kh2hc 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 55b4188b8e1e718687f18b3f45b120f1d04da27c6c906bf9c6c7c89e005282f8
+  data.tar.gz: 92b9439b9d9492bb58e38cc67788f54c256999c5fa119aa3d0f4f8ae0514cb1d
+SHA512:
+  metadata.gz: 53b67dcd4e5e51f41f0a709dd37092da8734ae0794814ff670e7b35cc0aa824159219c5b49f630a09549d75c5592027d85ce76f43d44d946bf79bbf0d0ac4283
+  data.tar.gz: be057f802bca5560e4862cc3dd04f1edb4172216da83694008a58c62e559318857ab2d90afd0b5386eb7f93c6eda50e689022506f1aeb6d2aee424d6943bbc64

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 Alexandre ZANNI
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/bin/kh2hc

@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+# Ruby internal
+# Project internal
+require 'kh2hc'
+require 'kh2hc/cli'
+# External
+
+Kh2hc::CLI

data/lib/kh2hc/cli.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+# Ruby internal
+# Project internal
+# External
+require 'docopt'
+
+module Kh2hc
+  # module use for the CLI binary only, not required by the library
+  module CLI
+    doc = <<~DOCOPT
+      kh2hc v#{Kh2hc::VERSION}
+
+      Usage:
+        kh2hc <know_hosts> [<hashcat>] [--no-color --debug]
+        kh2hc -h | --help
+        kh2hc --version
+
+      Parameters:
+        <know_hosts>    OpenSSH known_hosts file hashed with HashKnownHosts
+        <hashcat>       Output file containing hash crackable by Hashcat
+
+      Options:
+        --no-color      Disable colorized output
+        --debug         Display arguments
+        -h, --help      Show this screen
+        --version       Show version
+    DOCOPT
+
+    begin
+      args = Docopt.docopt(doc, version: Kh2hc::VERSION)
+      Paint.mode = 0 if args['--no-color']
+      puts args if args['--debug']
+      if args['<know_hosts>']
+        if Kh2hc.hashed?(args['<know_hosts>'])
+          hc = Kh2hc.convert1(args['<know_hosts>'])
+          if args['<hashcat>']
+            File.write(args['<hashcat>'], hc)
+          else
+            puts hc
+          end
+        else
+          puts 'Good news, the hosts file is not hashed'
+        end
+      end
+    rescue Docopt::Exit => e
+      puts e.message
+    end
+  end
+end

data/lib/kh2hc/version.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module Kh2hc
+  # Version of Kh2hc library and app
+  VERSION = '0.0.1'
+end

data/lib/kh2hc.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+# Ruby internal
+# Project internal
+require 'kh2hc/version'
+# External
+require 'ctf_party'
+
+# known_hosts to Hashcat
+module Kh2hc
+  # Convert OpenSSH known_hosts file hashed with HashKnownHosts to an array of hashes crackable by Hashcat.
+  # @param khfile [String] OpenSSH known_hosts file
+  # @return [Array<Hash>] An array of Hash. Each Hash has two keys: the `:hash` of the host hash,
+  #   the `:salt` of the host hash
+  def self.convert(khfile)
+    hosts = []
+    data = File.read(khfile)
+    # |<Magic string>|<salt>|<hash> <key algorithm> <public key sig.>
+    data.scan(/^\|1\|([^|]+)\|([^|].+) .+ .+$/).each do |host|
+      # hash:salt
+      hosts << { hash: host[1].from_b64.to_hex, salt: host[0].from_b64.to_hex }
+    end
+    hosts
+  end
+
+  # Convert OpenSSH known_hosts file hashed with HashKnownHosts to a hash file crackable by Hashcat.
+  # @param khfile [String] OpenSSH known_hosts file
+  # @return [String] hash file in Hashcat format
+  def self.convert1(khfile)
+    hc_out = []
+    convert(khfile).each do |host|
+      hc_out << "#{host[:hash]}:#{host[:salt]}"
+    end
+    hc_out.join("\n")
+  end
+
+  # Check if OpenSSH known_hosts is hashed with HashKnownHosts option or not.
+  # @param khfile [String] OpenSSH known_hosts file
+  # @return [Boolean] `true` is hashed
+  def self.hashed?(khfile)
+    File.open(khfile) do |f|
+      return f.read(3) == '|1|'
+    end
+    # Resources friendly version of:
+    # data = File.read(khfile)
+    # /\A\|1\|/.match?(data)
+  end
+end

metadata

@@ -0,0 +1,88 @@
+--- !ruby/object:Gem::Specification
+name: kh2hc
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Alexandre ZANNI
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2023-04-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: ctf-party
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+- !ruby/object:Gem::Dependency
+  name: docopt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+description: Convert OpenSSH known_hosts file hashed with HashKnownHosts to hashes
+  crackable by Hashcat.
+email: alexandre.zanni@europe.com
+executables:
+- kh2hc
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- bin/kh2hc
+- lib/kh2hc.rb
+- lib/kh2hc/cli.rb
+- lib/kh2hc/version.rb
+homepage: https://noraj.github.io/kh2hc/
+licenses:
+- MIT
+metadata:
+  yard.run: yard
+  bug_tracker_uri: https://github.com/noraj/kh2hc/issues
+  changelog_uri: https://github.com/noraj/kh2hc/blob/master/docs/CHANGELOG.md
+  documentation_uri: https://noraj.github.io/kh2hc/
+  homepage_uri: https://noraj.github.io/kh2hc/
+  source_code_uri: https://github.com/noraj/kh2hc/
+  rubygems_mfa_required: 'true'
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.0.0
+  - - "<"
+    - !ruby/object:Gem::Version
+      version: '4.0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.6
+signing_key:
+specification_version: 4
+summary: Convert OpenSSH known_hosts file hashed with HashKnownHosts to hashes crackable
+  by Hashcat.
+test_files: []