Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit c5ae967

Browse files
stamparmstamparm
committed
Potential fix for an Issue #379 
1 parent 6cab3d4 commit c5ae967

1 file changed

Lines changed: 10 additions & 5 deletions

File tree

lib/utils/hash.py

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -334,12 +334,17 @@ def attackCachedUsersPasswords():
334334
if kb.data.cachedUsersPasswords:
335335
results = dictionaryAttack(kb.data.cachedUsersPasswords)
336336

337+
lut = {}
337338
for (_, hash_, password) in results:
338-
for user in kb.data.cachedUsersPasswords.keys():
339-
for i in xrange(len(kb.data.cachedUsersPasswords[user])):
340-
if kb.data.cachedUsersPasswords[user][i] and hash_.lower() in kb.data.cachedUsersPasswords[user][i].lower()\
341-
and 'clear-text password' not in kb.data.cachedUsersPasswords[user][i].lower():
342-
kb.data.cachedUsersPasswords[user][i] += "%s clear-text password: %s" % ('\n' if kb.data.cachedUsersPasswords[user][i][-1] != '\n' else '', password)
339+
lut[hash_.lower()] = password
340+
341+
for user in kb.data.cachedUsersPasswords.keys():
342+
for i in xrange(len(kb.data.cachedUsersPasswords[user])):
343+
_ = kb.data.cachedUsersPasswords[user][i]
344+
if _:
345+
hash_ = _.split()[0].lower()
346+
if hash_ in lut and "clear-text password" not in _:
347+
kb.data.cachedUsersPasswords[user][i] += "%s clear-text password: %s" % ('\n' if kb.data.cachedUsersPasswords[user][i][-1] != '\n' else '', lut[hash_])
343348

344349
def attackDumpedTable():
345350
if kb.data.dumpedTable:

0 commit comments

Comments
 (0)