heitt 0.4.1 → 0.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/heitt +2 -1
- data/lib/heitt/version.rb +1 -1
- data/lib/heitt.rb +16 -6
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0beed2894ada25d59c6c1d9267fee2e0753dbfbcb89b81156a748cbee6171402
|
|
4
|
+
data.tar.gz: 58209cc283a7c4864904e44280395a163da79b8144f36d33617fe9336038962d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 93cb5c2a948fc18961f02a082ff72ee7bef0a3d2bb6304da64f3839d0d90c147f9652a4c9a24208f17626d66be5321177ad42e03758c8ccce5b8ed240bdc8d32
|
|
7
|
+
data.tar.gz: e0ebeb29a0cd51ab44ce9364a043d2840cdb8f312fe5a1399d82a96a089b72bf0377f3fea06948e4e7964f6063f45ee196e1eb4a5f7f47a540ffa70096a8809a
|
data/bin/heitt
CHANGED
|
@@ -4,6 +4,7 @@ require 'io/console'
|
|
|
4
4
|
require 'heitt'
|
|
5
5
|
|
|
6
6
|
|
|
7
|
+
|
|
7
8
|
module HEITT
|
|
8
9
|
class CLI
|
|
9
10
|
attr_accessor :inputs, :extended, :verbose, :output, :json, :database, :show_regex_match, :min_entropy
|
|
@@ -59,7 +60,7 @@ module HEITT
|
|
|
59
60
|
|
|
60
61
|
opts.separator ""
|
|
61
62
|
opts.separator "EXAMPLES:"
|
|
62
|
-
opts.separator " heitt
|
|
63
|
+
opts.separator " heitt 634d398e96eb1550956b8128cfeb0747 -r"
|
|
63
64
|
opts.separator " heitt auth.log"
|
|
64
65
|
opts.separator " heitt auth.log --json --output result.json"
|
|
65
66
|
opts.separator " heitt auth.log --extended --regex-match"
|
data/lib/heitt/version.rb
CHANGED
data/lib/heitt.rb
CHANGED
|
@@ -69,7 +69,6 @@ module HEITT
|
|
|
69
69
|
prefix_matched_mode = mode[:name]
|
|
70
70
|
score += 20
|
|
71
71
|
end
|
|
72
|
-
#puts "MODENAME: #{mode[:name]}"
|
|
73
72
|
{
|
|
74
73
|
name: mode[:name],
|
|
75
74
|
hashcat: mode[:hashcat],
|
|
@@ -95,7 +94,7 @@ module HEITT
|
|
|
95
94
|
entry[:candidates] || entry[:types] || entry[:hashtypes]
|
|
96
95
|
end
|
|
97
96
|
|
|
98
|
-
#this code is
|
|
97
|
+
#this code is an inspiration of "https://github.com/chrisjchandler/entropy/blob/main/entropy.go"
|
|
99
98
|
def self.entropy(text)
|
|
100
99
|
frequency = Hash.new(0)
|
|
101
100
|
text.each_char { |ch| frequency[ch] += 1 }
|
|
@@ -211,11 +210,22 @@ module HEITT
|
|
|
211
210
|
|
|
212
211
|
candidates = HEITT::Analyzer.score_candidates(modes, delim_prefix, context_scores)
|
|
213
212
|
score = candidates.first[:score]
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
213
|
+
|
|
214
|
+
found[matched] ||= {hash: matched, candidates: []}
|
|
215
|
+
found[matched][:candidates].concat(candidates)
|
|
217
216
|
end
|
|
218
217
|
end
|
|
218
|
+
|
|
219
|
+
found.each_value do |result|
|
|
220
|
+
result[:candidates] = result[:candidates]
|
|
221
|
+
.group_by {|c| c[:name]}
|
|
222
|
+
.map {|name, dupes| dupes.max_by {|c| c[:score]}}
|
|
223
|
+
.sort_by {|c| -c[:score]}
|
|
224
|
+
|
|
225
|
+
# Re-assign confidence based on final merged scores
|
|
226
|
+
scores_hash = result[:candidates].map {|c| [c[:name], c[:score]]}.to_h
|
|
227
|
+
confidences = Analyzer.assign_confidence(scores_hash)
|
|
228
|
+
result[:candidates] = result[:candidates].map {|c| c.merge(confidence: confidences[c[:name]])}
|
|
219
229
|
end
|
|
220
230
|
found.values
|
|
221
231
|
end
|
|
@@ -305,7 +315,7 @@ module HEITT
|
|
|
305
315
|
JSON.pretty_generate(
|
|
306
316
|
renumbered_groups.map do |group|
|
|
307
317
|
visible_candidates = group[:candidates].select do |c|
|
|
308
|
-
(!c[:extended] || extended)
|
|
318
|
+
(!c[:extended] || extended) && (c[:confidence] != "regex-match" || show_regex_match)
|
|
309
319
|
end
|
|
310
320
|
{
|
|
311
321
|
cluster_id: group[:cluster_id],
|