Merge remote-tracking branch 'remotes/Trusted_SEC/master'

# Conflicts: # hate_crack.py
2026-01-05 01:28:03 -08:00 · 2018-04-28 18:03:40 -07:00
parent 913d44d936 5810130a22
commit 4e2dee0133
2 changed files with 67 additions and 8 deletions
--- a/hate_crack.py
+++ b/hate_crack.py
@@ -503,18 +503,21 @@ def hcatRecycle(hcatHashType, hcatHashFile, hcatNewPasswords):
                hcatPath=hcatPath,
                tuning=hcatTuning,
                hate_path=hate_path), shell=True).wait()
+# creating the combined output for pwdformat + cleartext
+def combine_ntlm_output():
+    with open(hcatHashFileOrig + ".out", "w+") as hcatCombinedHashes:
+        with open(hcatHashFile + ".out", "r") as hcatCrackedFile:
+            for crackedLine in hcatCrackedFile:
+                with open(hcatHashFileOrig, "r") as hcatOrigFile:
+                    for origLine in hcatOrigFile:
+                        if crackedLine.split(":")[0] == origLine.split(":")[3]:
+                            hcatCombinedHashes.write(origLine.strip() + crackedLine.split(":")[1])

 # Cleanup Temp Files
 def cleanup():
    if hcatHashType == "1000":
        print("\nComparing cracked hashes to original file...")
-        with open(hcatHashFileOrig + ".out", "w+") as hcatCombinedHashes:
-            with open(hcatHashFile + ".out", "r") as hcatCrackedFile:
-                for crackedLine in hcatCrackedFile:
-                    with open(hcatHashFileOrig, "r") as hcatOrigFile:
-                        for origLine in hcatOrigFile:
-                            if crackedLine.split(":")[0] == origLine.split(":")[3]:
-                                hcatCombinedHashes.write(origLine.strip() + crackedLine.split(":")[1])
+        combine_ntlm_output()
    print("\nCracked passwords combined with original hashes in %s" % (hcatHashFileOrig + ".out"))
    print('\nCleaning up temporary files...')
    if os.path.exists(hcatHashFile + ".masks"):
@@ -680,6 +683,52 @@ def show_results():
    else:
        print("No hashes were cracked :(")

+# Exports output to excel file
+def export_excel():
+
+    # Check for openyxl dependancy for export
+    try:
+        import openpyxl
+    except:
+        sys.stderr.write('You must install openpyxl first using \'pip install openpyxl\' or \'pip3 install openpyxl\'\n')
+        return
+
+    if hcatHashType == "1000":
+        combine_ntlm_output()
+        output = openpyxl.Workbook()
+        current_ws = output.create_sheet(title='hate_crack output', index=0)
+        current_row = 2
+        current_ws['A1'] = 'Username'
+        current_ws['B1'] = 'SID'
+        current_ws['C1'] = 'LM Hash'
+        current_ws['D1'] = 'NTLM Hash'
+        current_ws['E1'] = 'Clear-Text Password'
+        with open(hcatHashFileOrig+'.out') as input_file:
+            for line in input_file:
+                matches = re.match(r'(^[^:]+):([0-9]+):([a-z0-9]{32}):([a-z0-9]{32}):::(.*)',line.rstrip('\r\n'))
+                username = matches.group(1)
+                sid = matches.group(2)
+                lm = matches.group(3)
+                ntlm = matches.group(4)
+                try:
+                    clear_text = matches.group(5)
+                    match = re.search(r'^\$HEX\[(\S+)\]', clear_text)
+                    if match:
+                        clear_text = binascii.unhexlify(match.group(1)).decode('utf-8')
+                except:
+                    clear_text = ''
+                current_ws['A' + str(current_row)] = username
+                current_ws['B' + str(current_row)] = sid
+                current_ws['C' + str(current_row)] = lm
+                current_ws['D' + str(current_row)] = ntlm
+                current_ws['E' + str(current_row)] = clear_text
+                current_row += 1
+            output.save(hcatHashFile+'.xlsx')
+            print("Output exported succesfully to {0}".format(hcatHashFile+'.xlsx'))
+    else:
+        sys.stderr.write('Excel output only supported for pwdformat for NTLM hashes')
+        return
+

 # Show README
 def show_readme():
@@ -770,6 +819,8 @@ def main():
        print("\t(8) Pathwell Top 100 Mask Brute Force Crack")
        print("\t(9) PRINCE Attack")
        print("\t(10) YOLO Combinator Attack")
+        print("\n\t(96) Export Output to Excel Format")
+        print("\t(97) Display Cracked Hashes")
        print("\t(11) Middle Combinator Attack")
        print("\t(12) Thorough Combinator Attack")
        print("\n\t(97) Display Cracked Hashes")
@@ -785,6 +836,7 @@ def main():
                   "8": pathwell_crack,
                   "9": prince_attack,
                   "10": yolo_combination,
+                   "96": export_excel,
 		           "11": middle_combinator,
                   "12": thorough_combinator,
                   "97": show_results,
--- a/readme.md
+++ b/readme.md
@@ -58,7 +58,7 @@ $ ./hate_crack.py <hash file> 1000
 \___|_  /(____  /__|  \___  >____\______  /|__|  (____  /\___  >__|_ \
       \/      \/          \/_____/      \/            \/     \/     \/
                         Public Release
-                          Version 1.00
+                          Version 1.02
  

 	(1) Quick Crack
@@ -74,6 +74,7 @@ $ ./hate_crack.py <hash file> 1000
 	(11) Middle Combinator Attack
 	(12) Thorough Combinator Attack

+	(96) Export Output to Excel Format
 	(97) Display Cracked Hashes
 	(98) Display README
 	(99) Quit
@@ -164,5 +165,11 @@ https://jeffh.net/2018/04/26/combinator_methods/

 -------------------------------------------------------------------
 ### Version History
+Version 1.02
+  Introduction of new feature to export the output of pwdump formated NTDS outputs to excel with clear-text passwords
+
+Version 1.01
+  Minor bug fixes
+
 Version 1.00
  Initial public release