Coder Social home page Coder Social logo

adrianvollmer / crack-o-matic Goto Github PK

View Code? Open in Web Editor NEW
101.0 6.0 3.0 412 KB

Find and notify users in your Active Directory with weak passwords

License: MIT License

Python 84.03% CSS 2.11% JavaScript 2.25% HTML 9.80% Jinja 1.82%
blueteam cracking-hashes active-directory john-the-ripper hashcat flask

crack-o-matic's Introduction

Crack-O-Matic

Find and notify users in your Active Directory with weak passwords.

Features:

  • Linux-based
  • Flask-based web app
  • Hashcat or John cracker
  • Automated e-mails
  • Graphical reports
  • Privacy preserving

Read the docs for more information.

Screenshots

Report 1

Report 2

Tests

If you're a developer and want to run the tests, you need to edit tests/.env and define the following variables according to your environment:

# path to `john` binary
JOHN_PATH=/opt/john/run/john
# path to `hashcat` binary
HASHCAT_PATH=/usr/bin/hashcat
# FQDN of a test domain
DOMAIN=crack.local
# name of one of its domain admins
DOMAINUSER=Administrator
# domain admin password
DOMAINPASS=
# FQDN of a domain controller in the test domain
HOST=localdc.crack.local

If you don't have a test domain, you can use the docker-compose file in tests/docker to run a Samba DC (docker-compose run --service-ports dc). Inside the file you will find the values you need. You should also create an entry for the FQDN in your /etc/hosts.

License and Copyright

MIT, Copyright 2021 Adrian Vollmer

See LICENSE for the full license text.

crack-o-matic's People

Contributors

adrianvollmer avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

trendingtechnology securityanalysts 8yumzy88

crack-o-matic's Issues

Error Could not determine cracker status

At Home - Screen

It shows

Running
State

CRACKING
Stage

Error
Could not determine cracker status

No additional information in Events. Last Entry:
Audit with ID d7dd66094ddb42dababa4d87e496c4cc has a new state: CRACKING

ps shows running hashcat process. It looks like that the process is running.

Error with trying to replicate from DC

Getting the following error message whenever I try to start an audit job
ERROR - crackomatic.job - Replication failed with return code -1
Traceback (most recent call last):
File "/home/crackomatic/.local/lib/python3.8/site-packages/crackomatic/job.py", line 71, in run
hashes = get_hashes(
File "/home/crackomatic/.local/lib/python3.8/site-packages/crackomatic/smb.py", line 126, in get_hashes
replicate(root_dir, domain, ip, username, password, history)
File "/home/crackomatic/.local/lib/python3.8/site-packages/crackomatic/smb.py", line 80, in replicate
raise RuntimeError(
RuntimeError: Replication failed with return code -1

Stuck at Committing SAM database

Done with always replicated NC (base, config, schema)
Committing SAM database

How long can this step take?

Waiting for about 20 Minutes.

Home Screen error - if in stage cracking -

[2021-05-07 15:03:30,342] ERROR in app: Exception on / [GET]
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/flask/app.py", line 2292, in wsgi_app
response = self.full_dispatch_request()
File "/usr/lib/python3/dist-packages/flask/app.py", line 1815, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/lib/python3/dist-packages/flask/app.py", line 1718, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/lib/python3/dist-packages/flask/_compat.py", line 35, in reraise
raise value
File "/usr/lib/python3/dist-packages/flask/app.py", line 1813, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/lib/python3/dist-packages/flask/app.py", line 1799, in dispatch_request
return self.view_functionsrule.endpoint
File "/usr/lib/python3/dist-packages/flask_login/utils.py", line 261, in decorated_view
return func(*args, **kwargs)
File "/home/crackomatic/.local/lib/python3.7/site-packages/crackomatic/flask.py", line 144, in home
status = backend.get_status()
File "/home/crackomatic/.local/lib/python3.7/site-packages/crackomatic/backend.py", line 370, in get_st atus
eta = status['ETA'] - dt.now()
TypeError: unsupported operand type(s) for -: 'str' and 'datetime.datetime'

Error if additional_args is not configured

Traceback (most recent call last):
File "/home/crackomatic/.local/lib/python3.7/site-packages/crackomatic/job.py", line 89, in run
args=shlex.split(self.cracker_config['additional_args']),
KeyError: 'additional_args'

In my case i add --force to hashcat and it worked

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.