From d2a04f8d43f65fee723b43bcdca133eb3395af90 Mon Sep 17 00:00:00 2001 From: thomashaw Date: Mon, 5 Nov 2018 11:44:28 +0000 Subject: [PATCH] ntlm and lm hashes --- Gemfile | 1 + Gemfile.lock | 4 +++- lib/objects/local_hash_encoder.rb | 20 ++++++++++++---- modules/encoders/hash/lm/lm.pp | 0 modules/encoders/hash/lm/manifests/.no_puppet | 0 .../encoders/hash/lm/secgen_local/local.rb | 16 +++++++++++++ modules/encoders/hash/lm/secgen_metadata.xml | 22 ++++++++++++++++++ .../hash/mysql_password/manifests/.no_puppet | 0 .../hash/mysql_password/mysql_password.pp | 0 .../hash/mysql_password/secgen_local/local.rb | 17 ++++++++++++++ .../hash/mysql_password/secgen_metadata.xml | 23 +++++++++++++++++++ .../encoders/hash/ntlm/manifests/.no_puppet | 0 modules/encoders/hash/ntlm/ntlm.pp | 0 .../encoders/hash/ntlm/secgen_local/local.rb | 16 +++++++++++++ .../encoders/hash/ntlm/secgen_metadata.xml | 22 ++++++++++++++++++ .../encoders/hash/sha3/manifests/.no_puppet | 0 .../encoders/hash/sha3/secgen_local/local.rb | 15 ++++++++++++ .../encoders/hash/sha3/secgen_metadata.xml | 22 ++++++++++++++++++ modules/encoders/hash/sha3/sha3.pp | 0 19 files changed, 173 insertions(+), 5 deletions(-) create mode 100644 modules/encoders/hash/lm/lm.pp create mode 100644 modules/encoders/hash/lm/manifests/.no_puppet create mode 100644 modules/encoders/hash/lm/secgen_local/local.rb create mode 100644 modules/encoders/hash/lm/secgen_metadata.xml create mode 100644 modules/encoders/hash/mysql_password/manifests/.no_puppet create mode 100644 modules/encoders/hash/mysql_password/mysql_password.pp create mode 100644 modules/encoders/hash/mysql_password/secgen_local/local.rb create mode 100644 modules/encoders/hash/mysql_password/secgen_metadata.xml create mode 100644 modules/encoders/hash/ntlm/manifests/.no_puppet create mode 100644 modules/encoders/hash/ntlm/ntlm.pp create mode 100644 modules/encoders/hash/ntlm/secgen_local/local.rb create mode 100644 modules/encoders/hash/ntlm/secgen_metadata.xml create mode 100644 modules/encoders/hash/sha3/manifests/.no_puppet create mode 100644 modules/encoders/hash/sha3/secgen_local/local.rb create mode 100644 modules/encoders/hash/sha3/secgen_metadata.xml create mode 100644 modules/encoders/hash/sha3/sha3.pp diff --git a/Gemfile b/Gemfile index 0bdf9ed20..e5f0bd92c 100644 --- a/Gemfile +++ b/Gemfile @@ -22,6 +22,7 @@ gem 'programr', :git => "http://github.com/robertjwhitney/programr.git" gem 'process_helper' gem 'ovirt-engine-sdk' gem 'duplicate' +gem 'smbhash' #development only gems go here group :test, :development do diff --git a/Gemfile.lock b/Gemfile.lock index 192a102be..12e0efe90 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -84,6 +84,7 @@ GEM rsync (1.0.9) rubyzip (1.2.2) semantic_puppet (1.0.2) + smbhash (1.0.2) spidr (0.6.0) nokogiri (~> 1.3) sshkey (1.9.0) @@ -121,6 +122,7 @@ DEPENDENCIES redcarpet rmagick rqrcode + smbhash sshkey wordlist yard @@ -128,4 +130,4 @@ DEPENDENCIES zipruby BUNDLED WITH - 1.15.4 + 1.16.1 diff --git a/lib/objects/local_hash_encoder.rb b/lib/objects/local_hash_encoder.rb index 3d2490b4d..6e7c8e51f 100644 --- a/lib/objects/local_hash_encoder.rb +++ b/lib/objects/local_hash_encoder.rb @@ -5,6 +5,7 @@ require 'digest' class HashEncoder < StringEncoder attr_accessor :salt attr_accessor :return_salts + attr_accessor :salt_position def initialize