personal wrapper script that got out of hand, 'hashcrack'
#1
I don't know if this will be of any use to anyone, but I hacked it together to do some of the boring bits, like recognising what hash type a hash might be, running some unpacking scripts if needed, choosing a suitable dictionary and ruleset, etc. 

https://github.com/blacktraffic/hashcrack

It will at least tell you what it's /trying/ to do, if you grep for RUN in the output: 

Code:
C:\hashcrack> python hashcrack.py -i 32hex.txt
Running under win32
Reading file: 32hex.txt
Autodetected NTLM. Probably - or, it might be MD5 (100)x
Ambigious input; could be NTLM, MD5 or MySQL5. Please specify on command line with -t md5 or -t ntlm. For now, enter "ntlm" (default), "md5" : md5
Cracking hash type 0
Selected rules: l33tpasspro.rule, dict Top32Million-probable.txt, inc 0
Using dict and rules
cwd C:\hashcrack\hashcat-5.1.0
RUN: hashcat64.exe -a0 -m 0 32hex.txt dict\Top32Million-probable.txt -r rules\l33tpasspro.rule  --loopback  -O --bitmap-max=26  -w3  --session hc

The general strategy has been reasonably well-tested at a couple of pentest outfits; the actual code is a bit ropey I'm sorry.
Reply


Messages In This Thread
personal wrapper script that got out of hand, 'hashcrack' - by blacktraffic - 01-06-2020, 12:11 PM