01-06-2020, 12:11 PM
I don't know if this will be of any use to anyone, but I hacked it together to do some of the boring bits, like recognising what hash type a hash might be, running some unpacking scripts if needed, choosing a suitable dictionary and ruleset, etc.
https://github.com/blacktraffic/hashcrack
It will at least tell you what it's /trying/ to do, if you grep for RUN in the output:
The general strategy has been reasonably well-tested at a couple of pentest outfits; the actual code is a bit ropey I'm sorry.
https://github.com/blacktraffic/hashcrack
It will at least tell you what it's /trying/ to do, if you grep for RUN in the output:
Code:
C:\hashcrack> python hashcrack.py -i 32hex.txt
Running under win32
Reading file: 32hex.txt
Autodetected NTLM. Probably - or, it might be MD5 (100)x
Ambigious input; could be NTLM, MD5 or MySQL5. Please specify on command line with -t md5 or -t ntlm. For now, enter "ntlm" (default), "md5" : md5
Cracking hash type 0
Selected rules: l33tpasspro.rule, dict Top32Million-probable.txt, inc 0
Using dict and rules
cwd C:\hashcrack\hashcat-5.1.0
RUN: hashcat64.exe -a0 -m 0 32hex.txt dict\Top32Million-probable.txt -r rules\l33tpasspro.rule --loopback -O --bitmap-max=26 -w3 --session hc
The general strategy has been reasonably well-tested at a couple of pentest outfits; the actual code is a bit ropey I'm sorry.