souleyez 2.43.28__py3-none-any.whl → 2.43.32__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- souleyez/__init__.py +1 -2
- souleyez/ai/__init__.py +21 -15
- souleyez/ai/action_mapper.py +249 -150
- souleyez/ai/chain_advisor.py +116 -100
- souleyez/ai/claude_provider.py +29 -28
- souleyez/ai/context_builder.py +80 -62
- souleyez/ai/executor.py +158 -117
- souleyez/ai/feedback_handler.py +136 -121
- souleyez/ai/llm_factory.py +27 -20
- souleyez/ai/llm_provider.py +4 -2
- souleyez/ai/ollama_provider.py +6 -9
- souleyez/ai/ollama_service.py +44 -37
- souleyez/ai/path_scorer.py +91 -76
- souleyez/ai/recommender.py +176 -144
- souleyez/ai/report_context.py +74 -73
- souleyez/ai/report_service.py +84 -66
- souleyez/ai/result_parser.py +222 -229
- souleyez/ai/safety.py +67 -44
- souleyez/auth/__init__.py +23 -22
- souleyez/auth/audit.py +36 -26
- souleyez/auth/engagement_access.py +65 -48
- souleyez/auth/permissions.py +14 -3
- souleyez/auth/session_manager.py +54 -37
- souleyez/auth/user_manager.py +109 -64
- souleyez/commands/audit.py +40 -43
- souleyez/commands/auth.py +35 -15
- souleyez/commands/deliverables.py +55 -50
- souleyez/commands/engagement.py +47 -28
- souleyez/commands/license.py +32 -23
- souleyez/commands/screenshots.py +36 -32
- souleyez/commands/user.py +82 -36
- souleyez/config.py +52 -44
- souleyez/core/credential_tester.py +87 -81
- souleyez/core/cve_mappings.py +179 -192
- souleyez/core/cve_matcher.py +162 -148
- souleyez/core/msf_auto_mapper.py +100 -83
- souleyez/core/msf_chain_engine.py +294 -256
- souleyez/core/msf_database.py +153 -70
- souleyez/core/msf_integration.py +679 -673
- souleyez/core/msf_rpc_client.py +40 -42
- souleyez/core/msf_rpc_manager.py +77 -79
- souleyez/core/msf_sync_manager.py +241 -181
- souleyez/core/network_utils.py +22 -15
- souleyez/core/parser_handler.py +34 -25
- souleyez/core/pending_chains.py +114 -63
- souleyez/core/templates.py +158 -107
- souleyez/core/tool_chaining.py +9592 -2879
- souleyez/core/version_utils.py +79 -94
- souleyez/core/vuln_correlation.py +136 -89
- souleyez/core/web_utils.py +33 -32
- souleyez/data/wordlists/ad_users.txt +378 -0
- souleyez/data/wordlists/api_endpoints_large.txt +769 -0
- souleyez/data/wordlists/home_dir_sensitive.txt +39 -0
- souleyez/data/wordlists/lfi_payloads.txt +82 -0
- souleyez/data/wordlists/passwords_brute.txt +1548 -0
- souleyez/data/wordlists/passwords_crack.txt +2479 -0
- souleyez/data/wordlists/passwords_spray.txt +386 -0
- souleyez/data/wordlists/subdomains_large.txt +5057 -0
- souleyez/data/wordlists/usernames_common.txt +694 -0
- souleyez/data/wordlists/web_dirs_large.txt +4769 -0
- souleyez/detection/__init__.py +1 -1
- souleyez/detection/attack_signatures.py +12 -17
- souleyez/detection/mitre_mappings.py +61 -55
- souleyez/detection/validator.py +97 -86
- souleyez/devtools.py +23 -10
- souleyez/docs/README.md +4 -4
- souleyez/docs/api-reference/cli-commands.md +2 -2
- souleyez/docs/developer-guide/adding-new-tools.md +562 -0
- souleyez/docs/user-guide/auto-chaining.md +30 -8
- souleyez/docs/user-guide/getting-started.md +1 -1
- souleyez/docs/user-guide/installation.md +26 -3
- souleyez/docs/user-guide/metasploit-integration.md +2 -2
- souleyez/docs/user-guide/rbac.md +1 -1
- souleyez/docs/user-guide/scope-management.md +1 -1
- souleyez/docs/user-guide/siem-integration.md +1 -1
- souleyez/docs/user-guide/tools-reference.md +1 -8
