crash.software
Projects
Pull Requests
Issues
Builds
PCredz
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY PCredz Commits 046e0057
🤬
  • ■ ■ ■ ■ ■ ■
    Pcredz
    skipped 133 lines
    134 134   else:
    135 135   return True
    136 136   
     137 +def ParseCTX1Hash(data):
     138 + def decrypt(ct):
     139 + pt = ''
     140 + last = 0
     141 + for i in range(0, len(ct), 4):
     142 + pc = dec_letter(ct[i:i+4], last)
     143 + pt += pc
     144 + last ^= ord(pc)
     145 + return pt
     146 + 
     147 + def dec_letter(ct, last=0):
     148 + c = (ord(ct[2]) - 1) & 0x0f
     149 + d = (ord(ct[3]) - 1) & 0x0f
     150 + x = c*16+d
     151 + pc = chr(x^last)
     152 + return pc
     153 + 
     154 + x = re.sub('[^A-P]', '', data.upper())
     155 + return str(decrypt(x))
     156 + 
    137 157  def ParseNTLMHash(data,Challenge):
    138 158   PacketLen = len(data)
    139 159   if PacketLen > 0:
    skipped 202 lines
    342 362   NTLMSSP1 = re.findall('NTLMSSP\x00\x01\x00\x00\x00.*[^EOF]*', decoded['data'])
    343 363   NTLMSSP2 = re.findall('NTLMSSP\x00\x02\x00\x00\x00.*[^EOF]*', decoded['data'])
    344 364   NTLMSSP3 = re.findall('NTLMSSP\x00\x03\x00\x00\x00.*[^EOF]*', decoded['data'],re.DOTALL)
     365 + 
     366 + CTX1_USR = re.findall('<UserName>(.*?)</UserName><Password encoding="ctx1">', decoded['data'])
     367 + CTX1_PWD = re.findall('<Password encoding="ctx1">(.*?)</Password>', decoded['data'])
     368 + 
     369 + if CTX1_USR and CTX1_PWD:
     370 + HeadMessage = Print_Packet_Details(decoded,SrcPort,DstPort)
     371 + try:
     372 + CTX1_USR = CTX1_USR[0]
     373 + CTX1_PWD = ParseCTX1Hash(CTX1_PWD[0])
     374 + CTX1_CREDS = CTX1_USR + ':' + CTX1_PWD
     375 + Message = 'Found CTX1 encoded password: %s\n'%CTX1_CREDS
     376 + print HeadMessage + '\n' + Message
     377 + except:
     378 + pass
     379 + 
    345 380   if activate_cc:
    346 381   CCMatch = re.findall('.{30}[^\d][3456][0-9]{3}[\s-]*[0-9]{4}[\s-]*[0-9]{4}[\s-]*[0-9]{4}[^\d]', decoded['data'],re.DOTALL)
    347 382   CC = re.findall('[^\d][456][0-9]{3}[\s-]*[0-9]{4}[\s-]*[0-9]{4}[\s-]*[0-9]{4}[^\d]', decoded['data'])
    skipped 354 lines
    702 737   except:
    703 738   raise
    704 739   
     740 + 
     741 + 
    705 742  Run()
    706 743   
    707  - 
Please wait...
Page is in error, reload to recover