From 4f84adc32038a86c32116f63e6a8cae69a2b1782 Mon Sep 17 00:00:00 2001 From: iphelix Date: Wed, 17 Jul 2013 19:46:52 -0700 Subject: [PATCH] Cleaned up source code spacing and added mask output to maskgen.py --- maskgen.py | 325 +++++++++++++++++++++++++++------------------------ policygen.py | 178 ++++++++++++++-------------- statsgen.py | 198 +++++++++++++++---------------- 3 files changed, 361 insertions(+), 340 deletions(-) diff --git a/maskgen.py b/maskgen.py index 2fe9bf1..3359a90 100755 --- a/maskgen.py +++ b/maskgen.py @@ -29,6 +29,7 @@ # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. import csv, string +import datetime from operator import itemgetter from optparse import OptionParser @@ -45,194 +46,214 @@ allmasks = dict() ## Calculate complexity of a single mask ################################################################## def complexity(mask): - count = 1 - for char in mask[1:].split("?"): - if char == "l": count *= 26 - elif char == "u": count *= 26 - elif char == "d": count *= 10 - elif char == "s": count *= 33 - else: "[!] Error, unknown mask ?%s" % char + count = 1 + for char in mask[1:].split("?"): - return count + # Loweralpha + if char == "l": + count *= 26 + + # Upperalpha + elif char == "u": + count *= 26 + + # Numeric + elif char == "d": + count *= 10 + + # Special + elif char == "s": + count *= 33 + + # Unknown mask + else: + print "[!] Error, unknown mask ?%s in a mask %s" % (char,mask) + + return count ################################################################### ## Calculate complexity of a complex mask ################################################################### def maskcomplexity(mask): - complexity = 1 - for submask in mask.split(" "): - permutations = 0 - for char in submask[1:].split("?"): - if char == "l": permutations += 26 - elif char == "u": permutations += 26 - elif char == "d": permutations += 10 - elif char == "s": permutations += 33 - else: "[!] Error, unknown mask ?%s" % char - if permutations: complexity *= permutations + combined_complexity = 1 + for submask in mask.split(): + combined_complexity *= complexity(submask) - return complexity + return combined_complexity ################################################################### ## Check if complex mask matches a sample mask ################################################################### def matchmask(checkmask,mask): - length = len(mask)/2 - checklength = len(checkmask.split(" ")) + length = len(mask)/2 + checklength = len(checkmask.split(" ")) - if length == checklength: - masklist = mask[1:].split("?") - for i, submask in enumerate(checkmask.split(" ")): - for char in submask[1:].split("?"): - if char == masklist[i]: - break - else: - return False - else: - return True - else: - return False + if length == checklength: + masklist = mask[1:].split("?") + for i, submask in enumerate(checkmask.split(" ")): + for char in submask[1:].split("?"): + if char == masklist[i]: + break + else: + return False + else: + return True + else: + return False - + ################################################################### ## Combine masks ################################################################### def genmask(mask): - global mastermasks - length = len(mask)/2 - - try: - lengthmask = mastermasks[length] - except: - mastermasks[length] = dict() - lengthmask = mastermasks[length] - - for i,v in enumerate(mask[1:].split("?")): - try: - positionmask = lengthmask[i] - except: - lengthmask[i] = set() - positionmask = lengthmask[i] + global mastermasks + length = len(mask)/2 + + if not length in mastermasks: + mastermasks[length] = dict() + + for i,v in enumerate(mask[1:].split("?")): - positionmask.add("?%s" % v) + if not i in mastermasks[length]: + mastermasks[length][i] = set() + + mastermasks[length][i].add("?