- souleyez/docs/user-guide/worker-management.md +1 -1
- souleyez/engine/background.py +1238 -535
- souleyez/engine/base.py +4 -1
- souleyez/engine/job_status.py +17 -49
- souleyez/engine/log_sanitizer.py +103 -77
- souleyez/engine/manager.py +38 -7
- souleyez/engine/result_handler.py +2198 -1550
- souleyez/engine/worker_manager.py +50 -41
- souleyez/export/evidence_bundle.py +72 -62
- souleyez/feature_flags/features.py +16 -20
- souleyez/feature_flags.py +5 -9
- souleyez/handlers/__init__.py +11 -0
- souleyez/handlers/base.py +188 -0
- souleyez/handlers/bash_handler.py +277 -0
- souleyez/handlers/bloodhound_handler.py +243 -0
- souleyez/handlers/certipy_handler.py +311 -0
- souleyez/handlers/crackmapexec_handler.py +486 -0
- souleyez/handlers/dnsrecon_handler.py +344 -0
- souleyez/handlers/enum4linux_handler.py +400 -0
- souleyez/handlers/evil_winrm_handler.py +493 -0
- souleyez/handlers/ffuf_handler.py +815 -0
- souleyez/handlers/gobuster_handler.py +1114 -0
- souleyez/handlers/gpp_extract_handler.py +334 -0
- souleyez/handlers/hashcat_handler.py +444 -0
- souleyez/handlers/hydra_handler.py +563 -0
- souleyez/handlers/impacket_getuserspns_handler.py +343 -0
- souleyez/handlers/impacket_psexec_handler.py +222 -0
- souleyez/handlers/impacket_secretsdump_handler.py +426 -0
- souleyez/handlers/john_handler.py +286 -0
- souleyez/handlers/katana_handler.py +425 -0
- souleyez/handlers/kerbrute_handler.py +298 -0
- souleyez/handlers/ldapsearch_handler.py +636 -0
- souleyez/handlers/lfi_extract_handler.py +464 -0
- souleyez/handlers/msf_auxiliary_handler.py +408 -0
- souleyez/handlers/msf_exploit_handler.py +380 -0
- souleyez/handlers/nikto_handler.py +413 -0
- souleyez/handlers/nmap_handler.py +821 -0
- souleyez/handlers/nuclei_handler.py +359 -0
- souleyez/handlers/nxc_handler.py +371 -0
- souleyez/handlers/rdp_sec_check_handler.py +353 -0
- souleyez/handlers/registry.py +288 -0
- souleyez/handlers/responder_handler.py +232 -0
- souleyez/handlers/service_explorer_handler.py +434 -0
- souleyez/handlers/smbclient_handler.py +344 -0
- souleyez/handlers/smbmap_handler.py +510 -0
- souleyez/handlers/smbpasswd_handler.py +296 -0
- souleyez/handlers/sqlmap_handler.py +1116 -0
- souleyez/handlers/theharvester_handler.py +601 -0
- souleyez/handlers/whois_handler.py +277 -0
- souleyez/handlers/wpscan_handler.py +554 -0
- souleyez/history.py +32 -16
- souleyez/importers/msf_importer.py +106 -75
- souleyez/importers/smart_importer.py +208 -147
- souleyez/integrations/siem/__init__.py +10 -10
- souleyez/integrations/siem/base.py +17 -18
- souleyez/integrations/siem/elastic.py +108 -122
- souleyez/integrations/siem/factory.py +207 -80
- souleyez/integrations/siem/googlesecops.py +146 -154
- souleyez/integrations/siem/rule_mappings/__init__.py +1 -1
- souleyez/integrations/siem/rule_mappings/wazuh_rules.py +8 -5
- souleyez/integrations/siem/sentinel.py +107 -109
- souleyez/integrations/siem/splunk.py +246 -212
- souleyez/integrations/siem/wazuh.py +65 -71
- souleyez/integrations/wazuh/__init__.py +5 -5
- souleyez/integrations/wazuh/client.py +70 -93
- souleyez/integrations/wazuh/config.py +85 -57
- souleyez/integrations/wazuh/host_mapper.py +28 -36
- souleyez/integrations/wazuh/sync.py +78 -68
- souleyez/intelligence/__init__.py +4 -5
- souleyez/intelligence/correlation_analyzer.py +309 -295
- souleyez/intelligence/exploit_knowledge.py +661 -623
- souleyez/intelligence/exploit_suggestions.py +159 -139
