Update for an Issue #272

This commit is contained in:
Miroslav Stampar 2012-12-04 17:04:32 +01:00
parent a14697e8cf
commit d4b5133df7
2 changed files with 6 additions and 1 deletions

View File

@ -61,6 +61,7 @@ from lib.core.settings import HASH_RECOGNITION_QUIT_THRESHOLD
from lib.core.settings import IS_WIN
from lib.core.settings import ITOA64
from lib.core.settings import ML
from lib.core.settings import NULL
from lib.core.settings import UNICODE_ENCODING
from lib.core.settings import ROTATING_CHARS
from lib.core.wordlist import Wordlist
@ -314,6 +315,8 @@ def storeHashesToFile(attack_dict):
with open(filename, "w+") as f:
for user, hashes in attack_dict.items():
for hash_ in hashes:
if not hash_ or hash_ == NULL or not hashRecognition(hash_):
continue
if user and not user.startswith(DUMMY_USER_PREFIX):
f.write("%s:%s\n" % (user.encode(UNICODE_ENCODING), hash_.encode(UNICODE_ENCODING)))
else:
@ -321,7 +324,6 @@ def storeHashesToFile(attack_dict):
def attackCachedUsersPasswords():
if kb.data.cachedUsersPasswords:
storeHashesToFile(kb.data.cachedUsersPasswords)
results = dictionaryAttack(kb.data.cachedUsersPasswords)
for (_, hash_, password) in results:

View File

@ -40,6 +40,7 @@ from lib.core.exception import sqlmapUserQuitException
from lib.core.threads import getCurrentThreadData
from lib.request import inject
from lib.utils.hash import attackCachedUsersPasswords
from lib.utils.hash import storeHashesToFile
from lib.utils.pivotdumptable import pivotDumpTable
class Users:
@ -300,6 +301,8 @@ class Users:
for user in kb.data.cachedUsersPasswords:
kb.data.cachedUsersPasswords[user] = list(set(kb.data.cachedUsersPasswords[user]))
storeHashesToFile(kb.data.cachedUsersPasswords)
message = "do you want to perform a dictionary-based attack "
message += "against retrieved password hashes? [Y/n/q]"
test = readInput(message, default="Y")