%s" % v) ################################################################### ## Store all masks in based on length and count ################################################################### def storemask(mask,occurrence): - global allmasks - length = len(mask)/2 - - #print "Storing mask %s" % mask - try: - lengthmask = allmasks[length] - except: - allmasks[length] = dict() - lengthmask = allmasks[length] - - lengthmask[mask] = int(occurrence) + global allmasks + length = len(mask)/2 + + if not length in allmasks: + allmasks[length] = dict() + + allmasks[length][mask] = int(occurrence) def main(): - # Constants - total_occurrence = 0 - sample_occurrence = 0 - sample_time = 0 + # Constants + total_occurrence = 0 + sample_occurrence = 0 + sample_time = 0 - # TODO: I want to actually see statistical analysis of masks not just based on size but also frequency and time - # per length and per count + # TODO: I want to actually see statistical analysis of masks not just based on size but also frequency and time + # per length and per count - header = " _ \n" - header += " MaskGen 0.0.2 | |\n" - header += " _ __ __ _ ___| | _\n" - header += " | '_ \ / _` |/ __| |/ /\n" - header += " | |_) | (_| | (__| < \n" - header += " | .__/ \__,_|\___|_|\_\\\n" - header += " | | \n" - header += " |_| iphelix@thesprawl.org\n" - header += "\n" + header = " _ \n" + header += " MaskGen 0.0.2 | |\n" + header += " _ __ __ _ ___| | _\n" + header += " | '_ \ / _` |/ __| |/ /\n" + header += " | |_) | (_| | (__| < \n" + header += " | .__/ \__,_|\___|_|\_\\\n" + header += " | | \n" + header += " |_| iphelix@thesprawl.org\n" + header += "\n" - parser = OptionParser("%prog [options] masksfile.csv", version="%prog "+VERSION) - parser.add_option("--minlength", dest="minlength",help="Minimum password length", type="int", metavar="8") - parser.add_option("--maxlength", dest="maxlength",help="Maximum password length", type="int", metavar="8") - parser.add_option("--mintime", dest="mintime",help="Minimum time to crack", type="int", metavar="") - parser.add_option("--maxtime", dest="maxtime",help="Maximum time to crack", type="int", metavar="") - parser.add_option("--complexity", dest="complexity",help="maximum password complexity", type="int", metavar="") - parser.add_option("--occurrence", dest="occurrence",help="minimum times mask was used", type="int", metavar="") - parser.add_option("--checkmask", dest="checkmask",help="check mask coverage", metavar="?u?l ?l ?l ?l ?l ?d") - parser.add_option("--showmasks", dest="showmasks",help="Show matching masks", action="store_true", default=False) - parser.add_option("--pps", dest="pps",help="Passwords per Second", type="int", default=pps, metavar="1000000000") - parser.add_option("-q", "--quiet", action="store_true", dest="quiet", default=False, help="Don't show headers.") - (options, args) = parser.parse_args() + parser = OptionParser("%prog [options] masksfile.csv", version="%prog "+VERSION) + parser.add_option("--minlength", dest="minlength",help="Minimum password length", type="int", metavar="8") + parser.add_option("--maxlength", dest="maxlength",help="Maximum password length", type="int", metavar="8") + parser.add_option("--mintime", dest="mintime",help="Minimum time to crack", type="int", metavar="") + parser.add_option("--maxtime", dest="maxtime",help="Maximum time to crack", type="int", metavar="") + parser.add_option("--complexity", dest="complexity",help="maximum password complexity", type="int", metavar="") + parser.add_option("--occurrence", dest="occurrence",help="minimum times mask was used", type="int", metavar="") + parser.add_option("--checkmask", dest="checkmask",help="check mask coverage", metavar="?u?l ?l ?l ?l ?l ?d") + parser.add_option("--showmasks", dest="showmasks",help="Show matching masks", action="store_true", default=False) + parser.add_option("--pps", dest="pps",help="Passwords per Second", type="int", default=pps, metavar="1000000000") + parser.add_option("-o", "--masksoutput", dest="masks_output",help="Save masks to a file", metavar="masks.hcmask") - # Print program header - if not options.quiet: - print header + parser.add_option("-q", "--quiet", action="store_true", dest="quiet", default=False, help="Don't show headers.") + (options, args) = parser.parse_args() - if len(args) != 1: - parser.error("no masks file specified") - exit(1) - - print "[*] Analysing masks: %s" % args[0] - maskReader = csv.reader(open(args[0],'r'), delimiter=',', quotechar='"') - #headerline = maskReader.next() + # Print program header + if not options.quiet: + print header - # Check the coverage of a particular mask for a given set - if options.checkmask: - length = len(options.checkmask.split(" ")) + if len(args) != 1: + parser.error("no masks file specified") + exit(1) - # Prepare master mask list for analysis - mastermasks[length] = dict() - lengthmask = mastermasks[length] - for i, submask in enumerate(options.checkmask.split(" ")): - lengthmask[i] = set() - positionmask = lengthmask[i] - for char in submask[1:].split("?"): - positionmask.add("?