diff --git a/crack_hash.py b/crack_hash.py index 7348abf..398e418 100755 --- a/crack_hash.py +++ b/crack_hash.py @@ -61,6 +61,10 @@ class HashType(enum.Enum): CRYPT_SHA512 = 1800 CRYPT_APACHE = 1600 + # python + PYTHON_PBKDF2_SHA256 = 20300 + PYTHON_PBKDF2_SHA512 = 20200 + # Windows LM = 3000 NTLM = 1000 @@ -109,6 +113,10 @@ class Hash: self.type.append(HashType.WORDPRESS) elif crypt_type == "S": self.type.append(HashType.DRUPAL7) + elif crypt_type == "pbkdf2-sha256": + self.type.append(HashType.PYTHON_PBKDF2_SHA256) + elif crypt_type == "pbkdf2-sha512": + self.type.append(HashType.PYTHON_PBKDF2_SHA512) else: if ":" in raw_hash: parts = raw_hash.split(":") diff --git a/fileserver.py b/fileserver.py index ca62b61..45f23b3 100755 --- a/fileserver.py +++ b/fileserver.py @@ -201,6 +201,7 @@ if __name__ == "__main__": print("Reverse Shell URL: http://%s/shell.sh" % ipAddress) elif sys.argv[1] == "dump": fileServer.dumpRequest("/exfiltrate") + fileServer.dumpRequest("/") print("Exfiltrate data using: http://%s/exfiltrate" % ipAddress) elif sys.argv[1] == "proxy": url = "https://google.com" if len(sys.argv) < 3 else sys.argv[2] diff --git a/subdomainFuzz.sh b/subdomainFuzz.sh index 9804c96..7a40c32 100755 --- a/subdomainFuzz.sh +++ b/subdomainFuzz.sh @@ -8,7 +8,7 @@ fi DOMAIN=$1 PROTOCOL="http" -if [[ $DOMAIN = "https://*" ]]; then +if [[ $DOMAIN = https://* ]]; then PROTOCOL="https" fi diff --git a/util.py b/util.py index 93b01de..2d8bf28 100755 --- a/util.py +++ b/util.py @@ -210,7 +210,7 @@ if __name__ == "__main__": if os.path.isfile(uri): data = open(uri,"r").read() else: - res = requests.get(uri) + res = requests.get(uri, verify=False) if res.status_code != 200: print("%s returned: %d %s" % (uri, res.status_code, res.reason)) exit()