sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-01-24 08:14:24 +03:00
Code Issues Packages Projects Releases Wiki Activity

major speed improvement of hash cracking

Browse Source
This commit is contained in:
Miroslav Stampar 2011-11-02 06:53:43 +00:00
parent b3a57391e4
commit d735582536
2 changed files with 25 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/core/settings.py
View File

@ -324,7 +324,7 @@ URLENCODE_CHAR_LIMIT = 2000
DEFAULT_MSSQL_SCHEMA = 'dbo' DEFAULT_MSSQL_SCHEMA = 'dbo'
# Display hash attack info every mod number of items # Display hash attack info every mod number of items
HASH_MOD_ITEM_DISPLAY = 1597 HASH_MOD_ITEM_DISPLAY = 11
# Maximum integer value # Maximum integer value
MAX_INT = sys.maxint MAX_INT = sys.maxint

44
lib/utils/hash.py
View File

@ -344,6 +344,7 @@ def hashRecognition(value):
def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, proc_id, proc_count): def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, proc_id, proc_count):
count = 0 count = 0
rotator = 0 rotator = 0
hashes = set([item[0][1] for item in attack_info])
try: try:
for word in wordlist: for word in wordlist:
@ -359,33 +360,36 @@ def __bruteProcessVariantA(attack_info, hash_regex, wordlist, suffix, retVal, pr
try: try:
current = __functions__[hash_regex](password = word, uppercase = False) current = __functions__[hash_regex](password = word, uppercase = False)
for item in list(attack_info): count += 1
((user, hash_), _) = item
count += 1 if current in hashes:
continue
if hash_ == current: for item in list(attack_info):
retVal.put((user, hash_, word)) ((user, hash_), _) = item
clearConsoleLine() if hash_ == current:
retVal.put((user, hash_, word))
infoMsg = "\r[%s] [INFO] cracked password '%s'" % (time.strftime("%X"), word) clearConsoleLine()
if user and not user.startswith(DUMMY_USER_PREFIX): infoMsg = "\r[%s] [INFO] cracked password '%s'" % (time.strftime("%X"), word)
infoMsg += " for user '%s'\n" % user
else:
infoMsg += " for hash '%s'\n" % hash_
dataToStdout(infoMsg, True) if user and not user.startswith(DUMMY_USER_PREFIX):
infoMsg += " for user '%s'\n" % user
else:
infoMsg += " for hash '%s'\n" % hash_
attack_info.remove(item) dataToStdout(infoMsg, True)
elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN: attack_info.remove(item)
rotator += 1
if rotator >= len(ROTATING_CHARS): elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
rotator = 0 rotator += 1
status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator]) if rotator >= len(ROTATING_CHARS):
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status)) rotator = 0
status = 'current status: %s... %s' % (word.ljust(5)[:5], ROTATING_CHARS[rotator])
dataToStdout("\r[%s] [INFO] %s" % (time.strftime("%X"), status))
except KeyboardInterrupt: except KeyboardInterrupt:
raise raise
@ -436,7 +440,7 @@ def __bruteProcessVariantB(user, hash_, kwargs, hash_regex, wordlist, suffix, re
dataToStdout(infoMsg, True) dataToStdout(infoMsg, True)
found.value = True found.value = True
elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex in (HASH.ORACLE_OLD) or hash_regex == HASH.CRYPT_GENERIC and IS_WIN: elif proc_id == 0 and count % HASH_MOD_ITEM_DISPLAY == 0 or hash_regex == HASH.ORACLE_OLD or hash_regex == HASH.CRYPT_GENERIC and IS_WIN:
rotator += 1 rotator += 1
if rotator >= len(ROTATING_CHARS): if rotator >= len(ROTATING_CHARS):
rotator = 0 rotator = 0