peplum-john 0.2.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 3557101f19534057d6928e39832552c6d3f752efc61ab5818f32dc12c4bf73fa
+  data.tar.gz: 9f52968910d916f5f29066a21d68afa0d12b9e0e1839145d77c907e4ab485437
+SHA512:
+  metadata.gz: 3dea930e2f89973e7bd90830352d709db0274aceb90daad387760c6f3e83df2422f488ed262c0a22aeb76993fc6c24e0639e959a3fa11f6e8e52a382b5ca210c
+  data.tar.gz: 3bbf00ab6898ce84806a4dc92e082705ec1134ec32d656c4d7e2a861006cc86652a30074d8f38ede56680ac935f14cbd5cf26e2f1f5dbe1093e406e34ec38671

data/bin/console

@@ -0,0 +1,11 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "peplum/john"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/examples/rest/helpers.rb

@@ -0,0 +1,44 @@
+require 'json'
+require 'tmpdir'
+require 'net/http'
+
+def response
+  if @last_response['Content-Type'].include? 'json'
+    data = JSON.load( @last_response.body )
+  else
+    data = @last_response.body
+  end
+  {
+    code: @last_response.code,
+    data: data
+  }
+end
+
+def response_data
+  response[:data]
+end
+
+def request( method, resource = nil, parameters = nil )
+  uri = URI( "http://127.0.0.1:7331/#{resource}" )
+
+  Net::HTTP.start( uri.host, uri.port) do |http|
+    case method
+    when :get
+      uri.query = URI.encode_www_form( parameters ) if parameters
+      request = Net::HTTP::Get.new( uri )
+
+    when :post
+      request = Net::HTTP::Post.new( uri )
+      request.body = parameters.to_json
+
+    when :delete
+      request = Net::HTTP::Delete.new( uri )
+
+    when :put
+      request = Net::HTTP::Put.new( uri )
+      request.body = parameters.to_json
+    end
+
+    @last_response = http.request( request )
+  end
+end

data/examples/rest.rb

@@ -0,0 +1,57 @@
+require 'peplum/john'
+require 'pp'
+require_relative 'rest/helpers'
+
+# Boot up our REST server for easy integration.
+rest_pid = Peplum::John::Application.spawn( :rest, daemonize: true )
+at_exit { Cuboid::Processes::Manager.kill rest_pid }
+
+# Wait for the REST server to boot up.
+while sleep 1
+  begin
+    request :get
+  rescue Errno::ECONNREFUSED
+    next
+  end
+
+  break
+end
+
+# Assign an Agent to the REST service for it to provide us with Instances.
+john_agent = Peplum::John::Application.spawn( :agent, daemonize: true )
+request :put, 'agent/url', john_agent.url
+at_exit { john_agent.shutdown rescue nil }
+
+# Create a new Instance and run with the following options.
+request :post, 'instances', {
+  peplum: {
+    objects:     %w(
+      6ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090
+      36f583dd16f4e1e201eb1e6f6d8e35a2ccb3bbe2658de46b4ffae7b0e9ed872e
+    ),
+    max_workers: 2
+  },
+  payload: {
+    format: 'raw-sha256'
+  }
+}
+
+# The ID is used to represent that instance and allow us to manage it from here on out.
+instance_id = response_data['id']
+
+while sleep( 1 )
+  # Continue looping while instance status is 'busy'.
+  request :get, "instances/#{instance_id}"
+  break if !response_data['busy']
+end
+
+puts '*' * 88
+
+# Get the report.
+request :get, "instances/#{instance_id}/report.json"
+
+# Print out the report.
+puts JSON.pretty_generate( JSON.load( response_data['data'] ) )
+
+# Shutdown the Instance.
+request :delete, "instances/#{instance_id}"

