author Hynek Petrak <hynek.petrak@gmail.com> 1595628792 +0200
committer Spencer McIntyre <Spencer_McIntyre@rapid7.com> 1598532753 -0400
Added module to dump hashes from LDAP
added hash formatters, documentation, ldap authentication
typo
sanitizing
added scenario for NASDeluxe
added few hash attribute examples
typo correction
Co-authored-by: bcoles <bcoles@gmail.com>
typo correction
Co-authored-by: bcoles <bcoles@gmail.com>
typo correction
Co-authored-by: bcoles <bcoles@gmail.com>
avoid option name conflicts
added test scenario
linted
linted
Dump all nameContexts, not just the first one. Search creds in multiple attributes.
attemt to dump special and operational attributes
check if ldap bind succeeded
sanitize the ldap hashes, skip invalid, remove {crypt} prefix
memory optimization for large LDAP servers
spaces at eols
put header to the ldif loot
added other LDAP hash formats, don't save empty ldif, dump root DSE
now we handle vmdir case too
explictly set md5crypt for $
Converted to scanner to improve performance on large networks
krbprincipalkey, memory optimization for ldap.search
handle additional hash types
be verbose about search errors
added per host timeout
catch exception from Net::Ldap
shorten the param value
handle pwdhistory entries
added comment about sambapwdhistory value
reject shorter empty sambapassordhistory entries
reject null nt and lm hashes
report assumed clear text passwords
refactored timeout for the sake of the loot
ignore {SASL} pass-trough auth entries
distinguish unresolved hashes from clear passwords
print ldap server error message, meaningful loot name
correct exception handling
handle hashes with eol
remove debug line
handle pkcs12 in binary form
attemt to control timeout on bind operation
leave LDAP#bind to be called implicitly in #search
remove debug line
fixed bug, when pillage broke the outer LDAP#search
learning ruby
monkey patched ldap connection handling, ignoring bind errors
commenting the net:LDAP misbehaviour
review fixes
review fixes
moving ldap.search into a function
remove fail_with, store loot from one place, print statistics
linting
consolidated ldap_new and connect, don't catch exceptions in the mixin
Complete the credential creation
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
John the Ripper installed from native packages, like ubuntu's 'john' package, might output the version in a slightly different format than when you build from source. This patch adds an addtional attempt to pull the version number from JtR's like these...
debuggin hashcat aix
remove word normal
get hashcat working on aix
add deprecated jtr_aix
prettying up crack_aix
custom wordlists should include the words themselves
make format transparent to user
aix cleanup, linux working
linux working, database in progress
crack databases working
crack windows working
spaces at eol
spec updates
spec updates
spec working
add version detection
crack_aix fixes and docs
refactoring crack modules
fix syntax error
docs for crackers
markup touchups
osx cracker
jenkins
fix jenkins
remove crypt fix osx for 10.7
doc fixes and osx sha512
h00die