super @@ -12,6 +13,7 @@ class HashEncoder < StringEncoder self.strings_to_encode = [] self.salt = [] self.return_salts = false + self.salt_position = %w(before after).sample end def hash_function(str) @@ -21,8 +23,13 @@ class HashEncoder < StringEncoder self.strings_to_encode.each_with_index do |string, i| combined_string = string + if self.salt[i] - combined_string += self.salt[i] + if salt_position == 'before' + combined_string = self.salt[i] + combined_string + elsif salt_position == 'after' + combined_string = combined_string + self.salt[i] + end end self.outputs << hash_function(combined_string) @@ -51,8 +58,13 @@ class HashEncoder < StringEncoder end def encoding_print_string - 'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding + - 'salt: ' + self.salt.to_s + print_string_padding + - 'return_salts: ' + self.return_salts.to_s + print_string = 'strings_to_encode: ' + self.strings_to_encode.to_s + print_string_padding + + 'salt: ' + self.salt.to_s + if self.salt.size > 0 + print_string += print_string_padding + print_string += "return_salts: #{self.return_salts.to_s} #{print_string_padding}" + print_string += "salt_position: #{self.salt_position.to_s}" + end + print_string end end \ No newline at end of file diff --git a/modules/encoders/hash/lm/lm.pp b/modules/encoders/hash/lm/lm.pp new file mode 100644 index 000000000..e69de29bb diff --git a/modules/encoders/hash/lm/manifests/.no_puppet b/modules/encoders/hash/lm/manifests/.no_puppet new file mode 100644 index 000000000..e69de29bb diff --git a/modules/encoders/hash/lm/secgen_local/local.rb b/modules/encoders/hash/lm/secgen_local/local.rb new file mode 100644 index 000000000..17c5a285a --- /dev/null +++ b/modules/encoders/hash/lm/secgen_local/local.rb @@ -0,0 +1,16 @@ +#!/usr/bin/ruby +require_relative '../../../../../lib/objects/local_hash_encoder.rb' + +class LMEncoder < HashEncoder + def initialize + super + self.module_name = 'LM Hash Encoder' + end + + def hash_function(string) + require 'smbhash' + Smbhash.lm_hash(string) + end +end + +LMEncoder.new.run diff --git a/modules/encoders/hash/lm/secgen_metadata.xml b/modules/encoders/hash/lm/secgen_metadata.xml new file mode 100644 index 000000000..e4c3d6ff5 --- /dev/null +++ b/modules/encoders/hash/lm/secgen_metadata.xml @@ -0,0 +1,22 @@ + + + + MD5 Encoder + Thomas Shaw + MIT + Generates an MD5 hash for each of the strings. + + hash + md5 + linux + windows + + strings_to_encode + salt + return_salts + + string + + \ No newline at end of file diff --git a/modules/encoders/hash/mysql_password/manifests/.no_puppet b/modules/encoders/hash/mysql_password/manifests/.no_puppet new file mode 100644 index 000000000..e69de29bb diff --git a/modules/encoders/hash/mysql_password/mysql_password.pp b/modules/encoders/hash/mysql_password/mysql_password.pp new file mode 100644 index 000000000..e69de29bb diff --git a/modules/encoders/hash/mysql_password/secgen_local/local.rb b/modules/encoders/hash/mysql_password/secgen_local/local.rb new file mode 100644 index 000000000..8cfbc6419 --- /dev/null +++ b/modules/encoders/hash/mysql_password/secgen_local/local.rb @@ -0,0 +1,17 @@ +#!