-
Notifications
You must be signed in to change notification settings - Fork 37
/
Copy pathget_pot_passwords.py
84 lines (69 loc) · 2.57 KB
/
get_pot_passwords.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
#!/usr/bin/env python3
__author__ = 'Jake Miller (@LaconicWolf)'
__date__ = '20180921'
__version__ = '0.01'
__description__ = """Extracts the plain passwords from a hashcat or jtr pot file."""
import argparse
def decode_hashcat_hexstring(hexstring):
"""Parses a hex encoded password string ($HEX[476f6f646669676874343a37])
and returns the decodes the hex.
"""
index_1 = hexstring.index("[")+1
index_2 = len(hexstring)-1
hexdata = hexstring[index_1:index_2]
return bytes.fromhex(hexdata).decode()
def decode_hashcat_hex(data):
"""Calls the decoded_hashcat_hexstring on an encoded hex represented password
($HEX[476f6f646669676874343a37]). Occasionally the string will be encoded
multiple times, so a loop is used until the $HEX prefix no longer remains.
Returns the decodes the hexstring.
"""
while data.startswith('$HEX['):
data = decode_hashcat_hexstring(data)
return data
def main():
# Reads in the potfile
with open(potfile) as fh:
lines = fh.read().splitlines()
try:
# Both JTR and Hashcat potfiles are colon delimited. In JTR pot files,
# a colon in the password will mess up the split, so it must be split
# from the first colon until the end of line.
pt_passwords = [line.split(':')[1:] for line in lines]
fixed_passwords = []
for line in pt_passwords:
if len(line) > 1:
fixed_passwords.append(':'.join(line))
else:
fixed_passwords.append(''.join(line))
except IndexError as e:
print('Error detected:')
print(e)
passwords = []
for password in fixed_passwords:
# Hashcat will encode passwords containing colons or non-ascii characters.
# This will decode those passwords if they are there.
if password.startswith('$HEX['):
passwords.append(decode_hashcat_hex(password))
else:
passwords.append(password)
# Output to file or print to terminal
if args.outfile:
with open(args.outfile, 'w') as fh:
for password in passwords:
fh.write(password + '\n')
else:
for password in passwords:
print(password)
if __name__ == '__main__':
parser = argparse.ArgumentParser()
parser.add_argument('-f', '--filename')
parser.add_argument('-o', '--outfile')
args = parser.parse_args()
if not args.filename:
parser.print_help()
print("\n[-] Please specify the filename of the potfile\n")
exit()
else:
potfile = args.filename
main()