- souleyez/intelligence/gap_analyzer.py +132 -97
- souleyez/intelligence/gap_detector.py +251 -214
- souleyez/intelligence/sensitive_tables.py +266 -129
- souleyez/intelligence/service_parser.py +137 -123
- souleyez/intelligence/surface_analyzer.py +407 -268
- souleyez/intelligence/target_parser.py +159 -162
- souleyez/licensing/__init__.py +6 -6
- souleyez/licensing/validator.py +17 -19
- souleyez/log_config.py +79 -54
- souleyez/main.py +1505 -687
- souleyez/migrations/fix_job_counter.py +16 -14
- souleyez/parsers/bloodhound_parser.py +41 -39
- souleyez/parsers/crackmapexec_parser.py +178 -111
- souleyez/parsers/dalfox_parser.py +72 -77
- souleyez/parsers/dnsrecon_parser.py +103 -91
- souleyez/parsers/enum4linux_parser.py +183 -153
- souleyez/parsers/ffuf_parser.py +29 -25
- souleyez/parsers/gobuster_parser.py +301 -41
- souleyez/parsers/hashcat_parser.py +324 -79
- souleyez/parsers/http_fingerprint_parser.py +350 -103
- souleyez/parsers/hydra_parser.py +131 -111
- souleyez/parsers/impacket_parser.py +231 -178
- souleyez/parsers/john_parser.py +98 -86
- souleyez/parsers/katana_parser.py +316 -0
- souleyez/parsers/msf_parser.py +943 -498
- souleyez/parsers/nikto_parser.py +346 -65
- souleyez/parsers/nmap_parser.py +262 -174
- souleyez/parsers/nuclei_parser.py +40 -44
- souleyez/parsers/responder_parser.py +26 -26
- souleyez/parsers/searchsploit_parser.py +74 -74
- souleyez/parsers/service_explorer_parser.py +279 -0
- souleyez/parsers/smbmap_parser.py +180 -124
- souleyez/parsers/sqlmap_parser.py +434 -308
- souleyez/parsers/theharvester_parser.py +75 -57
- souleyez/parsers/whois_parser.py +135 -94
- souleyez/parsers/wpscan_parser.py +278 -190
- souleyez/plugins/afp.py +44 -36
- souleyez/plugins/afp_brute.py +114 -46
- souleyez/plugins/ard.py +48 -37
- souleyez/plugins/bloodhound.py +95 -61
- souleyez/plugins/certipy.py +303 -0
- souleyez/plugins/crackmapexec.py +186 -85
- souleyez/plugins/dalfox.py +120 -59
- souleyez/plugins/dns_hijack.py +146 -41
- souleyez/plugins/dnsrecon.py +97 -61
- souleyez/plugins/enum4linux.py +91 -66
- souleyez/plugins/evil_winrm.py +291 -0
- souleyez/plugins/ffuf.py +166 -90
- souleyez/plugins/firmware_extract.py +133 -29
- souleyez/plugins/gobuster.py +387 -190
- souleyez/plugins/gpp_extract.py +393 -0
- souleyez/plugins/hashcat.py +100 -73
- souleyez/plugins/http_fingerprint.py +854 -267
- souleyez/plugins/hydra.py +566 -200
- souleyez/plugins/impacket_getnpusers.py +117 -69
- souleyez/plugins/impacket_psexec.py +84 -64
- souleyez/plugins/impacket_secretsdump.py +103 -69
- souleyez/plugins/impacket_smbclient.py +89 -75
- souleyez/plugins/john.py +86 -69
- souleyez/plugins/katana.py +313 -0
- souleyez/plugins/kerbrute.py +237 -0
- souleyez/plugins/lfi_extract.py +541 -0
- souleyez/plugins/macos_ssh.py +117 -48
- souleyez/plugins/mdns.py +35 -30
- souleyez/plugins/msf_auxiliary.py +253 -130
- souleyez/plugins/msf_exploit.py +239 -161
- souleyez/plugins/nikto.py +134 -78
- souleyez/plugins/nmap.py +275 -91
- souleyez/plugins/nuclei.py +180 -89
- souleyez/plugins/nxc.py +285 -0
- souleyez/plugins/plugin_base.py +35 -36
- souleyez/plugins/plugin_template.py +13 -5
- souleyez/plugins/rdp_sec_check.py +130 -0
- souleyez/plugins/responder.py +112 -71
- souleyez/plugins/router_http_brute.py +76 -65
- souleyez/plugins/router_ssh_brute.py +118 -41
- souleyez/plugins/router_telnet_brute.py +124 -42
- souleyez/plugins/routersploit.py +91 -59
