:
298+
continue
301299

302-
value = table[column]['values'][i]
300+
value = table[column]['values'][i]
303301

304-
if all(map(lambda x: x, [value, hash_])) and value.lower() == hash_.lower():
305-
table[column]['values'][i] += " (%s)" % password
306-
table[column]['length'] = max(table[column]['length'], len(table[column]['values'][i]))
302+
if all(map(lambda x: x, [value, hash_])) and value.lower() == hash_.lower():
303+
table[column]['values'][i] += " (%s)" % password
304+
table[column]['length'] = max(table[column]['length'], len(table[column]['values'][i]))
307305

308306
def hashRecognition(value):
309307
retVal = None
@@ -363,7 +361,7 @@ def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, pr
363361
attack_info.remove(item)
364362

365363
elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
366-
status = 'current status: %d%s (%s...)' % (proc_count * kb.wordlist.percentage(), '%', word.ljust(5)[:5])
364+
status = 'current status: %d%s (%s...)' % (proc_count * wordlist.percentage(), '%', word.ljust(5)[:5])
367365
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
368366

369367
except KeyboardInterrupt:
@@ -382,6 +380,8 @@ def __bruteProcessVariantB(user, hash_, kwargs, hash_regex, wordlist, suffix, re
382380

383381
try:
384382
for word in wordlist:
383+
if found.value:
384+
break
385385

386386
current = __functions__[hash_regex](password = word, uppercase = False, **kwargs)
387387
count += 1
@@ -411,9 +411,8 @@ def __bruteProcessVariantB(user, hash_, kwargs, hash_regex, wordlist, suffix, re
411411
dataToStdout(infoMsg, True)
412412

413413
found.value = True
414-
break
415414
elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
416-
status = 'current status: %d%s (%s...)' % (proc_count * kb.wordlist.percentage(), '%', word.ljust(5)[:5])
415+
status = 'current status: %d%s (%s...)' % (proc_count * wordlist.percentage(), '%', word.ljust(5)[:5])
417416
if not user.startswith(DUMMY_USER_PREFIX):
418417
status += ' (user: %s)' % user
419418
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
@@ -582,7 +581,8 @@ def dictionaryAttack(attack_dict):
582581
warnMsg = "user aborted during dictionary attack phase"
583582
logger.warn(warnMsg)
584583

585-
results.extend([retVal.get() for i in xrange(retVal.qsize())] if retVal else [])
584+
while not retVal.empty():
585+
results.append(retVal.get())
586586

587587
clearConsoleLine()
588588

@@ -649,7 +649,8 @@ class Value():
649649
warnMsg = "user aborted during dictionary attack phase"
650650
logger.warn(warnMsg)
651651

652-
results.extend([retVal.get() for i in xrange(retVal.qsize())] if retVal else [])
652+
while not retVal.empty():
653+
results.append(retVal.get())
653654

654655
clearConsoleLine()
655656

0 commit comments

Comments
 (0)