File size: 3,837 Bytes
ff1b5b0 33cf2dd ff1b5b0 33cf2dd ff1b5b0 33cf2dd ff1b5b0 99173c6 ff1b5b0 7f9122d ff1b5b0 7f9122d ff1b5b0 7f9122d ff1b5b0 41c4c77 ff1b5b0 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 | import gradio as gr
import spaces
import subprocess
import os
# --- SETUP ---
def get_hashcat_binary():
binary_path = "./hashcat-7.1.2/hashcat.bin"
if not os.path.exists("hashcat-7.1.2"):
print("Installing dependencies...")
subprocess.run(["apt-get", "update"], check=True)
subprocess.run(["apt-get", "install", "-y", "p7zip-full", "wget"], check=True)
print("Downloading hashcat 7.1.2...")
subprocess.run(["wget", "https://hashcat.net/files/hashcat-7.1.2.7z"], check=True)
subprocess.run(["7z", "x", "hashcat-7.1.2.7z"], check=True)
subprocess.run(["chmod", "+x", binary_path], check=True)
return binary_path
# --- CORE LOGIC ---
@spaces.GPU(duration=600)
def run_hashcat(hash_input, wordlist_input, allowed_symbols, attack_mode):
hc_bin = get_hashcat_binary()
if os.path.exists("target.hash"):
os.remove("target.hash")
if os.path.exists("custom.dict"):
os.remove("custom.dict")
with open("target.hash", "w") as f:
f.write(hash_input.strip() + "\n")
with open("custom.dict", "w") as f:
f.write(wordlist_input.strip())
# Build command as list to avoid shell escaping issues
if attack_mode == "Quick Check (NTLM)":
cmd = [hc_bin, "-m", "1000", "-a", "0", "target.hash", "custom.dict", "--force", "--backend-ignore-cuda"]
elif attack_mode == "Hybrid (Words + 4 Custom Chars)":
cmd = [hc_bin, "-m", "1000", "-a", "6", "-1", allowed_symbols, "target.hash", "custom.dict", "?1?1?1?1", "--force", "--backend-ignore-cuda"]
elif attack_mode == "Hybrid (Words + 6 Custom Chars)":
cmd = [hc_bin, "-m", "1000", "-a", "6", "-1", allowed_symbols, "target.hash", "custom.dict", "?1?1?1?1?1?1", "--force", "--backend-ignore-cuda"]
elif attack_mode == "Rules-Based Mutations":
rules_dir = "/usr/share/hashcat/rules"
rule_path = os.path.join(rules_dir, "best64.rule")
if not os.path.exists(rule_path):
return f"Error: Rule file not found at {rule_path}"
cmd = [hc_bin, "-m", "1000", "-a", "0", "target.hash", "custom.dict", "-r", rule_path, "--force", "-O", "--backend-ignore-opencl"]
else:
return "Error: Invalid mode selected"
print(f"Exec: {' '.join(cmd)}")
try:
result = subprocess.run(cmd, capture_output=True, text=True, timeout=600)
return result.stdout + "\n--- STDERR ---\n" + result.stderr
except Exception as e:
return f"Error: {str(e)}"
# --- INTERFACE ---
with gr.Blocks() as demo:
gr.Markdown("# ⚡ DPAPI Password Recovery Tool")
with gr.Row():
txt_hash = gr.Textbox(label="1. NT Hash", value="3232d48683d6ffc3e7ff9e9052c9a0f3")
txt_words = gr.Textbox(label="2. Password Wordlist (one per line)", lines=8, placeholder="Edward9945\nLove060516\nRed1red")
with gr.Row():
txt_symbols = gr.Textbox(
label="3. Allowed Characters",
value="acdegilmnorstuvwxz0123456789!@#$&*.",
info="Only these chars will be tested"
)
mode_select = gr.Dropdown(
[
"Quick Check (NTLM)",
"Hybrid (Words + 4 Custom Chars)",
"Hybrid (Words + 6 Custom Chars)",
"Rules-Based Mutations"
],
label="4. Attack Mode",
value="Hybrid (Words + 6 Custom Chars)"
)
btn_run = gr.Button("🔓 Crack Password", variant="primary")
output_log = gr.Code(label="Hashcat Output", language="shell")
btn_run.click(
fn=run_hashcat,
inputs=[txt_hash, txt_words, txt_symbols, mode_select],
outputs=output_log
)
if __name__ == "__main__":
demo.launch()
|