- souleyez/plugins/routersploit_exploit.py +77 -55
- souleyez/plugins/searchsploit.py +91 -77
- souleyez/plugins/service_explorer.py +1160 -0
- souleyez/plugins/smbmap.py +122 -72
- souleyez/plugins/smbpasswd.py +215 -0
- souleyez/plugins/sqlmap.py +301 -113
- souleyez/plugins/theharvester.py +127 -75
- souleyez/plugins/tr069.py +79 -57
- souleyez/plugins/upnp.py +65 -47
- souleyez/plugins/upnp_abuse.py +73 -55
- souleyez/plugins/vnc_access.py +129 -42
- souleyez/plugins/vnc_brute.py +109 -38
- souleyez/plugins/whois.py +77 -58
- souleyez/plugins/wpscan.py +173 -69
- souleyez/reporting/__init__.py +2 -1
- souleyez/reporting/attack_chain.py +411 -346
- souleyez/reporting/charts.py +436 -501
- souleyez/reporting/compliance_mappings.py +334 -201
- souleyez/reporting/detection_report.py +126 -125
- souleyez/reporting/formatters.py +828 -591
- souleyez/reporting/generator.py +386 -302
- souleyez/reporting/metrics.py +72 -75
- souleyez/scanner.py +35 -29
- souleyez/security/__init__.py +37 -11
- souleyez/security/scope_validator.py +175 -106
- souleyez/security/validation.py +223 -149
- souleyez/security.py +22 -6
- souleyez/storage/credentials.py +247 -186
- souleyez/storage/crypto.py +296 -129
- souleyez/storage/database.py +73 -50
- souleyez/storage/db.py +58 -36
- souleyez/storage/deliverable_evidence.py +177 -128
- souleyez/storage/deliverable_exporter.py +282 -246
- souleyez/storage/deliverable_templates.py +134 -116
- souleyez/storage/deliverables.py +135 -130
- souleyez/storage/engagements.py +109 -56
- souleyez/storage/evidence.py +181 -152
- souleyez/storage/execution_log.py +31 -17
- souleyez/storage/exploit_attempts.py +93 -57
- souleyez/storage/exploits.py +67 -36
- souleyez/storage/findings.py +48 -61
- souleyez/storage/hosts.py +176 -144
- souleyez/storage/migrate_to_engagements.py +43 -19
- souleyez/storage/migrations/_001_add_credential_enhancements.py +22 -12
- souleyez/storage/migrations/_002_add_status_tracking.py +10 -7
- souleyez/storage/migrations/_003_add_execution_log.py +14 -8
- souleyez/storage/migrations/_005_screenshots.py +13 -5
- souleyez/storage/migrations/_006_deliverables.py +13 -5
- souleyez/storage/migrations/_007_deliverable_templates.py +12 -7
- souleyez/storage/migrations/_008_add_nuclei_table.py +10 -4
- souleyez/storage/migrations/_010_evidence_linking.py +17 -10
- souleyez/storage/migrations/_011_timeline_tracking.py +20 -13
- souleyez/storage/migrations/_012_team_collaboration.py +34 -21
- souleyez/storage/migrations/_013_add_host_tags.py +12 -6
- souleyez/storage/migrations/_014_exploit_attempts.py +22 -10
- souleyez/storage/migrations/_015_add_mac_os_fields.py +15 -7
- souleyez/storage/migrations/_016_add_domain_field.py +10 -4
- souleyez/storage/migrations/_017_msf_sessions.py +16 -8
- souleyez/storage/migrations/_018_add_osint_target.py +10 -6
- souleyez/storage/migrations/_019_add_engagement_type.py +10 -6
- souleyez/storage/migrations/_020_add_rbac.py +36 -15
- souleyez/storage/migrations/_021_wazuh_integration.py +20 -8
- souleyez/storage/migrations/_022_wazuh_indexer_columns.py +6 -4
- souleyez/storage/migrations/_023_fix_detection_results_fk.py +16 -6
- souleyez/storage/migrations/_024_wazuh_vulnerabilities.py +26 -10
- souleyez/storage/migrations/_025_multi_siem_support.py +3 -5
- souleyez/storage/migrations/_026_add_engagement_scope.py +31 -12
- souleyez/storage/migrations/_027_multi_siem_persistence.py +32 -15
