e-m-b-a · BenediktMKuehne · Sep 5, 2023 · Sep 3, 2023 · Sep 3, 2023 · Sep 3, 2023
diff --git a/config/trickest_blacklist.txt b/config/trickest_blacklist.txt
@@ -126,3 +126,5 @@ jasnow/585-652-ruby-advisory-db
 pvergain/github-stars
 scordero1234/java_sec_demo-main
 BFHS-Robotics/BFHS-
+Kuromesi/Py4CSKG
+scmanjarrez/CVEScannerV2
diff --git a/modules/S107_deep_password_search.sh b/modules/S107_deep_password_search.sh
@@ -23,6 +23,7 @@ S107_deep_password_search()
   local PW_HASH_CONFIG="$CONFIG_DIR"/password_regex.cfg
   local PW_COUNTER=0
   local PW_PATH=""
+  local PW_HASHES=()
   local PW_HASH=""
 
   find "$FIRMWARE_PATH" -xdev -type f -exec grep --color -n -a -E -H -f "$PW_HASH_CONFIG" {} \; > "$TMP_DIR"/pw_hashes.txt
@@ -32,10 +33,12 @@ S107_deep_password_search()
     write_csv_log "PW_PATH" "PW_HASH"
     while read -r PW_HASH; do
       PW_PATH=$(echo "$PW_HASH" | cut -d: -f1)
-      PW_HASH=$(echo "$PW_HASH" | cut -d: -f2- | sed -r "s/[[:blank:]]+/\ /g")
-      print_output "[+] PATH: $ORANGE$(print_path "$PW_PATH")$GREEN\t-\tHash: $ORANGE$PW_HASH$GREEN."
-      write_csv_log "$PW_PATH" "$PW_HASH"
-      ((PW_COUNTER+=1))
+      mapfile -t PW_HASHES < <(strings "$PW_PATH" | grep --color -a -E -f "$PW_HASH_CONFIG")
+      for PW_HASH in "${PW_HASHES[@]}"; do
+        print_output "[+] PATH: $ORANGE$(print_path "$PW_PATH")$GREEN\t-\tHash: $ORANGE$PW_HASH$GREEN."
+        write_csv_log "NA" "$PW_PATH" "$PW_HASH"
+        ((PW_COUNTER+=1))
+      done
     done < "$TMP_DIR"/pw_hashes.txt
 
     print_ln

diff --git a/modules/S109_jtr_local_pw_cracking.sh b/modules/S109_jtr_local_pw_cracking.sh
@@ -21,7 +21,10 @@ S109_jtr_local_pw_cracking()
   module_log_init "${FUNCNAME[0]}"
 
   local PW_FILE="$CSV_DIR"/s108_stacs_password_search.csv
+  local PW_FILE_S107="$CSV_DIR"/s107_deep_password_search.csv
   local NEG_LOG=0
+  local HASHES_S107=()
+  local HASHES_S108=()
   local HASHES=()
   local HASH=""
   local HASH_SOURCE=""
@@ -33,15 +36,20 @@ S109_jtr_local_pw_cracking()
   # optional wordlist for JTR - if no wordlist is there JTR runs in default mode
   local JTR_WORDLIST="$CONFIG_DIR/jtr_wordlist.txt"
 
-  # This module waits for S108_stacs_password_search
+  # This module waits for S108_stacs_password_search and S107_deep_password_search
   # check emba.log for S108_stacs_password_search starting
+  module_wait "S107_deep_password_search"
   module_wait "S108_stacs_password_search"
 
   module_title "Cracking identified password hashes"
   pre_module_reporter "${FUNCNAME[0]}"
 
   if [[ -f "$PW_FILE" ]]; then
-    mapfile -t HASHES < <(cut -d\; -f1,2,3 "$PW_FILE" | grep -v "PW_PATH;PW_HASH" | sort -k 2 -t \; -u)
+    mapfile -t HASHES_S108 < <(cut -d\; -f1,2,3 "$PW_FILE" | grep -v "PW_PATH;PW_HASH" | sort -k 2 -t \; -u)
+    mapfile -t HASHES_S107 < <(cut -d\; -f1,2,3 "$PW_FILE_S107" | grep -v "PW_HASH" | sort -k 2 -t \; -u)
+
+    HASHES=("${HASHES_S107[@]}" "${HASHES_S108[@]}")
+
     for HASH in "${HASHES[@]}"; do
       HASH_DESCRIPTION=$(basename "$(echo "$HASH" | cut -d\; -f1)")
       HASH_SOURCE=$(basename "$(echo "$HASH" | cut -d\; -f2)")