Release v3.7 (#18)

* Added 20 to parameters.sh * Changed all processors * Introduced hash-cracker.conf static config file * Removed mandatory and optional checks * Merged mandatory and optional + extra checks * Function edit + version * VERSION.md * README.md * Fix * Fix * Re-enabled tasks * Small change
sensepost · Aug 4, 2023 · 098f43a · 098f43a
1 parent 720550c
commit 098f43a
Show file tree

Hide file tree

Showing 33 changed files with 226 additions and 120 deletions.
diff --git a/README.md b/README.md
@@ -32,12 +32,23 @@ Note: flags are optional, by default hash-cracker will run with optimized kernel
                  Disable the use of optimized kernels (un-limits password length)
         --hwmon-enable
                  Enable hashcat to do hardware monitoring
-        -m / --module-info
+        --module-info
                  Display information around modules/options
         -s [hash-name] / --search [hash-name]
                  Will search local DB for hash module. E.g. '-s ntlm'
+        --static
+                 Use the 'hash-cracker.conf' static configuration file.
 ```
 
+## Static Configuration File
+
+By default, hash-cracker will run in 'ask you all variable' mode. When specifying `--static` the `hash-cracker.conf` file is used for some basic settings. You can specify:
+
+- `HASHCAT` - binary path where you've installed [hashcat](https://github.com/hashcat/hashcat)
+- `HASHTYPE` - mode hashcat will run in (e.g. 1000 (NTLM))
+- `HASHLIST` - file containing target hashes
+- `POTFILE` - specify the potfile you want to use / create
+
 ## Example Hashes
 
 Example hashes are provided in 3 formats within the `example-hashes` directory.

diff --git a/VERSION.md b/VERSION.md
@@ -1,5 +1,12 @@
 # Version log
 
+## v3.7 - Just before
+
+* Introduced `hash-cracker.conf` to set a static config yourself
+* Merged `mandatory-checks.sh` and `optional-checks.sh` into `parameters.sh`
+* Changed all processors to use the static config file if chosen
+* Option to use the static config `--static`
+
 ## v3.6 - World Password Day
 
 * Removed `-m` from module information

diff --git a/hash-cracker.conf b/hash-cracker.conf
@@ -0,0 +1,11 @@
+# Hashcat path
+HASHCAT=(/usr/local/bin/hashcat)
+
+# Hashtype
+HASHTYPE=1000
+
+# File containing target hashes
+HASHLIST=input
+
+# Potfile you want to use
+POTFILE=hash-cracker.pot
diff --git a/hash-cracker.sh b/hash-cracker.sh
@@ -1,12 +1,8 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 function hash-cracker () {
-    echo -e "hash-cracker v3.6 Apple Silicon Edition by crypt0rr (https://github.com/crypt0rr)\n"
-    echo -e "Mandatory modules:"
-    source scripts/mandatory-checks.sh
-    echo -e "\nOptional modules:"
-    source scripts/optional-checks.sh
+    echo -e "\nhash-cracker v3.7 Apple Silicon Edition by crypt0rr (https://github.com/crypt0rr)"
 }
 
 function menu () {
@@ -32,7 +28,6 @@ function menu () {
     echo "19. Digit remover"
     echo -e "20. Stacker\n"
 
-
     read -p "Please enter job number: " START
     if [[ "$START" = "0" ]] || [[ "$START" = "exit" ]]; then
         echo "Bye..."; exit 1

diff --git a/scripts/extensions/search.sh b/scripts/extensions/search.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 TYPELIST="scripts/extensions/hashtypes"
 
 echo -e "\n"

diff --git a/scripts/mandatory-checks.sh b/scripts/mandatory-checks.sh
diff --git a/scripts/optional-checks.sh b/scripts/optional-checks.sh
diff --git a/scripts/parameters.sh b/scripts/parameters.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 if [ "$1" == '-h' ] || [ "$1" == '--help' ]; then
     echo -e "Note: flags are optional, by default hash-cracker will run with optimized kernels enabled and perform loopback actions."
@@ -10,6 +10,7 @@ if [ "$1" == '-h' ] || [ "$1" == '--help' ]; then
     echo -e "\t--hwmon-enable\n\t\t Enable hashcat to do hardware monitoring"
     echo -e "\t--module-info\n\t\t Display information around modules/options"
     echo -e "\t-s [hash-name] / --search [hash-name]\n\t\t Will search local DB for hash module. E.g. '-s ntlm'"
+    echo -e "\t--static\n\t\t Use the 'hash-cracker.conf' static configuration file."
     exit 1
 elif [ "$1" == '--module-info' ]; then
     echo "Information about the modules"
@@ -32,6 +33,7 @@ elif [ "$1" == '--module-info' ]; then
     echo "17. Markov-chain password generator will generate new password sets based on Time-Space Tradeoff - https://www.cs.cornell.edu/~shmat/shmat_ccs05pwd.pdf"
     echo "18. Custom Word List Generator - CeWL - Spiders a given URL and creates a custom wordlist."
     echo "19. Will take the potfile, strip the digits from the cleartexts and perform a hybrid attack accordingly, thereafter some rules to finish the job."