- souleyez/storage/migrations/__init__.py +26 -26
- souleyez/storage/migrations/migration_manager.py +19 -19
- souleyez/storage/msf_sessions.py +100 -65
- souleyez/storage/osint.py +17 -24
- souleyez/storage/recommendation_engine.py +269 -235
- souleyez/storage/screenshots.py +33 -32
- souleyez/storage/smb_shares.py +136 -92
- souleyez/storage/sqlmap_data.py +183 -128
- souleyez/storage/team_collaboration.py +135 -141
- souleyez/storage/timeline_tracker.py +122 -94
- souleyez/storage/wazuh_vulns.py +64 -66
- souleyez/storage/web_paths.py +33 -37
- souleyez/testing/credential_tester.py +221 -205
- souleyez/ui/__init__.py +1 -1
- souleyez/ui/ai_quotes.py +12 -12
- souleyez/ui/attack_surface.py +2439 -1516
- souleyez/ui/chain_rules_view.py +914 -382
- souleyez/ui/correlation_view.py +312 -230
- souleyez/ui/dashboard.py +2382 -1130
- souleyez/ui/deliverables_view.py +148 -62
- souleyez/ui/design_system.py +13 -13
- souleyez/ui/errors.py +49 -49
- souleyez/ui/evidence_linking_view.py +284 -179
- souleyez/ui/evidence_vault.py +393 -285
- souleyez/ui/exploit_suggestions_view.py +555 -349
- souleyez/ui/export_view.py +100 -66
- souleyez/ui/gap_analysis_view.py +315 -171
- souleyez/ui/help_system.py +105 -97
- souleyez/ui/intelligence_view.py +436 -293
- souleyez/ui/interactive.py +23142 -10430
- souleyez/ui/interactive_selector.py +75 -68
- souleyez/ui/log_formatter.py +47 -39
- souleyez/ui/menu_components.py +22 -13
- souleyez/ui/msf_auxiliary_menu.py +184 -133
- souleyez/ui/pending_chains_view.py +336 -172
- souleyez/ui/progress_indicators.py +5 -3
- souleyez/ui/recommendations_view.py +195 -137
- souleyez/ui/rule_builder.py +343 -225
- souleyez/ui/setup_wizard.py +678 -284
- souleyez/ui/shortcuts.py +217 -165
- souleyez/ui/splunk_gap_analysis_view.py +452 -270
- souleyez/ui/splunk_vulns_view.py +139 -86
- souleyez/ui/team_dashboard.py +498 -335
- souleyez/ui/template_selector.py +196 -105
- souleyez/ui/terminal.py +6 -6
- souleyez/ui/timeline_view.py +198 -127
- souleyez/ui/tool_setup.py +264 -164
- souleyez/ui/tutorial.py +202 -72
- souleyez/ui/tutorial_state.py +40 -40
- souleyez/ui/wazuh_vulns_view.py +235 -141
- souleyez/ui/wordlist_browser.py +260 -107
- souleyez/ui.py +464 -312
- souleyez/utils/tool_checker.py +427 -367
- souleyez/utils.py +33 -29
- souleyez/wordlists.py +134 -167
- {souleyez-2.43.28.dist-info → souleyez-2.43.32.dist-info}/METADATA +1 -1
- souleyez-2.43.32.dist-info/RECORD +441 -0
- {souleyez-2.43.28.dist-info → souleyez-2.43.32.dist-info}/WHEEL +1 -1
- souleyez-2.43.28.dist-info/RECORD +0 -379
- {souleyez-2.43.28.dist-info → souleyez-2.43.32.dist-info}/entry_points.txt +0 -0
- {souleyez-2.43.28.dist-info → souleyez-2.43.32.dist-info}/licenses/LICENSE +0 -0
- {souleyez-2.43.28.dist-info → souleyez-2.43.32.dist-info}/top_level.txt +0 -0
souleyez/plugins/hashcat.py
CHANGED
|
@@ -49,41 +49,41 @@ HELP = {
|
|
|
49
49
|
{
|
|
50
50
|
"name": "NTLM Fast",
|
|
51
51
|
"args": ["-m", "1000", "-a", "0", "--workload-profile", "3"],
|
|
52
|
-
"desc": "Crack Windows NTLM hashes (fast dictionary)"
|
|
52
|
+
"desc": "Crack Windows NTLM hashes (fast dictionary)",
|
|
53
53
|
},
|
|
54
54
|
{
|
|
55
55
|
"name": "NTLM with Rules",
|
|
56
56
|
"args": ["-m", "1000", "-a", "0", "-r", "rules/best64.rule"],
|
|
57
|
-
"desc": "Crack NTLM with best64 rules"
|
|
57
|
+
"desc": "Crack NTLM with best64 rules",
|
|
58
58
|
},
|
|
59
59
|
{
|
|
60
60
|
"name": "NetNTLMv2",
|
|
61
