-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhcx-cracker
executable file
·238 lines (191 loc) · 7.39 KB
/
hcx-cracker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
#!/usr/bin/env python3
import os
import re
import argparse
# Constants
SH_HEADER = "#!/bin/sh -x\n"
BLACKLIST = {
"HSWIFI-", "Tech_", "HUAWEI ", "HUAWEI-", "-Guest", "ZTE_", "MIWIFI_",
"CGA", "TP-LINK_", "TP-Link_", "MikroTik-", "SBB-", "TS-", "CXNK",
"ALHN-", "HG630", "Telenor_Internet_", "AndroidAP", "OrionTelekom_",
"Telenor-Internet-"
}
# TODO: set your wordlists dictionaries here for word detection
DETECT_WORDLISTS = [
"/home/user/.vip/lists/wlst/static/english.txt",
"/home/user/.vip/lists/wlst/static/rs.txt",
"/home/user/.vip/lists/wlst/serbianNames/serbianNames.txt",
]
DETECT_WORDLISTS_MIN_STRING_LEN = 4
# Argument parser setup
parser = argparse.ArgumentParser(description='Generate hashcat scripts and wordlists from ESSIDs for cracking. After running hcx-cracker... Run ./gen.sh to generate wordlists and then ./run.sh to start cracking...')
parser.add_argument('-a', '--auto', action='store_true', help="Generate wordlst automatically by ESSID alone.")
parser.add_argument('-b', '--blacklist', action='store_true', help="Skip hashes that don't generate a decent wordlist using the ESSID")
parser.add_argument('-d', '--detect', action='store_true', help="Extends -a option ... detect words in essid from dictionary wordlists (change script's code to set wlsts)")
parser.add_argument('-l', '--lists', action='store_true', help="Add wordlists to ./run.sh (change script's code to set wlsts)")
parser.add_argument('filename', type=argparse.FileType('r'))
args = parser.parse_args()
# Read hashes file
with args.filename as file:
hashes_file_lines = file.read().splitlines()
# Helper functions
def hex2str(hex_string):
try:
return bytes.fromhex(hex_string).decode('utf-8')
except (ValueError, TypeError):
return "HEX ERROR"
def rslatin_check(s):
return bool(re.search(r'[čćšžđČĆŠŽÐ]', s))
def rslatin_replace(s):
translations = str.maketrans("čćšžđČĆŠŽÐ", "ccszdCCSZD")
return s.translate(translations)
def wordlst2args(wordlst):
return " ".join(f'-s "{word}"' for word in wordlst)
if args.detect:
detect_set = set()
for f in DETECT_WORDLISTS:
with open(f, 'r') as file:
for line in file:
l = line.strip().lower()
if len(l) >= DETECT_WORDLISTS_MIN_STRING_LEN:
detect_set.add(l)
def detect_english_words(input_essid):
essid = input_essid.lower()
detected = set()
for i in detect_set:
if i in essid:
detected.add(i)
return list(detected)
def essid2wordlst(input_essid):
essid = input_essid.replace("\"", "") # remove " so it doesn't break ./run script
wordlst_set = set()
wordlst = []
if rslatin_check(essid):
essid = rslatin_replace(essid)
if args.blacklist:
if any(blacklist_item in essid for blacklist_item in BLACKLIST):
return []
if len(essid) == 6 and re.fullmatch(r"[0-9a-fA-F]{6}", essid):
return []
def add_unique(input_word):
word = input_word.strip()
if len(word) > 1 and word and word not in wordlst_set:
wordlst_set.add(word)
wordlst.append(word)
def extract_before_number(s):
for i, c in enumerate(s):
if c.isdigit():
return s[:i]
return ""
def add_variations(word):
add_unique(word)
numless_word = re.sub(r'\d', '', word)
add_unique(numless_word)
add_unique(extract_before_number(word))
def add_word_combinations(words):
