Rainbow tables are really useful when cracking password hashes, One disadvantage of these tables is their size which can get up to tens and even hundreds of gigs.
I really liked the
Offensive security Crackpot online hash cracker and i thought it would be really nice to have a web interface for my rainbow tables which i can access from web anywhere without having to carry them with me whenever i need them.
When cracking lm/ntlm hashes i really like using
Ophcrack which provides a free GUI and CLI software along with some
free and paid tables.
I wrote a quick and dirty PHP based web frontend for
Ophcrack called Wophcrack,
I must say i am not a programmer and i am sure this could be done more efficiently and elegantly, anyway…its working fine
, I thought maybe someone will find it useful so i decided to share it here.
Wophcrack was designed to work on
Backtrack 4 R2, Although it can be install on any Linux distribution with some small adjustments, Wophcrack can also easily edited to support
Rainbow crack.
Please read the requirements and installation notes before using Wophcrack.
Wophcrack will require some manual code adjustments to suite you environment.
1. Download and Install ophcrack-cli
Backtrack doesn’t includes ophcrack-cli by default, you will need to download and install it manually
Get ophcrack-cli HERE
root@Blackbox:~/OphcrackWeb# dpkg -i ophcrack-cli_3.3.0-1_i386.deb
2. Configure cron
Give
www-data user (apache) permissions to use cron
root@Blackbox:~# echo www-data > /etc/cron.allow
Auto start cron service on startup
root@Blackbox:~# update-rc.d cron defaults
Start the cron service
root@Blackbox:~# /etc/init.d/cron start
3. Create and import database
Create the database
root@Blackbox:~# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 34
Server version: 5.0.67-0ubuntu6 (Ubuntu)
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> CREATE DATABASE cracker;
Query OK, 1 row affected (0.04 sec)
Import Wophcrack sql data
root@Blackbox:/var/www# mysql -u root -p cracker < cracker.sql
Auto start mysql service on startup
root@Blackbox:~# update-rc.d mysql defaults
Start the mysql service
root@Blackbox:~# /etc/init.d/mysql start
4. Configure Mail notifications
make sure your dns is configured properly in /etc/resolv.conf
edit ”
/etc/hosts” and add at the top the following line with your ip address, hostname and domain name.
your-eth-ip hostname.domain.com hostname
Auto start sendmail service on startup
root@Blackbox:~# update-rc.d sendmail defaults
reStart the sendmail service
root@Blackbox:~# /etc/init.d/sendmail restart
You will also need to edit Wophcrack “
rc.sh” file with you email address and domain
line 8:
sendEmail -f cracker@domain.com -u 'Hash Result' -t $mail < /tmp/output.txt
5. Configure apache
Auto start apache service on startup
root@Blackbox:~# update-rc.d apache2 defaults
Start the apache service
root@Blackbox:~# /etc/init.d/apache start
6. Edit Wophcrack files
Wophcrack is designed to work from the “/var/www folder” in case you would like to move them into another dolder you will have to make some changes
Wophcrack will assume that your ophcrack rainbow tables home directory is located in “
/pentest/RainbowTables” and each table files will be located in a sub folder with the following names:
tables_vista_free
tables_xp_free_fast
tables_xp_free_small
Vista_special
XP_special
In case you would like to place the tables in a different directory you will need to edit the following files:
index.php start from line 60:
<option value="tables_xp_free_small">XP Free Small</option>
<option value="tables_xp_free_fast">XP Free Fast</option>
<option value="XP_special">XP Special</option>
<option value="tables_vista_free">Vista Free</option>
<option value="Vista_special">Vista Special</option>
You will also need to change path in the “
rc.sh” file on line 3:
ophcrack-cli -g -d /pentest/passwords/RainbowTables/ -t /pentest/passwords/RainbowTables/$1 -f /tmp/temp.txt -o /tmp/output.txt
In case you plan to place Wophcrack in a directory which is not “/var/www” you will need to edit the following:
index.php line 41:
exec("echo \"* * * * * /var/www/rc.sh " . $info['hashset'] . "\" | crontab -");rc.sh line 10:
php /var/www/check.php
check.php line 22:
exec("php /var/www/checkagain.php");checkagain.php line 28:
exec("echo \"* * * * * /var/www/rc.sh " . $info['hashset'] . "\" | crontab -");
You can download Wophcrack Source Here:
http://www.megaupload.com/?d=HAFUFHHK
or from here:
Wophcrack
- Title: Wophcrack Caption: Wophcrack File: wophcrack.zip Size: 17 kB
Installation:(For Backtrack user and Ubuntu Server)
1. Install mysql server
2. set user,password root or user for mysql server
3. create cracker database in mysql server
4. import cracker.sql into your mysql server
5. edit wophcrack/config.php with your environment.
6. edit my apache2 configuration(sites-available/default) file with (/pentest/password/wophcrack is my wophcrack path.)
Alias /wophcrack "/pentest/password/wophcrack/"
<Directory /pentest/password/wophcrack/>
Options FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
</Directory>
7. I try to use rc.sh but it's not work 'cause ^M and ophcrack-cli in the script. And I try to fix it by myself like this.
#!/bin/bash
crontab -r
#the original line
#ophcrack-cli -g -d /pentest/passwords/RainbowTables/ -t /pentest/passwords/RainbowTables/$1 -f /tmp/temp.txt -o /tmp/output.txt
#my edit and rcrack/rainbow is my rainbow tables path.
ophcrack -g -d /pentest/passwords/rcrack/rainbow -t /pentest/passwords/rcrack/rainbow/$1 -f /tmp/temp.txt -o /tmp/output.txt
if [ $? -ne 0 ] ; then
echo "Not Finished!";
else
for mail in $(cat /tmp/mail.txt);do
sendEmail -f materaj@gmail.com -u 'Hash Result' -t $mail < /tmp/output.txt
done
php /var/www/check.php
fi
########################################################
Source: http://exploit.co.il/hacking/wophcrack-ophcrack-web-interface/
No comments:
Post a Comment