61
|
"args": ["-m", "5600", "-a", "0"],
|
|
62
|
-
"desc": "Crack NetNTLMv2 hashes"
|
|
62
|
+
"desc": "Crack NetNTLMv2 hashes",
|
|
63
63
|
},
|
|
64
64
|
],
|
|
65
65
|
"linux": [
|
|
66
66
|
{
|
|
67
67
|
"name": "SHA-512 (shadow)",
|
|
68
68
|
"args": ["-m", "1800", "-a", "0"],
|
|
69
|
-
"desc": "Crack Linux SHA-512 shadow hashes"
|
|
69
|
+
"desc": "Crack Linux SHA-512 shadow hashes",
|
|
70
70
|
},
|
|
71
71
|
{
|
|
72
72
|
"name": "MD5 (shadow)",
|
|
73
73
|
"args": ["-m", "500", "-a", "0"],
|
|
74
|
-
"desc": "Crack Linux MD5 shadow hashes"
|
|
74
|
+
"desc": "Crack Linux MD5 shadow hashes",
|
|
75
75
|
},
|
|
76
76
|
],
|
|
77
77
|
"web": [
|
|
78
78
|
{
|
|
79
79
|
"name": "MD5",
|
|
80
80
|
"args": ["-m", "0", "-a", "0"],
|
|
81
|
-
"desc": "Crack raw MD5 hashes"
|
|
81
|
+
"desc": "Crack raw MD5 hashes",
|
|
82
82
|
},
|
|
83
83
|
{
|
|
84
84
|
"name": "bcrypt",
|
|
85
85
|
"args": ["-m", "3200", "-a", "0"],
|
|
86
|
-
"desc": "Crack bcrypt hashes (slow)"
|
|
86
|
+
"desc": "Crack bcrypt hashes (slow)",
|
|
87
87
|
},
|
|
88
88
|
],
|
|
89
89
|
},
|
|
@@ -95,114 +95,139 @@ HELP = {
|
|
|
95
95
|
"Use hashcat --example-hashes to see hash formats",
|
|
96
96
|
"Cracked results automatically imported to credentials",
|
|
97
97
|
],
|
|
98
|
-
"category": "auxiliary"
|
|
98
|
+
"category": "auxiliary",
|
|
99
99
|
}
|
|
100
100
|
|
|
101
101
|
# Flatten presets
|
|
102
|
-
for category_presets in HELP[
|
|
103
|
-
HELP[
|
|
102
|
+
for category_presets in HELP["preset_categories"].values():
|
|
103
|
+
HELP["presets"].extend(category_presets)
|
|
104
104
|
|
|
105
105
|
HELP["help_sections"] = [
|
|
106
106
|
{
|
|
107
107
|
"title": "What is Hashcat?",
|
|
108
108
|
"color": "cyan",
|
|
109
109
|
"content": [
|
|
110
|
-
{
|
|
111
|
-
|
|
112
|
-
"
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
"
|
|
116
|
-
|
|
117
|
-
|
|
110
|
+
{
|
|
111
|
+
"title": "Overview",
|
|
112
|
+
"desc": "Hashcat is the world's fastest password cracker, supporting 300+ hash types with GPU acceleration for maximum speed.",
|
|
113
|
+
},
|
|
114
|
+
{
|
|
115
|
+
"title": "Use Cases",
|
|
116
|
+
"desc": "Crack password hashes from various sources",
|
|
117
|
+
"tips": [
|
|
118
|
+
"Windows NTLM hashes (mode 1000)",
|
|
119
|
+
"Linux shadow files (mode 1800 for SHA-512)",
|
|
120
|
+
"NetNTLMv2 from Responder (mode 5600)",
|
|
121
|
+
"Kerberos TGS-REP (mode 13100)",
|
|
122
|
+
],
|
|
123
|
+
},
|
|
124
|
+
],
|
|
118
125
|
},
|
|
119
126
|
{
|
|
120
127
|
"title": "How to Use",
|
|
121
128
|
"color": "green",
|
|
122
129
|
"content": [
|
|
123
|
-
{
|
|
124
|
-
|
|
125
|
-
"
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
"
|
|
129
|
-
|
|
130
|
-
|
|
130
|
+
{
|
|
131
|
+
"title": "Basic Workflow",
|
|
132
|
+
"desc": "1. Identify hash type (--example-hashes)\n 2. Start with dictionary attack (-a 0)\n 3. Apply rules for mutations (-r rules/best64.rule)\n 4. Use --show to see cracked passwords",
|
|
133
|
+
},
|
|
134
|
+
{
|
|
135
|
+
"title": "Attack Modes",
|
|
136
|
+
"desc": "Different cracking strategies",
|
|
137
|
+
"tips": [
|
|
138
|
+
"Dictionary: -a 0 (fastest, use wordlists)",
|
|
139
|
+
"Combinator: -a 1 (combine two wordlists)",
|
|
140
|
+
"Mask: -a 3 (brute-force with patterns)",
|
|
141
|
+
"Rules: -r to mutate dictionary words",
|
|
142
|
+
],
|
|
143
|
+
},
|
|
144
|
+
],
|
|
131
145
|
},
|
|
132
146
|
{
|
|
133
147
|
"title": "Tips & Best Practices",
