-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathassignment2.py
More file actions
82 lines (75 loc) · 2.5 KB
/
assignment2.py
File metadata and controls
82 lines (75 loc) · 2.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
#!/usr/bin/env python
# Brian Leschke
# COSC440
# Assignment 2
# This program will import /etc/shadow, its users and hashes,
# and attempt to crack the hash.
import crypt
import hashlib
import os
import sys
from sys import argv
PASSWD_DICT = 'phpbb.txt' # path to password dictionary
SHADOW_LOC = '/etc/shadow' # path to shadow file
def main():
print(" .----------------------------. ")
print(" | Welcome to Hash Crack! | ")
print(" | Brian Leschke '@bleschke' | ")
print(" | Version 1.0 | ")
print(" | September 2016 | ")
print(" '----------------------------' \n")
if os.access(SHADOW_LOC, os.F_OK): #Make sure Shadow file exists.
shadowRead = open(SHADOW_LOC, mode='r')
print "Shadow Location: ", SHADOW_LOC
print("\n Please specify a system user. \n")
user = raw_input("Specify User Account: ")
userFound = False
for line in shadowRead.readlines(): #Make sure user exists
if (user in line):
userFound = True
print "Selected User: ", user
line = line.strip() #Remove blank space
line = line.replace("\n","").split(":")
if line[1] not in ['x','*','!']:
user = line[0].strip()
cryptPass = line[1].strip()
crack_hash(cryptPass, user)
if (userFound == False): #Alert if user does not exist
print "User not found!"
sys.exit()
else: # Alert if shadow file does not exist
print "Shadow file does not exist at ", SHADOW_LOC
def crack_hash(cryptPass, user):
if os.access(PASSWD_DICT, os.F_OK): #Make sure password dictionary file exists
print "\nPassword Dictionary: ", PASSWD_DICT
passDict = open(PASSWD_DICT, 'r')
ctype = cryptPass.split("$")[1]
if ctype == '1':
print "Hash type: MD5 \n"
elif ctype == '2a':
print "Hash type: Blowfish\n "
elif ctype == '5':
print "Hash type: SHA-256 \n"
elif ctype == '6':
print "Hash type: SHA-512 \n"
else:
print "Unable to determine Hashing Algorithm \n"
passFound = False
salt = cryptPass.split("$")[2]
insalt = "$" + ctype + "$" + salt + "$"
print "\n Cracking password for: ", user
for word in passDict.readlines():
word.strip()
word.strip('\n')
cWord = crypt.crypt(word, insalt)
if (cWord == cryptPass):
passFound == True
print "\nUsername", user
print "Password", word
sys.exit()
if (passFound == False):
print "Password not in dictionary file", PASSWD_DICT
else:
print "Password Dictionary does not exist!"
if __name__ == '__main__':
main()