data/examples/rpc.rb

@@ -0,0 +1,30 @@
+require 'pp'
+require 'peplum/john'
+
+# Spawn an Agent as a daemon.
+john_agent = Peplum::John::Application.spawn( :agent, daemonize: true )
+at_exit { john_agent.shutdown rescue nil }
+
+# Spawn and connect to an Instance.
+john = Peplum::John::Application.connect( john_agent.spawn )
+# Don't forget this!
+at_exit { john.shutdown }
+
+john.run(
+  peplum: {
+    objects:     %w(
+      6ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090
+      36f583dd16f4e1e201eb1e6f6d8e35a2ccb3bbe2658de46b4ffae7b0e9ed872e
+    ),
+    max_workers: 2
+  },
+  payload: {
+    format: 'raw-sha256'
+  }
+)
+
+# Waiting to complete.
+sleep 1 while john.running?
+
+# Hooray!
+puts JSON.pretty_generate( john.generate_report.data )

data/lib/peplum/john/application/payload.rb

@@ -0,0 +1,144 @@
+require 'tmpdir'
+require 'fileutils'
+
+module Peplum
+class John
+class Application
+
+module Payload
+
+  # For some reason doesn't work when specifying sane directories.
+  HASHES_FILE = "hashes.#{Process.pid}.txt"
+  at_exit { FileUtils.rm_f HASHES_FILE }
+
+  POT_FILE = "hashes.#{Process.pid}.pot"
+  at_exit { FileUtils.rm_f POT_FILE }
+
+  JOHN = 'john-the-ripper'
+
+  FORMATS = Set.new(%w(descrypt bsdicrypt md5crypt md5crypt-long bcrypt scrypt LM AFS
+    tripcode AndroidBackup adxcrypt agilekeychain aix-ssha1 aix-ssha256
+    aix-ssha512 andOTP ansible argon2 as400-des as400-ssha1 asa-md5
+    AxCrypt AzureAD BestCrypt BestCryptVE4 bfegg Bitcoin BitLocker
+    bitshares Bitwarden BKS Blackberry-ES10 WoWSRP Blockchain cardano
+    chap Clipperz cloudkeychain dynamic_n cq CRC32 cryptoSafe sha1crypt
+    sha256crypt sha512crypt Citrix_NS10 dahua dashlane diskcryptor Django
+    django-scrypt dmd5 dmg dominosec dominosec8 DPAPImk dragonfly3-32
+    dragonfly3-64 dragonfly4-32 dragonfly4-64 Drupal7 eCryptfs eigrp
+    electrum ENCDataVault-MD5 ENCDataVault-PBKDF2 EncFS enpass EPI
+    EPiServer ethereum fde Fortigate256 Fortigate FormSpring FVDE geli
+    gost gpg HAVAL-128-4 HAVAL-256-3 hdaa hMailServer hsrp IKE ipb2
+    itunes-backup iwork KeePass keychain keyring keystore known_hosts
+    krb4 krb5 krb5asrep krb5pa-sha1 krb5pa-md5 krb5tgs krb5-17 krb5-18
+    krb5-3 kwallet lp lpcli leet lotus5 lotus85 LUKS MD2 mdc2
+    MediaWiki monero money MongoDB scram Mozilla mscash mscash2 MSCHAPv2
+    mschapv2-naive mssql mssql05 mssql12 multibit mysqlna mysql-sha1
+    mysql net-ah nethalflm netlm netlmv2 net-md5 netntlmv2 netntlm
+    netntlm-naive net-sha1 nk notes md5ns nsec3 NT NT-long o10glogon
+    o3logon o5logon ODF Office oldoffice OpenBSD-SoftRAID openssl-enc
+    oracle oracle11 Oracle12C osc ospf Padlock Palshop Panama
+    PBKDF2-HMAC-MD4 PBKDF2-HMAC-MD5 PBKDF2-HMAC-SHA1 PBKDF2-HMAC-SHA256
+    PBKDF2-HMAC-SHA512 PDF PEM pfx pgpdisk pgpsda pgpwde phpass PHPS
+    PHPS2 pix-md5 PKZIP po postgres PST PuTTY pwsafe qnx RACF
+    RACF-KDFAES radius RAdmin RAKP rar RAR5 Raw-SHA512 Raw-Blake2
+    Raw-Keccak Raw-Keccak-256 Raw-MD4 Raw-MD5 Raw-MD5u Raw-SHA1
+    Raw-SHA1-AxCrypt Raw-SHA1-Linkedin Raw-SHA224 Raw-SHA256 Raw-SHA3
+    Raw-SHA384 restic ripemd-128 ripemd-160 rsvp RVARY Siemens-S7
+    Salted-SHA1 SSHA512 sapb sapg saph sappse securezip 7z Signal SIP
+    skein-256 skein-512 skey SL3 Snefru-128 Snefru-256 LastPass SNMP
+    solarwinds SSH sspr Stribog-256 Stribog-512 STRIP SunMD5 SybaseASE
+    Sybase-PROP tacacs-plus tcp-md5 telegram tezos Tiger timeroast
+    tc_aes_xts tc_ripemd160 tc_ripemd160boot tc_sha512 tc_whirlpool vdi