|
|
134
148
|
"color": "yellow",
|
|
135
149
|
"content": [
|
|
136
|
-
(
|
|
137
|
-
"
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
"
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
150
|
+
(
|
|
151
|
+
"Best Practices:",
|
|
152
|
+
[
|
|
153
|
+
"GPU is 100x+ faster than CPU",
|
|
154
|
+
"Start with dictionary, then rules, then masks",
|
|
155
|
+
"Use --show to check progress",
|
|
156
|
+
"NTLM is fast to crack (billions/sec on GPU)",
|
|
157
|
+
"bcrypt is very slow (security feature)",
|
|
158
|
+
],
|
|
159
|
+
),
|
|
160
|
+
(
|
|
161
|
+
"Common Issues:",
|
|
162
|
+
[
|
|
163
|
+
"No GPU detected: Install correct drivers (CUDA/ROCm)",
|
|
164
|
+
"Out of memory: Reduce wordlist size or use -w lower",
|
|
165
|
+
"Wrong format: Verify hash type with --example-hashes",
|
|
166
|
+
"Too slow: bcrypt/scrypt are intentionally slow",
|
|
167
|
+
],
|
|
168
|
+
),
|
|
169
|
+
],
|
|
170
|
+
},
|
|
151
171
|
]
|
|
152
172
|
|
|
153
173
|
|
|
154
174
|
class HashcatPlugin(PluginBase):
|
|
155
175
|
"""Hashcat password cracking plugin."""
|
|
156
|
-
|
|
176
|
+
|
|
157
177
|
name = "hashcat"
|
|
158
178
|
tool = "hashcat"
|
|
159
179
|
category = "credential_access"
|
|
160
180
|
HELP = HELP
|
|
161
181
|
|
|
162
|
-
|
|
163
|
-
|
|
182
|
+
def build_command(
|
|
183
|
+
self, target: str, args: List[str] = None, label: str = "", log_path: str = None
|
|
184
|
+
):
|
|
164
185
|
"""Build command for background execution with PID tracking."""
|
|
165
186
|
if not target:
|
|
166
187
|
if log_path:
|
|
167
|
-
with open(log_path,
|
|
188
|
+
with open(log_path, "w") as f:
|
|
168
189
|
f.write("ERROR: Hash file path is required\n")
|
|
169
190
|
return None
|
|
170
|
-
|
|
191
|
+
|
|
171
192
|
# Validate hash file exists
|
|
172
193
|
if not os.path.isfile(target):
|
|
173
194
|
if log_path:
|
|
174
|
-
with open(log_path,
|
|
195
|
+
with open(log_path, "w") as f:
|
|
175
196
|
f.write(f"ERROR: Hash file not found: {target}\n")
|
|
176
197
|
return None
|
|
177
|
-
|
|
198
|
+
|
|
178
199
|
args = args or []
|
|
179
|
-
|
|
200
|
+
|
|
180
201
|
# Hashcat syntax: hashcat [options] hashfile [wordlist]
|
|
181
202
|
# Insert hashfile before wordlist (last positional arg)
|
|
182
203
|
args_list = args if isinstance(args, list) else args.split()
|
|
183
|
-
|
|
204
|
+
|
|
184
205
|
# Find last argument that looks like a file path (wordlist)
|
|
185
206
|
wordlist_idx = None
|
|
186
207
|
for i in range(len(args_list) - 1, -1, -1):
|
|
187
208
|
arg = args_list[i]
|
|
188
|
-
if not arg.startswith(
|
|
209
|
+
if not arg.startswith("-") and ("/" in arg or os.path.isfile(arg)):
|
|
189
210
|
wordlist_idx = i
|
|
190
211
|
break
|
|
191
|
-
|
|
212
|
+
|
|
192
213
|
if wordlist_idx is not None:
|
|
193
|
-
cmd =
|
|
214
|
+
cmd = (
|
|
215
|
+
["hashcat"]
|
|
216
|
+
+ args_list[:wordlist_idx]
|
|
217
|
+
+ [target]
|
|
218
|
+
+ args_list[wordlist_idx:]
|
|
219
|
+
)
|
|
194
220
|
else:
|
|
195
221
|
cmd = ["hashcat"] + args_list + [target]
|
|
196
|
-
|
|
197
|
-
return {
|
|
198
|
-
'cmd': cmd,
|
|
199
|
-
'timeout': 7200
|
|
200
|
-
}
|
|
201
222
|
|
|
202
|
-
|
|
223
|
+
return {"cmd": cmd, "timeout": 7200}
|
|
224
|
+
|
|
225
|
+
def run(
|
|
226
|
+
self, target: str, args: List[str] = None, label: str = "", log_path: str = None
|
|
227
|
+
) -> int:
|
|
203
228
|
"""
|
|
204
229
|
Execute hashcat and write output to log_path.
