Jameh - Brute Force
Jameh, who actually writes and reads 'Jame' which is the Tupi Guarani means hidden, mysterious, aims to conduct a brute-force hashed passwords contained in the /etc /shadow, passing the salt and hash of the encrypted password he tries to break through the dictionary password.
Creator
Danilo Vaz - UNK
[email protected]
http://unk-br.blogspot.com
https://twitter.com/unknownantisec
http://github.com/danilovazb
Jameh was inspired by the tool made by Ricardo Longatto done in C loncrack to perform a brute-force passwords in hash staying in the /etc/shadow.
REQUERIMENTS
Import:
threading
time
crypt
argparse
sys
subprocess
permission Reading & Writing
User root privilege, or is in the sudoers group
Operating system LINUX
Python 2.7
INSTALL
git clone http://github.com/danilovazb/jameh
HELP
usage:
jameh.py [-h] [-t 10] -f word_list.txt -s '$6$DgAOLzvU' -ha '$xw5oqFEZw30SSCdgD9KOiK2BG1J.O135BowUgdsUZB3ErEeZii6s1vC07BcBoPY06iNcJpxhQYTwzBpjVj7oq.'
optional arguments:
-h, --help show this help message and exit
-t 10, --threads 10
Threads
-f word_list.txt, --file word_list.txt
Opens file with passwords
-s '$6$DgAOLzvU', --salt '$6$DgAOLzvU'
Salt, '$6$DgAOLzvU'
-ha '$xw5oqFEZw30SSCdgD9KOiK2BG1J.O135BowUgdsUZB3ErEeZii6s1vC07BcBoPY06iNcJpxhQYTwzBpjVj7oq.', --hash '$xw5oqFEZw30SSCdgD9KOiK2BG1J.O135BowUgdsUZB3ErEeZii6s1vC07BcBoPY06iNcJpxhQYTwzBpjVj7oq.'
hash, '$xw5oqFEZw30SSCdgD9KOiK2BG1J.O135BowUgdsUZB3ErEeZii
6s1vC07BcBoPY06iNcJpxhQYTwzBpjVj7oq.'
EXAMPLE:
Password: s3nh42015!@#
~# cat /etc/shadow
root:!:16440:0:99999:7:::
daemon:*:16273:0:99999:7:::
bin:*:16273:0:99999:7:::
sys:*:16273:0:99999:7:::
sync:*:16273:0:99999:7:::
pulse:*:16273:0:99999:7:::
danilo:$6$DgAOLzvU$Mt0WllW7AFJt5eFk0HPzjQNes/vvPkHaVmPIaWEb7K64uayPJ3CrEW8gjlBinh9Dzqj4RZXfRAN45XxrpWYjX.:16440:0:99999:7:::
COMMAND:
~# python jameh.py --file wl.txt --threads 10 --salt '$6$DgAOLzvU' --hash '$Mt0WllW7AFJt5eFk0HPzjQNes/vvPkHaVmPIaWEb7K64uayPJ3CrEW8gjlBinh9Dzqj4RZXfRAN45XxrpWYjX.'
Ref:
Nenhum comentário:
Postar um comentário
............