+    OpenVMS vmx VNC vtp wbb3 whirlpool whirlpool0 whirlpool1 wpapsk
+    wpapsk-pmk xmpp-scram xsha xsha512 zed ZIP ZipMonster plaintext
+    has-160 HMAC-MD5 HMAC-SHA1 HMAC-SHA224 HMAC-SHA256 HMAC-SHA384
+    HMAC-SHA512 AndroidBackup-opencl agilekeychain-opencl ansible-opencl
+    axcrypt-opencl axcrypt2-opencl bcrypt-opencl Bitcoin-opencl
+    BitLocker-opencl bitwarden-opencl blockchain-opencl cloudkeychain-opencl
+    md5crypt-opencl cryptosafe-opencl sha1crypt-opencl sha256crypt-opencl
+    sha512crypt-opencl dashlane-opencl descrypt-opencl diskcryptor-opencl
+    diskcryptor-aes-opencl dmg-opencl electrum-modern-opencl EncFS-opencl
+    enpass-opencl ethereum-opencl ethereum-presale-opencl FVDE-opencl
+    geli-opencl gpg-opencl iwork-opencl KeePass-opencl keychain-opencl
+    keyring-opencl keystore-opencl krb5pa-md5-opencl krb5pa-sha1-opencl
+    krb5tgs-opencl krb5asrep-aes-opencl lp-opencl lpcli-opencl LM-opencl
+    lotus5-opencl mscash-opencl mscash2-opencl mysql-sha1-opencl
+    notes-opencl NT-opencl ntlmv2-opencl NT-long-opencl o5logon-opencl
+    ODF-opencl office-opencl oldoffice-opencl OpenBSD-SoftRAID-opencl
+    PBKDF2-HMAC-SHA256-opencl PBKDF2-HMAC-SHA512-opencl PBKDF2-HMAC-MD4-opencl
+    PBKDF2-HMAC-MD5-opencl PBKDF2-HMAC-SHA1-opencl pem-opencl pfx-opencl
+    pgpdisk-opencl pgpsda-opencl pgpwde-opencl phpass-opencl pwsafe-opencl
+    RAKP-opencl rar-opencl RAR5-opencl raw-MD4-opencl raw-MD5-opencl
+    raw-SHA1-opencl raw-SHA256-opencl raw-SHA512-free-opencl
+    raw-SHA512-opencl salted-SHA1-opencl sappse-opencl 7z-opencl SL3-opencl
+    solarwinds-opencl ssh-opencl sspr-opencl strip-opencl TrueCrypt-opencl
+    telegram-opencl tezos-opencl timeroast-opencl vmx-opencl wpapsk-opencl
+    wpapsk-pmk-opencl XSHA512-free-opencl XSHA512-opencl zed-opencl
+))
+
+  def run( hashes, options )
+    validate( options )
+
+    File.open( HASHES_FILE, 'w+', 0666 ) do |f|
+      hashes.each do |hash|
+        f.puts hash
+      end
+    end
+
+    _run options
+  end
+
+  # Distribute `objects` into `chunks` amount of groups, one for each worker.
+  #
+  # @param  [Array] objects All objects that need to be processed.
+  # @param  [Integer] chunks  Amount of object groups that should be generated.
+  #
+  # @return [Array<Array<Object>>]  `objects` split in `chunks` amount of groups
+  # @abstract
+  def group( objects, chunks )
+    objects.chunk chunks
+  end
+
+  # Merge result `data` for reporting.
+  #
+  # @param  [Array] data  Report data from workers.
+  # @abstract
+  def merge( data )
+    f = data.pop
+    data.each { |d| f.merge! d }
+    f
+  end
+
+  private
+
+  def executable
+    @executable ||= `which #{JOHN}`.strip
+    return @executable if !@executable.empty?
+
+    fail Error, 'Could not locate John The Ripper executable!'
+  end
+
+  def _run( options )
+    `#{executable} --no-log --pot=#{POT_FILE} --format=#{options['format']} #{HASHES_FILE} 2> /dev/null`
+    `#{executable} --format=#{options['format']} #{HASHES_FILE} 2> /dev/null`
+
+    results = {}
+    File.open( POT_FILE , 'r' ) do |f|
+      line = f.readline
+      hash, password = line.split( '$' ).last.split( ':' )
+      results[hash] = password.strip
+    end
+    results
+  end
+
+  def validate( options )
+    fail ArgumentError, 'Missing hash format' if !options['format']
+    fail ArgumentError, "Unknown format: options['format']" if FORMATS.include? options['format']
+  end
+
+  extend self
+end
+
+end
+end
+end