%s" % char) + print "[*] Analysing masks: %s" % args[0] + maskReader = csv.reader(open(args[0],'r'), delimiter=',', quotechar='"') + #headerline = maskReader.next() - for (mask,occurrence) in maskReader: - total_occurrence += int(occurrence) - if matchmask(options.checkmask,mask): - sample_occurrence += int(occurrence) - storemask(mask,occurrence) - - # Generate masks from a given set - else: - for (mask,occurrence) in maskReader: - total_occurrence += int(occurrence) - - if (not options.occurrence or int(occurrence) >= options.occurrence) and \ - (not options.maxlength or len(mask)/2 <= options.maxlength) and \ - (not options.minlength or len(mask)/2 >= options.minlength) and \ - (not options.complexity or complexity(mask) <= options.complexity) and \ - (not options.maxtime or complexity(mask)/options.pps <= options.maxtime) and \ - (not options.mintime or complexity(mask)/options.pps >= options.mintime): - - genmask(mask) - storemask(mask,occurrence) - sample_occurrence += int(occurrence) + # Check the coverage of a particular mask for a given set + if options.checkmask: + length = len(options.checkmask.split(" ")) - #################################################################################### - ## Analysis - #################################################################################### - for length,lengthmask in sorted(mastermasks.iteritems()): - maskstring = "" - for position,maskset in lengthmask.iteritems(): maskstring += "%s " % string.join(maskset,"") - - mask_time = maskcomplexity(maskstring)/options.pps - sample_time += mask_time + # Prepare master mask list for analysis + mastermasks[length] = dict() - length_occurrence = 0 - - for mask, occurrence in allmasks[length].iteritems(): - length_occurrence += int(occurrence) - print "[*] [%d] [%d/%d] [%.02f] [%dd|%dh|%dm|%ds] %s" % (length, length_occurrence, total_occurrence, length_occurrence*100/total_occurrence, mask_time/60/60/24, mask_time/60/60, mask_time/60, mask_time,maskstring) - - if options.showmasks: - for mask,mask_occurrence in sorted(allmasks[length].iteritems(),key=itemgetter(1),reverse=True): - mask_time = complexity(mask)/options.pps - print " [%d] [%d/%d] [%.02f] [%.02f] [%dd|%dh|%dm|%ds] %s" % (length, mask_occurrence, length_occurrence, mask_occurrence*100/length_occurrence, mask_occurrence*100/total_occurrence,mask_time/60/60/24, mask_time/60/60, mask_time/60, mask_time,mask) + for i, submask in enumerate(options.checkmask.split(" ")): - print "[*] Coverage is %%%d (%d/%d)" % (sample_occurrence*100/total_occurrence,sample_occurrence,total_occurrence) - print "[*] Total time [%dd|%dh|%dm|%ds]" % (sample_time/60/60/24,sample_time/60/60,sample_time/60,sample_time) + mastermasks[length][i] = set() + for char in submask[1:].split("?"): + mastermasks[length][i].add("?%s" % char) + + for (mask,occurrence) in maskReader: + total_occurrence += int(occurrence) + if matchmask(options.checkmask,mask): + sample_occurrence += int(occurrence) + storemask(mask,occurrence) + + # Generate masks from a given set + else: + for (mask,occurrence) in maskReader: + total_occurrence += int(occurrence) + + if (not options.occurrence or int(occurrence) >= options.occurrence) and \ + (not options.maxlength or len(mask)/2 <= options.maxlength) and \ + (not options.minlength or len(mask)/2 >= options.minlength) and \ + (not options.complexity or complexity(mask) <= options.complexity) and \ + (not options.maxtime or complexity(mask)/options.pps <= options.maxtime) and \ + (not options.mintime or complexity(mask)/options.pps >= options.mintime): + + genmask(mask) + storemask(mask,occurrence) + sample_occurrence += int(occurrence) + + #################################################################################### + ## Analysis + #################################################################################### + + if options.masks_output: + f = open(options.masks_output,'w+') + + for length,lengthmask in sorted(mastermasks.iteritems()): + maskstring = "" + for position,maskset in lengthmask.iteritems(): + maskstring += "%s " % string.join(maskset,"") + + + length_occurrence = 0 + combined_mask_time = 0 + + # Calculate occurrence and time complexity of component masks + # for each password length. + for mask, occurrence in allmasks[length].iteritems(): + length_occurrence += int(occurrence) + combined_mask_time += complexity(mask)/options.pps + + sample_time += combined_mask_time + + time_string = "Don't bother." + if not combined_mask_time > 3784320000: + time_string = str(datetime.timedelta(seconds=combined_mask_time)) + + print "[*] [%d] [%d/%d] [%.02f] [%s]" % (length, length_occurrence, total_occurrence, length_occurrence*100/total_occurrence, time_string) + + if options.showmasks: + for mask,mask_occurrence in sorted(allmasks[length].iteritems(),key=itemgetter(1),reverse=True): + mask_time = complexity(mask)/options.pps + print " [%d] [%d/%d] [%.02f] [%.02f] [%dd|%dh|%dm|%ds] %s" % (length, mask_occurrence, length_occurrence, mask_occurrence*100/length_occurrence, mask_occurrence*100/total_occurrence,mask_time/60/60/24, mask_time/60/60, mask_time/60, mask_time,mask) + + if options.masks_output: + for mask,mask_occurrence in sorted(allmasks[length].iteritems(),key=itemgetter(1),reverse=True): + f.write("%s\n" % mask) + + + print "[*] Coverage is %%%d (%d/%d)" % (sample_occurrence*100/total_occurrence,sample_occurrence,total_occurrence) + print "[*] Total time [%dd|%dh|%dm|%ds]" % (sample_time/60/60/24,sample_time/60/60,sample_time/60,sample_time) if __name__ == "__main__": - main() + main() diff --git a/policygen.py b/policygen.py index 711b53b..b9925fc 100755 --- a/policygen.py +++ b/policygen.py @@ -45,114 +45,114 @@ total_time = 0 # Calculate complexity of a single mask ################################################################## def complexity(mask): - count = 1 - for char in mask[1:].split("?"): - if char == "l": count *= 26 - elif char == "u": count *= 26 - elif char == "d": count *= 10 - elif char == "s": count *= 33 - else: "[!] Error, unknown mask ?%s" % char + count = 1 + for char in mask[1:].split("?"): + if char == "l": count *= 26 + elif char == "u": count *= 26 + elif char == "d": count *= 10 + elif char == "s": count *= 33 + else: "[!] Error, unknown mask ?%s" % char - return count + return count ################################################################### # Check whether a sample password mask matches defined policy ################################################################### def filtermask(maskstring,options): - global total_time, sample_time - - # define character counters - lowercount = uppercount = digitcount = specialcount = 0 - - # calculate password complexity and cracking time - mask_time = complexity(maskstring)/options.pps - total_time += mask_time - - for char in maskstring[1:].split("?"): - if char == "l": lowercount += 1 - elif char == "u": uppercount += 1 - elif char == "d": digitcount += 1 - elif char == "s": specialcount += 1 - - # Filter according to password policy - if lowercount >= options.minlower and lowercount <= options.maxlower and \ - uppercount >= options.minupper and uppercount <= options.maxupper and \ - digitcount >= options.mindigits and digitcount <= options.maxdigits and \ - specialcount >= options.minspecial and specialcount <= options.maxspecial: - sample_time += mask_time - if options.verbose: - print "[*] [%dd|%dh|%dm|%ds] %s [l:%d u:%d d:%d s:%d]" % (mask_time/60/60/24, mask_time/60/60, mask_time/60, mask_time,maskstring,lowercount,uppercount,digitcount,specialcount) - return True - else: - return False + global total_time, sample_time + + # define character counters + lowercount = uppercount = digitcount = specialcount = 0 + + # calculate password complexity and cracking time + mask_time = complexity(maskstring)/options.pps + total_time += mask_time + + for char in maskstring[1:].split("?"): + if char == "l": lowercount += 1 + elif char == "u": uppercount += 1 + elif char == "d": digitcount += 1 + elif char == "s": specialcount += 1 + + # Filter according to password policy + if lowercount >= options.minlower and lowercount <= options.maxlower and \ + uppercount >= options.minupper and uppercount <= options.maxupper and \ + digitcount >= options.mindigits and digitcount <= options.maxdigits and \ + specialcount >= options.minspecial and specialcount <= options.maxspecial: + sample_time += mask_time + if options.verbose: + print "[*] [%dd|%dh|%dm|%ds] %s [l:%d u:%d d:%d s:%d]" % (mask_time/60/60/24, mask_time/60/60, mask_time/60, mask_time,maskstring,lowercount,uppercount,digitcount,specialcount) + return True + else: + return False def main(): - # define mask counters - total_count = sample_count = 0 + # define mask counters + total_count = sample_count = 0 - header = " _ \n" - header += " PolicyGen 0.0.1 | |\n" - header += " _ __ __ _ ___| | _\n" - header += " | '_ \ / _` |/ __| |/ /\n" - header += " | |_) | (_| | (__| < \n" - header += " | .