From d7355825361453e7c58ac71aaa027b090c9cfb5f Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Wed, 2 Nov 2011 06:53:43 +0000 Subject: [PATCH] major speed improvement of hash cracking --- lib/core/settings.py | 2 +- lib/utils/hash.py | 44 ++++++++++++++++++++++++-------------------- 2 files changed, 25 insertions(+), 21 deletions(-) diff --git a/lib/core/settings.py b/lib/core/settings.py index 2989c5d9e..8c49beffa 100644 --- a/lib/core/settings.py +++ b/lib/core/settings.py @@ -324,7 +324,7 @@ URLENCODE_CHAR_LIMIT = 2000 DEFAULT_MSSQL_SCHEMA = 'dbo' # Display hash attack info every mod number of items -HASH_MOD_ITEM_DISPLAY = 1597 +HASH_MOD_ITEM_DISPLAY = 11 # Maximum integer value MAX_INT = sys.maxint diff --git a/lib/utils/hash.py b/lib/utils/hash.py index 5d235e95e..f31763733 100644 --- a/lib/utils/hash.py +++ b/lib/utils/hash.py @@ -344,6 +344,7 @@ def hashRecognition(value): def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, proc_id, proc_count): count = 0 rotator = 0 + hashes = set([item[0][1] for item in attack_info]) try: for word in wordlist: @@ -359,33 +360,36 @@ def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, pr try: current = __functions__[hash_regex](password = word, uppercase = False) - for item in list(attack_info): - ((user, hash_), _) = item + count += 1 - count += 1 + if current in hashes: + continue - if hash_ == current: - retVal.put((user, hash_, word)) + for item in list(attack_info): + ((user, hash_), _) = item - clearConsoleLine() + if hash_ == current: + retVal.put((user, hash_, word)) - infoMsg = "\r[%s] [INFO] cracked password '%s'" % (time.strftime("%X"), word) + clearConsoleLine() - if user and not user.startswith(DUMMY_USER_PREFIX): - infoMsg += " for user '%s'\n" % user - else: - infoMsg += " for hash '%s'\n" % hash_ + infoMsg = "\r[%s] [INFO] cracked password '%s'" % (time.strftime("%X"), word) - dataToStdout(infoMsg, True) + if user and not user.startswith(DUMMY_USER_PREFIX): + infoMsg += " for user '%s'\n" % user + else: + infoMsg += " for hash '%s'\n" % hash_ - attack_info.remove(item) + dataToStdout(infoMsg, True) - elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN: - rotator += 1 - if rotator >= len(ROTATING_CHARS): - rotator = 0 - status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator]) - dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status)) + attack_info.remove(item) + + elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN: + rotator += 1 + if rotator >= len(ROTATING_CHARS): + rotator = 0 + status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator]) + dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status)) except KeyboardInterrupt: raise @@ -436,7 +440,7 @@ def __bruteProcessVariantB(user, hash_, kwargs, hash_regex, wordlist, suffix, re dataToStdout(infoMsg, True) found.value = True - elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN: + elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN: rotator += 1 if rotator >= len(ROTATING_CHARS): rotator = 0