for word in words: add_variations(word)
add_variations("".join(words))
add_variations("".join(reversed(words)))
def re_splitting(word):
return re.split(r"&|'s\s|\s|_|-", word)
def split_camel_case(title):
return re.split(r'(?<!^)(?=[A-Z])', title)
add_variations(essid)
add_word_combinations(re_splitting(essid))
add_word_combinations(split_camel_case(essid))
if args.detect: add_word_combinations(detect_english_words(essid))
return wordlst
items = []
counter = 0
skipped = 0
for line in hashes_file_lines:
if not line:
continue
counter += 1
parts = line.split("*")
if len(parts) < 6:
print(f"Invalid line format: {line}")
continue
hash_type, hash_value, bssid, mac, essid = parts[1], parts[2], parts[3], parts[4], hex2str(parts[5])
type_str = "PMKID" if hash_type == "01" else "EAPOL" if hash_type == "02" else "UNKNOWN"
print(f"{counter}\t{type_str}\t{hash_value}\t{bssid}\t{mac}\t{essid}", end=" --> ")
if args.auto:
wordlst = essid2wordlst(essid)
if not wordlst:
skipped += 1
print(f"BLACKLISTED ({skipped})")
continue
print(" ".join(wordlst))
else:
wordlst = input(" --> ").split()
if not wordlst:
skipped += 1
print(f"SKIPPED ({skipped})")
continue
genlst = wordlst2args(wordlst)
items.append([line, type_str, hash_value, bssid, mac, essid, genlst, len(wordlst)])
# Sorting items
items.sort(key=lambda x: (x[7], x[5]))
# Generating scripts
file_gen = "gen.sh"
file_run = "run.sh"
print(f"\n+--> {file_gen}")
prev_essid = ""
prev_file_1 = ""
prev_file_2 = ""
files = []
with open(file_gen, 'w') as f_gen:
f_gen.write(SH_HEADER)
for num, item in enumerate(items, 1):
file_1 = f"hash{num:03}.txt"
file_2 = f"hash{num:03}.lst"
dogen = True
if prev_essid and prev_essid == item[5]:
file_1 = prev_file_1
file_2 = prev_file_2
with open(file_1, 'a+') as f1:
f1.write(f"{item[0]}\n")
dogen = False
else:
with open(file_1, 'w') as f1:
f1.write(f"{item[0]}\n")
if dogen:
command = f"hcx-fastgenlst -lut123 {item[6]} -o \"{file_2}\" # {item[5]}\n"
f_gen.write(command)
print(f"| {command}", end="")
files.append([file_1, file_2, item])
prev_essid = item[5]
prev_file_1 = file_1
prev_file_2 = file_2
part_1_start = 1
part_1_end = 13
part_2_end = 24
# TODO: set your short wordlists here
def write_shortlists(f_run):
for i in range(part_1_start, part_1_end+1):
line = f"hashcat --quiet -m 22000 \"{args.filename.name}\" -a 0 \"/home/user/.vip/lists/wlst/commonfirst/parts/hgl_part{i}.txt\" -w 4 --session \"part{i}\" 2>/dev/null\n"
f_run.write(line)
print(f"| {line}", end="")
# TODO: set your long wordlists here
def write_longlists(f_run):
for i in range(part_1_end+1, part_2_end+1):
line = f"hashcat --quiet -m 22000 \"{args.filename.name}\" -a 0 \"/home/user/.vip/lists/wlst/commonfirst/parts/hgl_part{i}.txt\" -w 4 --session \"part{i}\" 2>/dev/null\n"
f_run.write(line)
print(f"| {line}", end="")
print(f"\n+--> {file_run}")
with open(file_run, 'w') as f_run:
f_run.write(SH_HEADER)
print(f"| {SH_HEADER}", end="")
if args.lists: write_shortlists(f_run)
for file_1, file_2, item in files:
line = f"hashcat --quiet -m 22000 {file_1} -a 0 {file_2} -w 4 --session \"{item[2]}\" 2>/dev/null # {item[3]} {item[5]}\n"
f_run.write(line)
print(f"| {line}", end="")
if args.lists: write_longlists(f_run)
# Set +x permission
os.chmod(file_gen, 0o755)
os.chmod(file_run, 0o755)
print()
print(f" -- files..: {len(files)}")
print(f" -- skipped: {skipped}")
print(" -- done.")