diff --git a/Gemfile b/Gemfile
index 0bdf9ed20..e5f0bd92c 100644
--- a/Gemfile
+++ b/Gemfile
@@ -22,6 +22,7 @@ gem 'programr', :git => "http://github.com/robertjwhitney/programr.git"
gem 'process_helper'
gem 'ovirt-engine-sdk'
gem 'duplicate'
+gem 'smbhash'
#development only gems go here
group :test, :development do
diff --git a/Gemfile.lock b/Gemfile.lock
index 192a102be..12e0efe90 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -84,6 +84,7 @@ GEM
rsync (1.0.9)
rubyzip (1.2.2)
semantic_puppet (1.0.2)
+ smbhash (1.0.2)
spidr (0.6.0)
nokogiri (~> 1.3)
sshkey (1.9.0)
@@ -121,6 +122,7 @@ DEPENDENCIES
redcarpet
rmagick
rqrcode
+ smbhash
sshkey
wordlist
yard
@@ -128,4 +130,4 @@ DEPENDENCIES
zipruby
BUNDLED WITH
- 1.15.4
+ 1.16.1
diff --git a/lib/objects/local_hash_encoder.rb b/lib/objects/local_hash_encoder.rb
index 3d2490b4d..6e7c8e51f 100644
--- a/lib/objects/local_hash_encoder.rb
+++ b/lib/objects/local_hash_encoder.rb
@@ -5,6 +5,7 @@ require 'digest'
class HashEncoder < StringEncoder
attr_accessor :salt
attr_accessor :return_salts
+ attr_accessor :salt_position
def initialize
super
@@ -12,6 +13,7 @@ class HashEncoder < StringEncoder
self.strings_to_encode = []
self.salt = []
self.return_salts = false
+ self.salt_position = %w(before after).sample
end
def hash_function(str)
@@ -21,8 +23,13 @@ class HashEncoder < StringEncoder
self.strings_to_encode.each_with_index do |string, i|
combined_string = string
+
if self.salt[i]
- combined_string += self.salt[i]
+ if salt_position == 'before'
+ combined_string = self.salt[i] + combined_string
+ elsif salt_position == 'after'
+ combined_string = combined_string + self.salt[i]
+ end
end
self.outputs << hash_function(combined_string)
@@ -51,8 +58,13 @@ class HashEncoder < StringEncoder
end
def encoding_print_string
- 'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
- 'salt: ' + self.salt.to_s + print_string_padding +
- 'return_salts: ' + self.return_salts.to_s
+ print_string = 'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding +
+ 'salt: ' + self.salt.to_s
+ if self.salt.size > 0
+ print_string += print_string_padding
+ print_string += "return_salts: #{self.return_salts.to_s} #{print_string_padding}"
+ print_string += "salt_position: #{self.salt_position.to_s}"
+ end
+ print_string
end
end
\ No newline at end of file
diff --git a/modules/encoders/hash/lm/lm.pp b/modules/encoders/hash/lm/lm.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/lm/manifests/.no_puppet b/modules/encoders/hash/lm/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/lm/secgen_local/local.rb b/modules/encoders/hash/lm/secgen_local/local.rb
new file mode 100644
index 000000000..17c5a285a
--- /dev/null
+++ b/modules/encoders/hash/lm/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class LMEncoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'LM Hash Encoder'
+ end
+
+ def hash_function(string)
+ require 'smbhash'
+ Smbhash.lm_hash(string)
+ end
+end
+
+LMEncoder.new.run
diff --git a/modules/encoders/hash/lm/secgen_metadata.xml b/modules/encoders/hash/lm/secgen_metadata.xml
new file mode 100644
index 000000000..e4c3d6ff5
--- /dev/null
+++ b/modules/encoders/hash/lm/secgen_metadata.xml
@@ -0,0 +1,22 @@
+
+
+
+ MD5 Encoder
+ Thomas Shaw
+ MIT
+ Generates an MD5 hash for each of the strings.
