diff --git a/config.json.example b/config.json.example index 6780e5c..2df0992 100644 --- a/config.json.example +++ b/config.json.example @@ -12,5 +12,6 @@ "hcatThoroughCombinatorMasks": ["0","1","2","3","4","5","6","7","8","9"," ","-","_","+",",","!","#","$","\"","%","&","'","(",")","*",",",".","/",":",";","<","=",">","?","@","[","\\","]","^","`","{","|","}","~"], "hcatThoroughBaseList": "rockyou.txt", "hcatGoodMeasureBaseList": "rockyou.txt", + "hcatRules": ["best64.rule","d3ad0ne.rule", "T0XlC.rule", "dive.rule"], "hcatPrinceBaseList": "rockyou.txt" } \ No newline at end of file diff --git a/hate_crack.py b/hate_crack.py index f64dd83..4ff4587 100755 --- a/hate_crack.py +++ b/hate_crack.py @@ -36,6 +36,12 @@ hcatTuning = config_parser['hcatTuning'] hcatWordlists = config_parser['hcatWordlists'] hcatOptimizedWordlists = config_parser['hcatOptimizedWordlists'] +try: + hcatRules = config_parser['hcatRules'] +except KeyError as e: + print('{0} is not defined in config.json using defaults from config.json.example'.format(e)) + hcatRules = default_config['hcatRules'] + try: hcatDictionaryWordlist = config_parser['hcatDictionaryWordlist'] except KeyError as e: @@ -152,7 +158,7 @@ def ascii_art(): \ Y // __ \| | \ ___/ \ \____| | \// __ \\ \___| < \___|_ /(____ /__| \___ >____\______ /|__| (____ /\___ >__|_ \ \/ \/ \/_____/ \/ \/ \/ \/ - Version 1.05 + Version 1.06 """) @@ -804,20 +810,42 @@ def hcatRecycle(hcatHashType, hcatHashFile, hcatNewPasswords): # Overwrite working file with updated converted words with open(working_file, 'w') as f: f.write("\n".join(converted)) + for rule in hcatRules: + hcatProcess = subprocess.Popen( + "{hcatBin} -m {hash_type} {hash_file} --session {session_name} --remove -o {hash_file}.out {hash_file}.working " + "-r {hcatPath}/rules/{rule} {tuning} --potfile-path={hate_path}/hashcat.pot".format( + rule=rule, + hcatBin=hcatBin, + hash_type=hcatHashType, + hash_file=hcatHashFile, + session_name=os.path.basename(hcatHashFile), + hcatPath=hcatPath, + tuning=hcatTuning, + hate_path=hate_path), shell=True) + try: + hcatProcess.wait() + except KeyboardInterrupt: + hcatProcess.kill() +def hcatRules_attack(hcatHashType, hcatHashFile, hcatRules): + global hcatProcess + for rule in hcatRules: hcatProcess = subprocess.Popen( - "{hcatBin} -m {hash_type} {hash_file} --session {session_name} --remove -o {hash_file}.out {hash_file}.working " - "-r {hcatPath}/rules/d3ad0ne.rule {tuning} --potfile-path={hate_path}/hashcat.pot".format( + "{hcatBin} -m {hcatHashType} {hash_file} --session {session_name} --remove -o {hash_file}.out {optimized_wordlists}/* " + "-r {hcatPath}/rules/{current_rule} {tuning} --potfile-path={hate_path}/hashcat.pot".format( + hcatPath=hcatPath, hcatBin=hcatBin, - hash_type=hcatHashType, + hcatHashType=hcatHashType, hash_file=hcatHashFile, session_name=os.path.basename(hcatHashFile), - hcatPath=hcatPath, + optimized_wordlists=hcatOptimizedWordlists, tuning=hcatTuning, + current_rule=rule, hate_path=hate_path), shell=True) try: hcatProcess.wait() except KeyboardInterrupt: + print('Killing PID {0}...'