Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 7877a93

Browse files
stamparmstamparm
committed
more cosmetics regarding dictionary attack
1 parent e3b3e05 commit 7877a93

2 files changed

Lines changed: 26 additions & 21 deletions

File tree

lib/core/common.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1259,6 +1259,9 @@ def getConsoleWidth(default=80):
12591259

12601260
return width if width else default
12611261

1262+
def clearConsoleLine():
1263+
dataToStdout("\r%s\r" % (" " * (getConsoleWidth() - 1)))
1264+
12621265
def parseXmlFile(xmlFile, handler):
12631266
stream = StringIO(readCachedFileContent(xmlFile))
12641267
parse(stream, handler)

lib/utils/hash.py

Lines changed: 23 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -18,8 +18,8 @@
1818
from extra.pydes.pyDes import CBC
1919
from lib.core.common import checkFile
2020
from lib.core.common import conf
21+
from lib.core.common import clearConsoleLine
2122
from lib.core.common import dataToStdout
22-
from lib.core.common import getConsoleWidth
2323
from lib.core.common import getFileItems
2424
from lib.core.common import getPublicTypeMembers
2525
from lib.core.common import paths
@@ -188,7 +188,7 @@ def sha1_generic_passwd(password, uppercase=False):
188188
}
189189

190190
def dictionaryAttack():
191-
rehash = None
191+
hash_regex = None
192192
attack_info = []
193193
results = []
194194

@@ -208,41 +208,41 @@ def dictionaryAttack():
208208
continue
209209

210210
elif re.match(regex, hash_):
211-
rehash = regex
211+
hash_regex = regex
212212
infoMsg = "using hash method: '%s'" % name
213213
logger.info(infoMsg)
214214
break
215215

216-
if rehash:
216+
if hash_regex:
217217
break
218218

219-
if rehash:
219+
if hash_regex:
220220
break
221221

222-
if rehash:
222+
if hash_regex:
223223
for (user, hashes) in kb.data.cachedUsersPasswords.items():
224224
for hash_ in hashes:
225225
if not hash_:
226226
continue
227227

228228
hash_ = hash_.split()[0]
229229

230-
if re.match(rehash, hash_):
230+
if re.match(hash_regex, hash_):
231231
hash_ = hash_.lower()
232232

233-
if rehash in (HASH.MYSQL, HASH.MYSQL_OLD, HASH.MD5_GENERIC, HASH.SHA1_GENERIC):
233+
if hash_regex in (HASH.MYSQL, HASH.MYSQL_OLD, HASH.MD5_GENERIC, HASH.SHA1_GENERIC):
234234
attack_info.append([(user, hash_), {}])
235235

236-
elif rehash in (HASH.ORACLE_OLD, HASH.POSTGRES):
236+
elif hash_regex in (HASH.ORACLE_OLD, HASH.POSTGRES):
237237
attack_info.append([(user, hash_), {'username': user}])
238238

239-
elif rehash in (HASH.ORACLE):
239+
elif hash_regex in (HASH.ORACLE):
240240
attack_info.append([(user, hash_), {'salt': hash_[-20:]}])
241241

242-
elif rehash in (HASH.MSSQL, HASH.MSSQL_OLD):
242+
elif hash_regex in (HASH.MSSQL, HASH.MSSQL_OLD):
243243
attack_info.append([(user, hash_), {'salt': hash_[6:14]}])
244244

245-
if rehash == HASH.ORACLE_OLD: #it's the slowest of all methods hence smaller default dict
245+
if hash_regex == HASH.ORACLE_OLD: #it's the slowest of all methods hence smaller default dict
246246
message = "what's the dictionary's location? [%s]" % paths.ORACLE_DEFAULT_PASSWD
247247
dictpath = readInput(message, default=paths.ORACLE_DEFAULT_PASSWD)
248248

@@ -261,45 +261,47 @@ def dictionaryAttack():
261261

262262
length = len(wordlist)
263263

264-
if rehash in (HASH.MYSQL, HASH.MYSQL_OLD, HASH.MD5_GENERIC, HASH.SHA1_GENERIC):
264+
if hash_regex in (HASH.MYSQL, HASH.MYSQL_OLD, HASH.MD5_GENERIC, HASH.SHA1_GENERIC):
265265
count = 0
266266

267267
for word in wordlist:
268268
count += 1
269-
current = __functions__[rehash](password = word, uppercase = False)
269+
current = __functions__[hash_regex](password = word, uppercase = False)
270270

271271
for item in attack_info:
272272
((user, hash_), _) = item
273273

274274
if hash_ == current:
275275
results.append((user, hash_, word))
276-
dataToStdout("\r[%s] [INFO] found: %s%s\n" % (time.strftime("%X"), word, 40*' '), True)
276+
clearConsoleLine()
277+
dataToStdout("[%s] [INFO] found: %s\n" % (time.strftime("%X"), word), True)
277278
attack_info.remove(item)
278279

279-
elif count % 1117 == 0 or count == length or rehash in (HASH.ORACLE_OLD):
280+
elif count % 1117 == 0 or count == length or hash_regex in (HASH.ORACLE_OLD):
280281
status = '%d/%d words (%d%s)' % (count, length, round(100.0*count/length), '%')
281282
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
282283

283-
dataToStdout("\r%s\r" % (" "*(getConsoleWidth()-1)))
284+
clearConsoleLine()
284285

285286
else:
286287
for ((user, hash_), kwargs) in attack_info:
287288
count = 0
288289

289290
for word in wordlist:
290-
current = __functions__[rehash](password = word, uppercase = False, **kwargs)
291+
current = __functions__[hash_regex](password = word, uppercase = False, **kwargs)
291292
count += 1
292293

293294
if hash_ == current:
294295
results.append((user, hash_, word))
295-
dataToStdout("\r[%s] [INFO] found: %s%s\n" % (time.strftime("%X"), word, 40*' '), True)
296+
clearConsoleLine()
297+
dataToStdout("[%s] [INFO] found: %s\n" % (time.strftime("%X"), word), True)
296298
break
297299

298-
elif count % 1117 == 0 or count == length or rehash in (HASH.ORACLE_OLD):
300+
elif count % 1117 == 0 or count == length or hash_regex in (HASH.ORACLE_OLD):
299301
status = '%d/%d words (%d%s) (user: %s)' % (count, length, round(100.0*count/length), '%', user)
300302
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
301303

302-
dataToStdout("\r%s\r" % (" "*(getConsoleWidth()-1)))
304+
clearConsoleLine()
303305

304306
for (user, hash_, password) in results:
305307
for i in xrange(len(kb.data.cachedUsersPasswords[user])):

0 commit comments

Comments
 (0)