data/lib/peplum/john/application.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'peplum'
+
+module Peplum
+class John
+
+class Application < Peplum::Application
+  require_relative "application/payload"
+
+  provision_memory 100 * 1024 * 1024
+  provision_disk   100 * 1024 * 1024
+
+  def payload
+    Payload
+  end
+
+end
+
+end
+end

data/lib/peplum/john/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Peplum
+class John
+  VERSION = "0.2.0"
+end
+end

data/lib/peplum/john.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'peplum'
+
+module Peplum
+class John
+
+  require_relative "john/version"
+
+  class Error < Peplum::Error; end
+
+  require_relative "john/application"
+
+end
+end

data/peplum-john.gemspec

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require_relative "lib/peplum/john/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "peplum-john"
+  spec.version = Peplum::John::VERSION
+  spec.authors = ["Tasos Laskos"]
+  spec.email = ["tasos.laskos@ecsypno.com"]
+
+  spec.summary = "Peplum-powered John the Ripper."
+  spec.description = "A distributed approach to the John the Ripper password recovery tool"
+  spec.homepage = "http://ecsypno.com/"
+  spec.required_ruby_version = ">= 2.6.0"
+
+  spec.files  = Dir.glob( 'bin/*')
+  spec.files += Dir.glob( 'lib/**/*')
+  spec.files += Dir.glob( 'examples/**/*')
+  spec.files += %w(peplum-john.gemspec)
+
+
+  spec.add_dependency "peplum"
+end

metadata

@@ -0,0 +1,66 @@
+--- !ruby/object:Gem::Specification
+name: peplum-john
+version: !ruby/object:Gem::Version
+  version: 0.2.0
+platform: ruby
+authors:
+- Tasos Laskos
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2023-05-24 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: peplum
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A distributed approach to the John the Ripper password recovery tool
+email:
+- tasos.laskos@ecsypno.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/console
+- bin/setup
+- examples/rest.rb
+- examples/rest/helpers.rb
+- examples/rpc.rb
+- lib/peplum/john.rb
+- lib/peplum/john/application.rb
+- lib/peplum/john/application/payload.rb
+- lib/peplum/john/version.rb
+- peplum-john.gemspec
+homepage: http://ecsypno.com/
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.6.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.13
+signing_key: 
+specification_version: 4
+summary: Peplum-powered John the Ripper.
+test_files: []