Shulou(Shulou.com)05/31 Report--

In this issue, Xiaobian will bring you about how CrackerJack is implemented on Hashcat's Web interface. The article is rich in content and analyzed and described from a professional perspective. After reading this article, I hope you can gain something.

CrackerJack Introduction and Architecture

CrackerJack is a Web GUI implementation of Hashcat, based on the Python programming language and designed to implement GUI interfaces while maintaining Hashcat tools independence. In short, CrackerJack enables the following:

Users can upload hashes, select dictionaries, rules, masks, etc., and click Start.

The Web server will generate a new screen, generate hashcat commands based on configuration, run commands on the interface, monitor and parse screen output data, and display the results to the user in the GUI.

This allows CrackerJack to be associated with the input/output of Hashcat, plus if the GUI fails to work for any reason, Hashcat will continue to run.

function introduction

Minimal dependencies: use sqlite3, screen and hashcat;

Complete hashcat session management, supports opening, terminating, suspending and resuming running sessions, and terminates cracking tasks after a specified time;

Web interfaces support mask generation (? a? l? u）;

Web push notifications after password cracking;

Swagger 2.0 API;

generating a dictionary according to the cracked password and using the dictionary in cracking the conversation;

Multi-user support;

Dictionary/mask/rule support;

Easy to operate, all configurations can be operated through GUI, no need to edit configuration files, support local operation in Linux and Windows;

Support backup, all user data is stored in./ data directory;

restrictions

Queue jobs are not supported and can only be used for on-demand password cracking.

The goal is not to replace command-line tools, CrackerJack is free and only supports basic and most common cracking tasks.

No GPU drivers will be installed.

Dictionaries and rules already exist in the system.

tool requires

Python >= 3.6

Screen >= 4.06.00

Hashcat

tool mounting

Researchers can clone the project source code locally using the following command:

git clone https://github.com/ctxis/crackerjack Virtual Environment

Switch to the directory where the project is located in the command line terminal and run the following command:

python3 -m venv venv # You might need to change python3 to python3.6. venv/bin/activatepip install -r requirements.txtflask db initflask db migrateflask db upgradeDeactivate settings www-data Owner

Since the Web server needs to run under www-data, we need to give the application user rights:

sudo chown -R www-data:www-data /path/to/crackerjack Run locally

We can use CrackerJack locally without using Apache/Nginx, navigate to the project directory, and run the following command:

. venv/bin/activateexport FLASK_ENV=developmentexport FLASK_APP=appflask run

After running, you will see the following message:

(venv) $ flask run * Serving Flask app "app" (lazy loading) * Environment: development * Debug mode: on * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit) * Restarting with stat * Debugger is active! * Debugger PIN: 182-315-751

Next, we can visit http://127.0.0.1:5000/in the browser to use CrackerJack.

Screenshot of tool operation

Active sessions:

Dashboard:

Conversation:

Select hash:

Hash type selection:

Dictionary Selection:

Mask generation:

General session settings:

The above is how the Hashcat Web interface implementation CrackerJack is shared by Xiaobian. If you happen to have similar doubts, you may wish to refer to the above analysis for understanding. If you want to know more about it, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.