+
+ hash
+ md5
+ linux
+ windows
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/mysql_password/manifests/.no_puppet b/modules/encoders/hash/mysql_password/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/mysql_password/mysql_password.pp b/modules/encoders/hash/mysql_password/mysql_password.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/mysql_password/secgen_local/local.rb b/modules/encoders/hash/mysql_password/secgen_local/local.rb
new file mode 100644
index 000000000..8cfbc6419
--- /dev/null
+++ b/modules/encoders/hash/mysql_password/secgen_local/local.rb
@@ -0,0 +1,17 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class MySQLPasswordHashEncoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'MySQL Password Hash Encoder'
+ self.strings_to_encode = ['right']
+ end
+
+ def hash_function(string)
+ require 'digest/sha1'
+ "*" + Digest::SHA1.hexdigest(Digest::SHA1.digest(string)).upcase
+ end
+end
+
+MySQLPasswordHashEncoder.new.run
diff --git a/modules/encoders/hash/mysql_password/secgen_metadata.xml b/modules/encoders/hash/mysql_password/secgen_metadata.xml
new file mode 100644
index 000000000..006ccc385
--- /dev/null
+++ b/modules/encoders/hash/mysql_password/secgen_metadata.xml
@@ -0,0 +1,23 @@
+
+
+
+ MySQL Password Hash Encoder
+ Thomas Shaw
+ MIT
+ Generates a MySQL password hash for each of the strings. '*' + sha1sum(sha1sum(password))
+
+ hash
+ mysql
+ mysql_password
+ linux
+ windows
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/ntlm/manifests/.no_puppet b/modules/encoders/hash/ntlm/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/ntlm/ntlm.pp b/modules/encoders/hash/ntlm/ntlm.pp
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/ntlm/secgen_local/local.rb b/modules/encoders/hash/ntlm/secgen_local/local.rb
new file mode 100644
index 000000000..385a97332
--- /dev/null
+++ b/modules/encoders/hash/ntlm/secgen_local/local.rb
@@ -0,0 +1,16 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class NTLMEncoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'NTLM Hash Encoder'
+ end
+
+ def hash_function(string)
+ require 'smbhash'
+ Smbhash.ntlm_hash(string)
+ end
+end
+
+NTLMEncoder.new.run
diff --git a/modules/encoders/hash/ntlm/secgen_metadata.xml b/modules/encoders/hash/ntlm/secgen_metadata.xml
new file mode 100644
index 000000000..e4c3d6ff5
--- /dev/null
+++ b/modules/encoders/hash/ntlm/secgen_metadata.xml
@@ -0,0 +1,22 @@
+
+
+
+ MD5 Encoder
+ Thomas Shaw
+ MIT
+ Generates an MD5 hash for each of the strings.
+
+ hash
+ md5
+ linux
+ windows
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3/manifests/.no_puppet b/modules/encoders/hash/sha3/manifests/.no_puppet
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/encoders/hash/sha3/secgen_local/local.rb b/modules/encoders/hash/sha3/secgen_local/local.rb
new file mode 100644
index 000000000..8eebcf998
--- /dev/null
+++ b/modules/encoders/hash/sha3/secgen_local/local.rb
@@ -0,0 +1,15 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_hash_encoder.rb'
+
+class SHA1Encoder < HashEncoder
+ def initialize
+ super
+ self.module_name = 'SHA1 Encoder'
+ end
+
+ def hash_function(string)
+ Digest::SHA1.hexdigest(string)
+ end
+end
+
+SHA1Encoder.new.run
diff --git a/modules/encoders/hash/sha3/secgen_metadata.xml b/modules/encoders/hash/sha3/secgen_metadata.xml
new file mode 100644
index 000000000..38de74226
--- /dev/null
+++ b/modules/encoders/hash/sha3/secgen_metadata.xml
@@ -0,0 +1,22 @@
+
+
+
+ SHA1 Encoder
+ Thomas Shaw
+ MIT
+ Generates an SHA1 hash for each of the strings.
+
+ hash
+ sha1
+ linux
+ windows
+
+ strings_to_encode
+ salt
+ return_salts
+
+ string
+
+
\ No newline at end of file
diff --git a/modules/encoders/hash/sha3/sha3.pp b/modules/encoders/hash/sha3/sha3.pp
new file mode 100644
index 000000000..e69de29bb