__/ \__,_|\___|_|\_\\\n" - header += " | | \n" - header += " |_| iphelix@thesprawl.org\n" - header += "\n" + header = " _ \n" + header += " PolicyGen 0.0.1 | |\n" + header += " _ __ __ _ ___| | _\n" + header += " | '_ \ / _` |/ __| |/ /\n" + header += " | |_) | (_| | (__| < \n" + header += " | .__/ \__,_|\___|_|\_\\\n" + header += " | | \n" + header += " |_| iphelix@thesprawl.org\n" + header += "\n" - # parse command line arguments - parser = OptionParser("%prog [options]\n\nType --help for more options", version="%prog "+VERSION) - parser.add_option("--length", dest="length", help="Password length", type="int", default=8, metavar="8") - parser.add_option("-o", "--output", dest="output",help="Save masks to a file", metavar="masks.txt") - parser.add_option("--pps", dest="pps", help="Passwords per Second", type="int", default=pps, metavar="1000000000") - parser.add_option("-v", "--verbose", action="store_true", dest="verbose") + # parse command line arguments + parser = OptionParser("%prog [options]\n\nType --help for more options", version="%prog "+VERSION) + parser.add_option("--length", dest="length", help="Password length", type="int", default=8, metavar="8") + parser.add_option("-o", "--output", dest="output",help="Save masks to a file", metavar="masks.txt") + parser.add_option("--pps", dest="pps", help="Passwords per Second", type="int", default=pps, metavar="1000000000") + parser.add_option("-v", "--verbose", action="store_true", dest="verbose") - group = OptionGroup(parser, "Password Policy", "Define the minimum (or maximum) password strength policy that you would like to test") - group.add_option("--mindigits", dest="mindigits", help="Minimum number of digits", default=0, type="int", metavar="1") - group.add_option("--minlower", dest="minlower", help="Minimum number of lower-case characters", default=0, type="int", metavar="1") - group.add_option("--minupper", dest="minupper", help="Minimum number of upper-case characters", default=0, type="int", metavar="1") - group.add_option("--minspecial", dest="minspecial", help="Minimum number of special characters", default=0, type="int", metavar="1") - group.add_option("--maxdigits", dest="maxdigits", help="Maximum number of digits", default=9999, type="int", metavar="3") - group.add_option("--maxlower", dest="maxlower", help="Maximum number of lower-case characters", default=9999, type="int", metavar="3") - group.add_option("--maxupper", dest="maxupper", help="Maximum number of upper-case characters", default=9999, type="int", metavar="3") - group.add_option("--maxspecial", dest="maxspecial", help="Maximum number of special characters", default=9999, type="int", metavar="3") - parser.add_option("-q", "--quiet", action="store_true", dest="quiet", default=False, help="Don't show headers.") - parser.add_option_group(group) + group = OptionGroup(parser, "Password Policy", "Define the minimum (or maximum) password strength policy that you would like to test") + group.add_option("--mindigits", dest="mindigits", help="Minimum number of digits", default=0, type="int", metavar="1") + group.add_option("--minlower", dest="minlower", help="Minimum number of lower-case characters", default=0, type="int", metavar="1") + group.add_option("--minupper", dest="minupper", help="Minimum number of upper-case characters", default=0, type="int", metavar="1") + group.add_option("--minspecial", dest="minspecial", help="Minimum number of special characters", default=0, type="int", metavar="1") + group.add_option("--maxdigits", dest="maxdigits", help="Maximum number of digits", default=9999, type="int", metavar="3") + group.add_option("--maxlower", dest="maxlower", help="Maximum number of lower-case