.format(str(hcatProcess.pid))) hcatProcess.kill() # creating the combined output for pwdformat + cleartext @@ -856,15 +884,46 @@ def cleanup(): #incase someone mashes the Control+C it will still cleanup cleanup() -# Quick Dictionary Attack with Optional Chained Best64 Rules +# Quick Dictionary Attack with Optional Chained Rules def quick_crack(): - hcatChainsInput = int(input("\nHow many times would you like to chain the best64.rule? (1): ") or 1) - hcatChains = '' - if hcatChainsInput > 0: - for n in range(1, hcatChainsInput): - hcatChains += "-r {hcatPath}/rules/best64.rule ".format(hcatPath=hcatPath) + # Rules Attack + rule_choice = None + selected_hcatRules = [] - hcatQuickDictionary(hcatHashType, hcatHashFile, hcatChains) + print("\nWhich rule(s) would you like to run?") + rule_number = 1 + for rule in hcatRules: + print('({0}) {1}'.format(rule_number, rule)) + rule_number += 1 + print(('(99) YOLO...run all of the rules')) + while rule_choice is None: + rule_choice = input('Enter Comma separated list of rules you would like to run. To run rules chained use the + symbol.\n' + 'For example 1+1 will run {0} chained twice and 1,2 would run {0} and then {1} sequentially.\n' + 'Choose wisely: '.format(hcatRules[0], hcatRules[1])).split(',') + + if '99' not in rule_choice: + for choice in rule_choice: + if '+' in choice: + combined_choice = '' + choices = choice.split('+') + for rule in choices: + try: + combined_choice = '{0} {1}'.format(combined_choice, '-r {hcatPath}/rules/{selected_rule}'.format(selected_rule=hcatRules[int(rule) - 1], + hcatPath=hcatPath)) + except: + continue + selected_hcatRules.append(combined_choice) + else: + try: + selected_hcatRules.append(hcatPath + '/rules/' + hcatRules[int(choice) - 1]) + except IndexError: + continue + else: + for rule in hcatRules: + selected_hcatRules.append('-r {hcatPath}/rules/{selected_rule}'.format(selected_rule=rule, hcatPath=hcatPath)) + + for chain in selected_hcatRules: + hcatQuickDictionary(hcatHashType, hcatHashFile, chain) # Extensive Pure_Hate Methodology diff --git a/readme.md b/readme.md index 0befcaf..9b07a2c 100644 --- a/readme.md +++ b/readme.md @@ -57,7 +57,7 @@ $ ./hate_crack.py 1000 \ Y // __ \| | \ ___/ \ \____| | \// __ \\ \___| < \___|_ /(____ /__| \___ >____\______ /|__| (____ /\___ >__|_ \ \/ \/ \/_____/ \/ \/ \/ \/ - Version 1.05 + Version 1.06 (1) Quick Crack @@ -83,7 +83,23 @@ Select a task: ------------------------------------------------------------------- #### Quick Crack * Runs a dictionary attack using all wordlists configured in your "hcatOptimizedWordlists" path -and applies the "best64.rule", with the option of chaining the "best64.rule". +and optionally applies a rule that can be selected from a list by ID number. Multiple rules can be selected by using a +comma separated list, and chains can be created by using the '+' symbol. + +``` +Which rule(s) would you like to run? +(1) best64.rule +(2) d3ad0ne.rule +(3) T0XlC.rule +(4) dive.rule +(99) YOLO...run all of the rules +Enter Comma separated list of rules you would like to run. To run rules chained use the + symbol. +For example 1+1 will run best64.rule chained twice and 1,2 would run best64.rule and then d3ad0ne.rule sequentially. +Choose wisely: +``` + + + #### Extensive Pure_Hate Methodology Crack Runs several attack methods provided by Martin Bos (formerly known as pure_hate) @@ -161,9 +177,11 @@ https://jeffh.net/2018/04/26/combinator_methods/ - Hybrid middle/end attack: rockyou.txt + ?n + rockyou.txt + ?n - Hybrid middle/end attack: rockyou.txt + ?s + rockyou.txt + ?s - ------------------------------------------------------------------- ### Version History +Version 1.06 + Updated the quick crack and recylcing functions to use user customizable rules. + Version 1.05 Abstraction of rockyou.txt so that you can use whatever dictionary that you would like to specified in the config.json Minor change the quickcrack that allows you to specify 0 for number of times best64 is chained