+    echo "20. Using the stacking58.rule with a rule stacked on top of it to create even more variation on the randomness." 
     exit 1
 elif [ "$1" == '-s' ] || [ "$1" == '--search' ]; then
     TYPELIST="scripts/extensions/hashtypes"
@@ -45,13 +47,63 @@ while [[ "$#" -gt 0 ]]; do
         -n|--no-limit) KERNEL=' ' ;;
         -l|--no-loopback) LOOPBACK=' ' ;;
         --hwmon-enable) HWMON=' ';;
+        --static) CONFIGFILE=' ' ;;
         *) echo "Unknown parameter passed: $1"; exit 1 ;;
     esac
     shift
 done
 
+if [ "$CONFIGFILE" = ' ' ]; then
+    STATICCONFIG=true
+else
+    STATICCONFIG=false
+fi
+
 hash-cracker
 
+# Requirements
+if [[ "$STATICCONFIG" = true ]]; then
+    source hash-cracker.conf
+else
+    HASHCAT=$(command -v hashcat)
+    POTFILE=(hash-cracker.pot)
+fi
+
+# Logic
+echo -e "\nMandatory modules:"
+if ! [ -x "$(command -v $HASHCAT)" ]; then
+    echo '[-] Hashcat is not installed or sourced in your profile'; ((COUNTER=COUNTER + 1))
+else
+    echo '[+] Hashcat is installed'
+fi
+if test -f "$POTFILE"; then
+    echo '[+] Potfile' $POTFILE 'present'
+else
+    echo '[-] Potfile not present, will create' $POTFILE
+    touch $POTFILE
+fi
+if [ "$COUNTER" \> 0 ]; then
+    echo -e "\nNot all mandatory requirements are met. Please fix and try again."; exit 1
+fi
+
+echo -e "\nOptional modules:"
+if [[ -x "scripts/extensions/common-substr" ]]; then
+    echo '[+] Common-substr is executable'
+else
+    echo '[-] Common-substr is not executable or found (option 10 / 11)'
+fi
+if [[ -x "scripts/extensions/hashcat-utils/bin/expander.bin" ]]; then
+    echo '[+] Expander is executable'
+else
+    echo '[-] Expander is not available/executable or found, this is needed for fingerprint cracking'
+fi
+if [[ -x "scripts/extensions/cewl/cewl.rb" ]]; then
+    echo '[+] CeWL is executable'
+    CEWL="scripts/extensions/cewl/cewl.rb"
+else
+    echo '[-] CeWL is not executable or found (option 18)'
+fi
+
 echo -e "\nVariable Parameters:" 
 if [ "$KERNEL" = ' ' ]; then
     echo "[-] Optimised kernels disabled"

diff --git a/scripts/processors/1-bruteforce.sh b/scripts/processors/1-bruteforce.sh
@@ -1,9 +1,13 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 # Requirements
-source scripts/selectors/hashtype.sh
-source scripts/selectors/hashlist.sh
+if [[ "$STATICCONFIG" = true ]]; then
+    source hash-cracker.conf
+else
+    source scripts/selectors/hashtype.sh
+    source scripts/selectors/hashlist.sh
+fi
 
 # Logic
 $HASHCAT $KERNEL --bitmap-max=24 $HWMON --potfile-path=$POTFILE -m$HASHTYPE $HASHLIST -a3 '?a?a?a?a?a' --increment
@@ -32,4 +36,4 @@ $HASHCAT $KERNEL --bitmap-max=24 $HWMON --potfile-path=$POTFILE -m$HASHTYPE $HAS
 $HASHCAT $KERNEL --bitmap-max=24 $HWMON --potfile-path=$POTFILE -m$HASHTYPE $HASHLIST -a3 '?d?d?d?d?d?d?d?d?u?u' --increment
 $HASHCAT $KERNEL --bitmap-max=24 $HWMON --potfile-path=$POTFILE -m$HASHTYPE $HASHLIST -a3 '?d?d?l?d?d?l?d?d?l' --increment
 $HASHCAT $KERNEL --bitmap-max=24 $HWMON --potfile-path=$POTFILE -m$HASHTYPE $HASHLIST -a3 '?d?d?u?d?d?u?d?d?u' --increment
-echo -e "\nmBrute force processing done\n"
+echo -e "\nBrute force processing done\n"
diff --git a/scripts/processors/10-prefixsuffix.sh b/scripts/processors/10-prefixsuffix.sh
@@ -1,9 +1,13 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 # Requirements
-source scripts/selectors/hashtype.sh
-source scripts/selectors/hashlist.sh
+if [[ "$STATICCONFIG" = true ]]; then
+    source hash-cracker.conf
+else
+    source scripts/selectors/hashtype.sh
+    source scripts/selectors/hashlist.sh