characters", default=9999, type="int", metavar="3") + group.add_option("--maxupper", dest="maxupper", help="Maximum number of upper-case characters", default=9999, type="int", metavar="3") + group.add_option("--maxspecial", dest="maxspecial", help="Maximum number of special characters", default=9999, type="int", metavar="3") + parser.add_option("-q", "--quiet", action="store_true", dest="quiet", default=False, help="Don't show headers.") + parser.add_option_group(group) - (options, args) = parser.parse_args() + (options, args) = parser.parse_args() - # cleanup maximum occurence options - if options.maxlower > options.length: options.maxlower = options.length - if options.maxdigits > options.length: options.maxdigits = options.length - if options.mindigits > options.length: options.mindigits = options.length - if options.maxupper > options.length: options.maxupper = options.length - if options.maxspecial > options.length: options.maxspecial = options.length + # cleanup maximum occurence options + if options.maxlower > options.length: options.maxlower = options.length + if options.maxdigits > options.length: options.maxdigits = options.length + if options.mindigits > options.length: options.mindigits = options.length + if options.maxupper > options.length: options.maxupper = options.length + if options.maxspecial > options.length: options.maxspecial = options.length - # Print program header - if not options.quiet: - print header + # Print program header + if not options.quiet: + print header - # print current password policy - print "[*] Password policy:" - print "[+] Password length: %d" % options.length - print "[+] Minimum strength: lower: %d, upper: %d, digits: %d, special: %d" % (options.minlower, options.minupper, options.mindigits, options.minspecial) - print "[+] Maximum strength: lower: %d, upper: %d, digits: %d, special: %d" % (options.maxlower, options.maxupper, options.maxdigits, options.maxspecial) + # print current password policy + print "[*] Password policy:" + print "[+] Password length: %d" % options.length + print "[+] Minimum strength: lower: %d, upper: %d, digits: %d, special: %d" % (options.minlower, options.minupper, options.mindigits, options.minspecial) + print "[+] Maximum strength: lower: %d, upper: %d, digits: %d, special: %d" % (options.maxlower, options.maxupper, options.maxdigits, options.maxspecial) - if options.output: f = open(options.output, 'w') + if options.output: f = open(options.output, 'w') - # generate all possible password masks and compare them to policy - # TODO: Randomize or even statistically arrange matching masks - for password in itertools.product(['?l','?u','?d','?s'],repeat=options.length): - if filtermask(''.join(password), options): - if options.output: f.write("%s\n" % ''.join(password)) - sample_count +=1 - total_count += 1 + # generate all possible password masks and compare them to policy + # TODO: Randomize or even statistically arrange matching masks + for password in itertools.product(['?l','?u','?d','?s'],repeat=options.length): + if filtermask(''.join(password), options): + if options.output: f.write("%s\n" % ''.join(password)) + sample_count +=1 + total_count += 1 - if options.output: f.close() + if options.output: f.close() - print "[*] Total Masks: %d Runtime: [%dd|%dh|%dm|%ds]" % (total_count, total_time/60/60/24, total_time/60/60, total_time/60, total_time) - print "[*] Policy Masks: %d Runtime: [%dd|%dh|%dm|%ds]" % (sample_count, sample_time/60/60/24, sample_time/60/60, sample_time/60, sample_time) + print "[*] Total Masks: %d Runtime: [%dd|%dh|%dm|%ds]" % (total_count, total_time/60/60/24, total_time/60/60, total_time/60, total_time) + print "[*] Policy Masks: %d Runtime: [%dd|%dh|%dm|%ds]" % (sample_count, sample_time/60/60/24, sample_time/60/60, sample_time/60, sample_time) if __name__ == "__main__": - main() + main() diff --git a/statsgen.py b/statsgen.py index 1458257..55dc689 100755 --- a/statsgen.py +++ b/statsgen.py @@ -35,11 +35,11 @@ from optparse import OptionParser VERSION = "0.0.2" try: - import psyco - psyco.full() - print "[*] Using Psyco to accelerate parsing." + import psyco + psyco.full() + print "[*] Using Psyco to accelerate parsing." except ImportError: - print "[?] Psyco is not available. Install Psyco on 32-bit systems for faster