Portcullis Labs » JYK https://labs.portcullis.co.uk Research and Development en-US hourly 1 http://wordpress.org/?v=3.8.5 Mass /repair/ SAM and System Grabber https://labs.portcullis.co.uk/tools/mass-repair-sam-system-grabber/ https://labs.portcullis.co.uk/tools/mass-repair-sam-system-grabber/#comments Mon, 04 Nov 2013 06:59:50 +0000 https://labs.portcullis.co.uk/?p=2141 This tool will use included JCIFS library to grab copies of both system and SAM files from “C:\windows\repair\” directory from multiple hosts. Key features A large scale SAM and system grabber from /repair/. It might be useful for these corner cases where live capture of SAM and system files is not possible but you would […]

The post Mass /repair/ SAM and System Grabber appeared first on Portcullis Labs.

]]>
This tool will use included JCIFS library to grab copies of both system and SAM files from “C:\windows\repair\” directory from multiple hosts.

Key features

A large scale SAM and system grabber from /repair/. It might be useful for these corner cases where live capture of SAM and system files is not possible but you would like to get historic hashes out of the system.

Installation

No installation needed, just download and run.

Usage and example

$ java -jar massSSgrab.jar --h=/tmp/ips.txt --u=Administrator --p=Password1 --d=WORKSTATION --o=/tmp/SS --verbose --sam=sam --system=system
 [+] Verbose mode ON
         [+]Will grab SAM/System from : 192.168.56.101
         [+]Running mass SAM/System grab agains : 192.168.56.101
                 [+] 192.168.56.101 :
                         [+] SAM file exists
                         [+] System file exists
                         [+] SAM file saved in /tmp/SS/192.168.56.101/SAM_dump
                         [+] System file saved in /tmp/SS/192.168.56.101/System_dump

In the end of the run you will have a directory full of IP’s and in each of them you would get two files – sam and system. In order to extract the hashes from them you can simply use the following command to turn all the files into single ‘crackable’ hash file and use it for ‘john’ input (provided that you use samdump2 for it):

$ for ip in $(ls /tmp/SS/); do cd /tmp/SS/$ip && samdump2 SAM_dump System_dump; done > /tmp/hashes_from_repair

Options

--help - Display this help
--verbose - Be verbose
--h - Host List (IP's in text file)
--u - Username
--p - Password
--d - Domain
--o - Output Directory
--sam - name of the SAM file (default sam)
--system - name of the SYSTEM file (default system)
MassSSgrab
massSSgrab.zip
November 11, 2013
250.2 KiB
MD5 hash: fe387f3b1417f8b208dd577e9a8ca82d
Details

The post Mass /repair/ SAM and System Grabber appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/tools/mass-repair-sam-system-grabber/feed/ 0
Local MySQL Password Bruteforcer https://labs.portcullis.co.uk/tools/local-mysql-password-bruteforcer/ https://labs.portcullis.co.uk/tools/local-mysql-password-bruteforcer/#comments Fri, 26 Apr 2013 18:38:39 +0000 http://wordpress.65535.com/blogtest/?p=214 Local MySQL Password Bruteforcer is a python script to assess the strength of the local MySQL access passwords. It attempts to enumerate local passwords against either the dictionary of passwords and single user or dictionary of users and passwords. It is written in Python and can be easily ported as an executable for windows using […]

The post Local MySQL Password Bruteforcer appeared first on Portcullis Labs.

]]>
Local MySQL Password Bruteforcer is a python script to assess the strength of the local MySQL access passwords.

It attempts to enumerate local passwords against either the dictionary of passwords and single user or dictionary of users and passwords.

It is written in Python and can be easily ported as an executable for windows using tools such as py2exe.

Installation

No installation needed, just download and run.

Usage

To crack single password for a user:

options: -d -u

To crack passwords for multiple users:

options: -d -U

Options

-h, --help            show this help message and exit
-d FILE, --dictionary=FILE
local password dictionary to use
-U FILE, --usernames=FILE
local username dictionary to use
-v, --verbose         don't print any messages
-u USERNAME, --username=USERNAME
username to crack password against
-f FORCE, --force=FORCE
force quit after first successful crack
Mysql-bruteforcer Tar
mysql-bruteforcer.tar.gz
June 24, 2013
8.2 KiB
MD5 hash: 8f9afd8a01feb8086ab9bc7ef03d9f36
Details

The post Local MySQL Password Bruteforcer appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/tools/local-mysql-password-bruteforcer/feed/ 0