|
|
205
|
-
|
|
230
|
+
|
|
206
231
|
Note: 'target' is used as the hash file path for this plugin.
|
|
207
232
|
"""
|
|
208
233
|
if not target:
|
|
@@ -211,7 +236,7 @@ class HashcatPlugin(PluginBase):
|
|
|
211
236
|
# Validate hash file exists
|
|
212
237
|
if not os.path.isfile(target):
|
|
213
238
|
if log_path:
|
|
214
|
-
with open(log_path,
|
|
239
|
+
with open(log_path, "w") as f:
|
|
215
240
|
f.write(f"ERROR: Hash file not found: {target}\n")
|
|
216
241
|
return 1
|
|
217
242
|
|
|
@@ -223,24 +248,29 @@ class HashcatPlugin(PluginBase):
|
|
|
223
248
|
# Need to insert hashfile before the wordlist (last positional arg)
|
|
224
249
|
# Find the last non-option argument that looks like a file path (wordlist)
|
|
225
250
|
args_list = args if isinstance(args, list) else args.split()
|
|
226
|
-
|
|
251
|
+
|
|
227
252
|
# Find last argument that looks like a file path (contains / or is a file)
|
|
228
253
|
wordlist_idx = None
|
|
229
254
|
for i in range(len(args_list) - 1, -1, -1):
|
|
230
255
|
arg = args_list[i]
|
|
231
|
-
if not arg.startswith(
|
|
256
|
+
if not arg.startswith("-") and ("/" in arg or os.path.isfile(arg)):
|
|
232
257
|
wordlist_idx = i
|
|
233
258
|
break
|
|
234
|
-
|
|
259
|
+
|
|
235
260
|
if wordlist_idx is not None:
|
|
236
261
|
# Insert hashfile before wordlist
|
|
237
|
-
cmd =
|
|
262
|
+
cmd = (
|
|
263
|
+
["hashcat"]
|
|
264
|
+
+ args_list[:wordlist_idx]
|
|
265
|
+
+ [target]
|
|
266
|
+
+ args_list[wordlist_idx:]
|
|
267
|
+
)
|
|
238
268
|
else:
|
|
239
269
|
# No wordlist found, append hashfile at end
|
|
240
270
|
cmd = ["hashcat"] + args_list + [target]
|
|
241
271
|
|
|
242
272
|
if log_path:
|
|
243
|
-
with open(log_path,
|
|
273
|
+
with open(log_path, "w") as f:
|
|
244
274
|
f.write(f"# Hashcat password cracking\n")
|
|
245
275
|
f.write(f"# Hash file: {target}\n")
|
|
246
276
|
f.write(f"# Args input: {args}\n")
|
|
@@ -251,14 +281,11 @@ class HashcatPlugin(PluginBase):
|
|
|
251
281
|
|
|
252
282
|
try:
|
|
253
283
|
result = subprocess.run(
|
|
254
|
-
cmd,
|
|
255
|
-
capture_output=True,
|
|
256
|
-
text=True,
|
|
257
|
-
timeout=3600 # 1 hour timeout
|
|
284
|
+
cmd, capture_output=True, text=True, timeout=3600 # 1 hour timeout
|
|
258
285
|
)
|
|
259
286
|
|
|
260
287
|
if log_path:
|
|
261
|
-
with open(log_path,
|
|
288
|
+
with open(log_path, "a") as f:
|
|
262
289
|
f.write(result.stdout)
|
|
263
290
|
if result.stderr:
|
|
264
291
|
f.write(f"\n\n# Errors:\n{result.stderr}\n")
|
|
@@ -267,12 +294,12 @@ class HashcatPlugin(PluginBase):
|
|
|
267
294
|
|
|
268
295
|
except subprocess.TimeoutExpired:
|
|
269
296
|
if log_path:
|
|
270
|
-
with open(log_path,
|
|
297
|
+
with open(log_path, "a") as f:
|
|
271
298
|
f.write("\n\n# ERROR: Command timed out after 1 hour\n")
|
|
272
299
|
return 124
|
|
273
300
|
except Exception as e:
|
|
274
301
|
if log_path:
|
|
275
|
-
with open(log_path,
|
|
302
|
+
with open(log_path, "a") as f:
|
|
276
303
|
f.write(f"\n\n# ERROR: {str(e)}\n")
|
|
277
304
|
return 1
|
|
278
305
|
|