Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
derv82
GitHub Repository: derv82/wifite2
 Path: blob/master/wifite/tools/hashcat.py
412 views
1
#!/usr/bin/env python

2
# -*- coding: utf-8 -*-

3


4
from .dependency import Dependency

5
from ..config import Configuration

6
from ..util.process import Process

7
from ..util.color import Color

8


9
import os

10


11


12
class Hashcat(Dependency):

13
    dependency_required = False

14
    dependency_name = 'hashcat'

15
    dependency_url = 'https://hashcat.net/hashcat/'

16


17
    @staticmethod

18
    def should_use_force():

19
        command = ['hashcat', '-I']

20
        stderr = Process(command).stderr()

21
        return 'No devices found/left' in stderr

22


23
    @staticmethod

24
    def crack_handshake(handshake, show_command=False):

25
        # Generate hccapx

26
        hccapx_file = HcxPcapTool.generate_hccapx_file(

27
                handshake, show_command=show_command)

28


29
        key = None

30
        # Crack hccapx

31
        for additional_arg in ([], ['--show']):

32
            command = [

33
                'hashcat',

34
                '--quiet',

35
                '-m', '2500',

36
                hccapx_file,

37
                Configuration.wordlist

38
            ]

39
            if Hashcat.should_use_force():

40
                command.append('--force')

41
            command.extend(additional_arg)

42
            if show_command:

43
                Color.pl('{+} {D}Running: {W}{P}%s{W}' % ' '.join(command))

44
            process = Process(command)

45
            stdout, stderr = process.get_output()

46
            if ':' not in stdout:

47
                continue

48
            else:

49
                key = stdout.split(':', 5)[-1].strip()

50
                break

51


52
        if os.path.exists(hccapx_file):

53
            os.remove(hccapx_file)

54


55
        return key

56


57


58
    @staticmethod

59
    def crack_pmkid(pmkid_file, verbose=False):

60
        '''

61
        Cracks a given pmkid_file using the PMKID/WPA2 attack (-m 16800)

62
        Returns:

63
            Key (str) if found; `None` if not found.

64
        '''

65


66
        # Run hashcat once normally, then with --show if it failed

67
        # To catch cases where the password is already in the pot file.

68
        for additional_arg in ([], ['--show']):

69
            command = [

70
                'hashcat',

71
                '--quiet',      # Only output the password if found.

72
                '-m', '16800',  # WPA-PMKID-PBKDF2

73
                '-a', '0',      # Wordlist attack-mode

74
                pmkid_file,

75
                Configuration.wordlist

76
            ]

77
            if Hashcat.should_use_force():

78
                command.append('--force')

79
            command.extend(additional_arg)

80
            if verbose and additional_arg == []:

81
                Color.pl('{+} {D}Running: {W}{P}%s{W}' % ' '.join(command))

82


83
            # TODO: Check status of hashcat (%); it's impossible with --quiet

84


85
            hashcat_proc = Process(command)

86
            hashcat_proc.wait()

87
            stdout = hashcat_proc.stdout()

88


89
            if ':' not in stdout:

90
                # Failed

91
                continue

92
            else:

93
                # Cracked

94
                key = stdout.strip().split(':', 1)[1]

95
                return key

96


97


98
class HcxDumpTool(Dependency):

99
    dependency_required = False

100
    dependency_name = 'hcxdumptool'

101
    dependency_url = 'https://github.com/ZerBea/hcxdumptool'

102


103
    def __init__(self, target, pcapng_file):

104
        # Create filterlist

105
        filterlist = Configuration.temp('pmkid.filterlist')

106
        with open(filterlist, 'w') as filter_handle:

107
            filter_handle.write(target.bssid.replace(':', ''))

108


109
        if os.path.exists(pcapng_file):

110
            os.remove(pcapng_file)

111


112
        command = [

113
            'hcxdumptool',

114
            '-i', Configuration.interface,

115
            '--filterlist', filterlist,

116
            '--filtermode', '2',

117
            '-c', str(target.channel),

118
            '-o', pcapng_file

119
        ]

120


121
        self.proc = Process(command)

122


123
    def poll(self):

124
        return self.proc.poll()

125


126
    def interrupt(self):

127
        self.proc.interrupt()

128


129


130
class HcxPcapTool(Dependency):

131
    dependency_required = False

132
    dependency_name = 'hcxpcaptool'

133
    dependency_url = 'https://github.com/ZerBea/hcxtools'

134


135
    def __init__(self, target):

136
        self.target = target

137
        self.bssid = self.target.bssid.lower().replace(':', '')

138
        self.pmkid_file = Configuration.temp('pmkid-%s.16800' % self.bssid)

139


140
    @staticmethod

141
    def generate_hccapx_file(handshake, show_command=False):

142
        hccapx_file = Configuration.temp('generated.hccapx')

143
        if os.path.exists(hccapx_file):

144
            os.remove(hccapx_file)

145


146
        command = [

147
            'hcxpcaptool',

148
            '-o', hccapx_file,

149
            handshake.capfile

150
        ]

151


152
        if show_command:

153
            Color.pl('{+} {D}Running: {W}{P}%s{W}' % ' '.join(command))

154


155
        process = Process(command)

156
        stdout, stderr = process.get_output()

157
        if not os.path.exists(hccapx_file):

158
            raise ValueError('Failed to generate .hccapx file, output: \n%s\n%s' % (

159
                stdout, stderr))

160


161
        return hccapx_file

162


163
    @staticmethod

164
    def generate_john_file(handshake, show_command=False):

165
        john_file = Configuration.temp('generated.john')

166
        if os.path.exists(john_file):

167
            os.remove(john_file)

168


169
        command = [

170
            'hcxpcaptool',

171
            '-j', john_file,

172
            handshake.capfile

173
        ]

174


175
        if show_command:

176
            Color.pl('{+} {D}Running: {W}{P}%s{W}' % ' '.join(command))

177


178
        process = Process(command)

179
        stdout, stderr = process.get_output()

180
        if not os.path.exists(john_file):

181
            raise ValueError('Failed to generate .john file, output: \n%s\n%s' % (

182
                stdout, stderr))

183


184
        return john_file

185


186
    def get_pmkid_hash(self, pcapng_file):

187
        if os.path.exists(self.pmkid_file):

188
            os.remove(self.pmkid_file)

189


190
        command = [

191
            'hcxpcaptool',

192
            '-z', self.pmkid_file,

193
            pcapng_file

194
        ]

195
        hcxpcap_proc = Process(command)

196
        hcxpcap_proc.wait()

197


198
        if not os.path.exists(self.pmkid_file):

199
            return None

200


201
        with open(self.pmkid_file, 'r') as f:

202
            output = f.read()

203
            # Each line looks like:

204
            # hash*bssid*station*essid

205


206
        # Note: The dumptool will record *anything* it finds, ignoring the filterlist.

207
        # Check that we got the right target (filter by BSSID)

208
        matching_pmkid_hash = None

209
        for line in output.split('\n'):

210
            fields = line.split('*')

211
            if len(fields) >= 3 and fields[1].lower() == self.bssid:

212
                # Found it

213
                matching_pmkid_hash = line

214
                break

215


216
        os.remove(self.pmkid_file)

217
        return matching_pmkid_hash

218


219