EvilZone
Programming and Scripting => Scripting Languages => : v32itas April 03, 2015, 05:37:46 AM
-
Not much for practical use. I am learning python from book 'Violent Python'. This is exercise 1 a little bit more flexible solution then asked. Maybe someone will find it usefull.
#/etc/shadow
#hash dictionary attack
import crypt
def testPass(hashType, salt, hash, saltedHash):
print "With salt: $",salt
dictFile = open('dictionary.txt','r')
for word in dictFile.readlines():
word = word.strip('\n')
saltFor = '$' + hashType + '$' + salt
cryptWord = crypt.crypt(word,saltFor)
if (cryptWord == saltedHash):
print "[+]Found Password: "+word+"\n"
return
print "[-] Password Not Found.\n"
return
def main():
shadowFile = open('shadow')
for line in shadowFile.readlines():
if ":" in line:
user = line.split(':')[0]
saltedHash = line.split(':')[1]
hashType = saltedHash.split('$')[1]
salt = saltedHash.split('$')[2]
hash = saltedHash.split('$')[3]
print 'dict attack on user: ', user
testPass(hashType, salt, hash, saltedHash)
if __name__ == "__main__":
main()
-
You are correct it is not practical, you know there's JTR and shit which actually detect the algorithm in use in your shadow file. Also it has OpenCL and whatever.
-
You are correct it is not practical, you know there's JTR and shit which actually detect the algorithm in use in your shadow file. Also it has OpenCL and whatever.
Well dis one can detect if its MD5/SHA256/SHA512 which (by my own research) are the most common encryptions used in /etc/shadow and attack it with dictionary. And something like this might be usefull only in very rare situations. When there is no internet connectivity and no tools that you mentioned. And god knows why one could want to crack hashes if already has root. But is essential skill to be able to make your own tools, because that might come handy sometimes. So dis one just for educational purposes not for practical use.