+fi
 
 # Cleanup
 function clean_up {

diff --git a/scripts/processors/11-commonsubstring.sh b/scripts/processors/11-commonsubstring.sh
@@ -1,9 +1,13 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 # Requirements
-source scripts/selectors/hashtype.sh
-source scripts/selectors/hashlist.sh
+if [[ "$STATICCONFIG" = true ]]; then
+    source hash-cracker.conf
+else
+    source scripts/selectors/hashtype.sh
+    source scripts/selectors/hashlist.sh
+fi
 
 # Cleanup
 function clean_up {

diff --git a/scripts/processors/12-pack-rule.sh b/scripts/processors/12-pack-rule.sh
@@ -1,9 +1,13 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 # Requirements
-source scripts/selectors/hashtype.sh
-source scripts/selectors/hashlist.sh
+if [[ "$STATICCONFIG" = true ]]; then
+    source hash-cracker.conf
+else
+    source scripts/selectors/hashtype.sh
+    source scripts/selectors/hashlist.sh
+fi
 
 # Cleanup
 function clean_up {

diff --git a/scripts/processors/13-pack-mask.sh b/scripts/processors/13-pack-mask.sh
@@ -1,9 +1,13 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 # Requirements
-source scripts/selectors/hashtype.sh
-source scripts/selectors/hashlist.sh
+if [[ "$STATICCONFIG" = true ]]; then
+    source hash-cracker.conf
+else
+    source scripts/selectors/hashtype.sh
+    source scripts/selectors/hashlist.sh
+fi
 
 # Cleanup
 function clean_up {

diff --git a/scripts/processors/14-fingerprint.sh b/scripts/processors/14-fingerprint.sh
@@ -1,9 +1,13 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 # Requirements
-source scripts/selectors/hashtype.sh
-source scripts/selectors/hashlist.sh
+if [[ "$STATICCONFIG" = true ]]; then
+    source hash-cracker.conf
+else
+    source scripts/selectors/hashtype.sh
+    source scripts/selectors/hashlist.sh
+fi
 
 # Cleanup
 function clean_up {

diff --git a/scripts/processors/15-multiple-wordlists.sh b/scripts/processors/15-multiple-wordlists.sh
@@ -1,9 +1,13 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 # Requirements
-source scripts/selectors/hashtype.sh
-source scripts/selectors/hashlist.sh
+if [[ "$STATICCONFIG" = true ]]; then
+    source hash-cracker.conf
+else
+    source scripts/selectors/hashtype.sh
+    source scripts/selectors/hashlist.sh
+fi
 source scripts/selectors/multiple-wordlist.sh
 
 # Rules

diff --git a/scripts/processors/16-usernameaspassword.sh b/scripts/processors/16-usernameaspassword.sh
@@ -1,9 +1,13 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 # Requirements
-source scripts/selectors/hashtype.sh
-source scripts/selectors/hashlist.sh
+if [[ "$STATICCONFIG" = true ]]; then
+    source hash-cracker.conf
+else
+    source scripts/selectors/hashtype.sh
+    source scripts/selectors/hashlist.sh
+fi
 
 # Rules
 source scripts/rules/rules.config

diff --git a/scripts/processors/17-markov-generator.sh b/scripts/processors/17-markov-generator.sh
@@ -1,9 +1,13 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 # Requirements
-source scripts/selectors/hashtype.sh
-source scripts/selectors/hashlist.sh
+if [[ "$STATICCONFIG" = true ]]; then
+    source hash-cracker.conf
+else
+    source scripts/selectors/hashtype.sh
+    source scripts/selectors/hashlist.sh
+fi
 
 # Rules
 source scripts/rules/rules.config

diff --git a/scripts/processors/18-cewl.sh b/scripts/processors/18-cewl.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright crypt0rr
+# Author: crypt0rr - https://github.com/crypt0rr/
 
 # Logic
 read -p "Please enter the full URL to spider (e.g. https://kb.offsec.nl): " URL