parsing." + print "[?] Psyco is not available. Install Psyco on 32-bit systems for faster parsing." password_counter = 0 @@ -74,125 +74,125 @@ masks_regex.append(('stringspecialstring',re.compile('^[a-z]+[^a-z0-9]+[a-z]+$', masks_regex.append(('stringspecialdigit',re.compile('^[a-z]+[^a-z0-9]+\d+$', re.IGNORECASE))) masks_regex.append(('specialstringspecial',re.compile('^[^a-z0-9]+[a-z]+[^a-z0-9]+$', re.IGNORECASE))) -def length_check(password): - return len(password) +def length_check(password): + return len(password) def masks_check(password): - for (name,regex) in masks_regex: - if regex.match(password): - return name - else: - return "othermask" + for (name,regex) in masks_regex: + if regex.match(password): + return name + else: + return "othermask" def chars_check(password): - for (name,regex) in chars_regex: - if regex.match(password): - return name - else: - return "otherchar" + for (name,regex) in chars_regex: + if regex.match(password): + return name + else: + return "otherchar" def advmask_check(password): - advmask = list() - for letter in password: - if letter in string.digits: advmask.append("?d") - elif letter in string.lowercase: advmask.append("?l") - elif letter in string.uppercase: advmask.append("?u") - else: advmask.append("?s") - return "".join(advmask) + advmask = list() + for letter in password: + if letter in string.digits: advmask.append("?d") + elif letter in string.lowercase: advmask.append("?l") + elif letter in string.uppercase: advmask.append("?u") + else: advmask.append("?s") + return "".join(advmask) def main(): - password_length = dict() - masks = dict() - advmasks = dict() - chars = dict() - filter_counter = 0 - total_counter = 0 + password_length = dict() + masks = dict() + advmasks = dict() + chars = dict() + filter_counter = 0 + total_counter = 0 - header = " _ \n" - header += " StatsGen 0.0.2 | |\n" - header += " _ __ __ _ ___| | _\n" - header += " | '_ \ / _` |/ __| |/ /\n" - header += " | |_) | (_| | (__| < \n" - header += " | .__/ \__,_|\___|_|\_\\\n" - header += " | | \n" - header += " |_| iphelix@thesprawl.org\n" - header += "\n" + header = " _ \n" + header += " StatsGen 0.0.2 | |\n" + header += " _ __ __ _ ___| | _\n" + header += " | '_ \ / _` |/ __| |/ /\n" + header += " | |_) | (_| | (__| < \n" + header += " | .__/ \__,_|\___|_|\_\\\n" + header += " | | \n" + header += " |_| iphelix@thesprawl.org\n" + header += "\n" - parser = OptionParser("%prog [options] passwords.txt", version="%prog "+VERSION) - parser.add_option("-l", "--length", dest="length_filter",help="Password length filter.",metavar="8") - parser.add_option("-c", "--charset", dest="char_filter", help="Password charset filter.", metavar="loweralpha") - parser.add_option("-m", "--mask", dest="mask_filter",help="Password mask filter", metavar="stringdigit") - parser.add_option("-o", "--maskoutput", dest="mask_output",help="Save masks to a file", metavar="masks.csv") - parser.add_option("-q", "--quiet", action="store_true", dest="quiet", default=False, help="Don't show headers.") - (options, args) = parser.parse_args() + parser = OptionParser("%prog [options] passwords.txt", version="%prog "+VERSION) + parser.add_option("-l", "--length", dest="length_filter",help="Password length filter.",metavar="8") + parser.add_option("-c", "--charset", dest="char_filter", help="Password charset filter.", metavar="loweralpha") + parser.add_option("-m", "--mask", dest="mask_filter",help="Password mask filter", metavar="stringdigit") + parser.add_option("-o", "--masksoutput", dest="mask_output",help="Generate and save masks db to a file", metavar="masks.csv") + parser.add_option("-q", "--quiet", action="store_true", dest="quiet", default=False, help="Don't show headers.") + (options, args) = parser.parse_args() - # Print program header - if not options.quiet: - print header + # Print program header + if not options.quiet: + print header - if len(args) != 1: - parser.error("no passwords file specified") - exit(1) - - print "[*] Analyzing passwords: %s" % args[0] + if len(args) != 1: + parser.error("no passwords file specified") + exit(1) + + print "[*] Analyzing passwords: %s" % args[0] - f = open(args[0],'r') + f = open(args[0],'r') - for password in f: - password = password.strip() - total_counter += 1 - - pass_len = length_check(password) - mask_set = masks_check(password) - char_set = chars_check(password) - advmask = advmask_check(password) + for password in f: + password = password.strip() + total_counter += 1 + + pass_len = length_check(password) + mask_set = masks_check(password) + char_set = chars_check(password) + advmask = advmask_check(password) - if (not options.length_filter or str(pass_len) in options.length_filter.split(',')) and \ - (not options.char_filter or char_set in options.char_filter.split(',')) and \ - (not options.mask_filter or mask_set in options.mask_filter.split(',')): - - filter_counter += 1 + if (not options.length_filter or str(pass_len) in options.length_filter.split(',')) and \ + (not options.char_filter or char_set in options.char_filter.split(',')) and \ + (not options.mask_filter or mask_set in options.mask_filter.split(',')): + + filter_counter += 1 - try: password_length[pass_len] += 1 - except: password_length[pass_len] = 1 + try: password_length[pass_len] += 1 + except: password_length[pass_len] = 1 - try: masks[mask_set] += 1 - except: masks[mask_set] = 1 + try: masks[mask_set] += 1 + except: masks[mask_set] = 1 - try: chars[char_set] += 1 - except: chars[char_set] = 1 + try: chars[char_set] += 1 + except: chars[char_set] = 1 - try: advmasks[advmask] += 1 - except: advmasks[advmask] = 1 + try: advmasks[advmask] += 1 + except: advmasks[advmask] = 1 - f.close() + f.close() - print "[+] Analyzing %d%% (%d/%d) passwords" % (filter_counter*100/total_counter, filter_counter, total_counter) - print " NOTE: Statistics below is relative to the number of analyzed passwords, not total number of passwords" - print "\n[*] Line Count Statistics..." - for (length,count) in sorted(password_length.iteritems(), key=operator.itemgetter(1), reverse=True): - if count*100/filter_counter > 0: - print "[+] %25d: %02d%% (%d)" % (length, count*100/filter_counter, count) + print "[+] Analyzing %d%% (%d/%d) passwords" % (filter_counter*100/total_counter, filter_counter, total_counter) + print " NOTE: Statistics below is relative to the number of analyzed passwords, not total number of passwords" + print "\n[*] Line Count Statistics..." + for (length,count) in sorted(password_length.iteritems(), key=operator.itemgetter(1), reverse=True): + if count*100/filter_counter > 0: + print "[+] %25d: %02d%% (%d)" % (length, count*100/filter_counter, count) - print "\n[*] Mask statistics..." - for (mask,count) in sorted(masks.iteritems(), key=operator.itemgetter(1), reverse=True): - print "[+] %25s: %02d%% (%d)" % (mask, count*100/filter_counter, count) + print "\n[*] Mask statistics..." + for (mask,count) in sorted(masks.iteritems(), key=operator.itemgetter(1), reverse=True): + print "[+] %25s: %02d%% (%d)" % (mask, count*100/filter_counter, count) - print "\n[*] Charset statistics..." - for (char,count) in sorted(chars.iteritems(), key=operator.itemgetter(1), reverse=True): - print "[+] %25s: %02d%% (%d)" % (char, count*100/filter_counter, count) + print "\n[*] Charset statistics..." + for (char,count) in sorted(chars.iteritems(), key=operator.itemgetter(1), reverse=True): + print "[+] %25s: %02d%% (%d)" % (char, count*100/filter_counter, count) - print "\n[*] Advanced Mask statistics..." - for (advmask,count) in sorted(advmasks.iteritems(), key=operator.itemgetter(1), reverse=True): - if count*100/filter_counter > 0: - print "[+] %25s: %02d%% (%d)" % (advmask, count*100/filter_counter, count) + print "\n[*] Advanced Mask statistics..." + for (advmask,count) in sorted(advmasks.iteritems(), key=operator.itemgetter(1), reverse=True): + if count*100/filter_counter > 0: + print "[+] %25s: %02d%% (%d)" % (advmask, count*100/filter_counter, count) - if options.mask_output: - print "\n[*] Saving Mask statistics to %s" % options.mask_output - fmask = open(options.mask_output, "w") - for (advmask,count) in sorted(advmasks.iteritems(), key=operator.itemgetter(1), reverse=True): - fmask.write("%s,%d\n" % (advmask,count)) - fmask.close() + if options.mask_output: + print "\n[*] Saving Mask statistics to %s" % options.mask_output + fmask = open(options.mask_output, "w") + for (advmask,count) in sorted(advmasks.iteritems(), key=operator.itemgetter(1), reverse=True): + fmask.write("%s,%d\n" % (advmask,count)) + fmask.close() if __name__ == "__main__": - main() + main()