/usr/bin/ruby +require_relative '../../../../../lib/objects/local_hash_encoder.rb' + +class MySQLPasswordHashEncoder < HashEncoder + def initialize + super + self.module_name = 'MySQL Password Hash Encoder' + self.strings_to_encode = ['right'] + end + + def hash_function(string) + require 'digest/sha1' + "*" + Digest::SHA1.hexdigest(Digest::SHA1.digest(string)).upcase + end +end + +MySQLPasswordHashEncoder.new.run diff --git a/modules/encoders/hash/mysql_password/secgen_metadata.xml b/modules/encoders/hash/mysql_password/secgen_metadata.xml new file mode 100644 index 000000000..006ccc385 --- /dev/null +++ b/modules/encoders/hash/mysql_password/secgen_metadata.xml @@ -0,0 +1,23 @@ + + + + MySQL Password Hash Encoder + Thomas Shaw + MIT + Generates a MySQL password hash for each of the strings. '*' + sha1sum(sha1sum(password)) + + hash + mysql + mysql_password + linux + windows + + strings_to_encode + salt + return_salts + + string + + \ No newline at end of file diff --git a/modules/encoders/hash/ntlm/manifests/.no_puppet b/modules/encoders/hash/ntlm/manifests/.no_puppet new file mode 100644 index 000000000..e69de29bb diff --git a/modules/encoders/hash/ntlm/ntlm.pp b/modules/encoders/hash/ntlm/ntlm.pp new file mode 100644 index 000000000..e69de29bb diff --git a/modules/encoders/hash/ntlm/secgen_local/local.rb b/modules/encoders/hash/ntlm/secgen_local/local.rb new file mode 100644 index 000000000..385a97332 --- /dev/null +++ b/modules/encoders/hash/ntlm/secgen_local/local.rb @@ -0,0 +1,16 @@ +#!/usr/bin/ruby +require_relative '../../../../../lib/objects/local_hash_encoder.rb' + +class NTLMEncoder < HashEncoder + def initialize + super + self.module_name = 'NTLM Hash Encoder' + end + + def hash_function(string) + require 'smbhash' + Smbhash.ntlm_hash(string) + end +end + +NTLMEncoder.new.run diff --git a/modules/encoders/hash/ntlm/secgen_metadata.xml b/modules/encoders/hash/ntlm/secgen_metadata.xml new file mode 100644 index 000000000..e4c3d6ff5 --- /dev/null +++ b/modules/encoders/hash/ntlm/secgen_metadata.xml @@ -0,0 +1,22 @@ + + + + MD5 Encoder + Thomas Shaw + MIT + Generates an MD5 hash for each of the strings. + + hash + md5 + linux + windows + + strings_to_encode + salt + return_salts + + string + + \ No newline at end of file diff --git a/modules/encoders/hash/sha3/manifests/.no_puppet b/modules/encoders/hash/sha3/manifests/.no_puppet new file mode 100644 index 000000000..e69de29bb diff --git a/modules/encoders/hash/sha3/secgen_local/local.rb b/modules/encoders/hash/sha3/secgen_local/local.rb new file mode 100644 index 000000000..8eebcf998 --- /dev/null +++ b/modules/encoders/hash/sha3/secgen_local/local.rb @@ -0,0 +1,15 @@ +#!/usr/bin/ruby +require_relative '../../../../../lib/objects/local_hash_encoder.rb' + +class SHA1Encoder < HashEncoder + def initialize + super + self.module_name = 'SHA1 Encoder' + end + + def hash_function(string) + Digest::SHA1.hexdigest(string) + end +end + +SHA1Encoder.new.run diff --git a/modules/encoders/hash/sha3/secgen_metadata.xml b/modules/encoders/hash/sha3/secgen_metadata.xml new file mode 100644 index 000000000..38de74226 --- /dev/null +++ b/modules/encoders/hash/sha3/secgen_metadata.xml @@ -0,0 +1,22 @@ + + + + SHA1 Encoder + Thomas Shaw + MIT + Generates an SHA1 hash for each of the strings. + + hash + sha1 + linux + windows + + strings_to_encode + salt + return_salts + + string + + \ No newline at end of file diff --git a/modules/encoders/hash/sha3/sha3.pp b/modules/encoders/hash/sha3/sha3.pp new file mode 100644 index 000000000..e69de29bb