Mar 3, 2011

Wophcrack – Ophcrack web interface

Rainbow tables are really useful when cracking password hashes, One disadvantage of these tables is their size which can get up to tens and even hundreds of gigs.
I really liked the Offensive security Crackpot online hash cracker and  i thought it would  be really nice to have a web interface for my rainbow tables which i can access from web anywhere without having to carry them with me whenever i need them.

When cracking lm/ntlm hashes i really like using Ophcrack which provides a free GUI and CLI software along with  some free and paid tables.  

I wrote a quick and dirty PHP based web frontend for Ophcrack called Wophcrack, I must say i am not a programmer and i  am sure this could be done more efficiently and elegantly, anyway…its working fine :) , I thought maybe someone will find it useful so i decided to share it here.

Wophcrack was designed to work on Backtrack 4 R2, Although it can be install on any Linux distribution with some small adjustments, Wophcrack can also easily edited to support Rainbow crack.
Please read the requirements and installation notes before using Wophcrack.
Wophcrack will require some manual code adjustments to suite you environment.

Wophcrack Backtrack Installation

I uploaded the  wrong file version by mistake, Sorry for the inconvenience.
You can download Wophcrack Source Here:

http://www.megaupload.com/?d=HAFUFHHK
or from here:

Wophcrack

Wophcrack is a Web based frontend for Ophcrack-cli
Title: Wophcrack Caption: Wophcrack File: wophcrack.zip Size: 17 kB

Installation:(For Backtrack user and Ubuntu Server)
1. Install mysql server
2. set user,password root or user for mysql server
3. create cracker database in mysql server
4. import cracker.sql into your mysql server
5. edit wophcrack/config.php with your environment.
6. edit my apache2 configuration(sites-available/default) file with (/pentest/password/wophcrack is my wophcrack path.)
        Alias /wophcrack "/pentest/password/wophcrack/"
        <Directory /pentest/password/wophcrack/>
                Options FollowSymLinks
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

7. I try to use rc.sh but it's not work 'cause ^M and ophcrack-cli in the script. And I try to fix it by myself like this.

#!/bin/bash
crontab -r
#the original line

#ophcrack-cli -g -d /pentest/passwords/RainbowTables/ -t /pentest/passwords/RainbowTables/$1 -f /tmp/temp.txt -o /tmp/output.txt
#my edit and rcrack/rainbow is my rainbow tables path.
ophcrack -g -d /pentest/passwords/rcrack/rainbow -t /pentest/passwords/rcrack/rainbow/$1 -f /tmp/temp.txt -o /tmp/output.txt


if [ $? -ne 0 ] ; then
        echo "Not Finished!";
else
        for mail in $(cat /tmp/mail.txt);do
                sendEmail -f materaj@gmail.com -u 'Hash Result' -t $mail < /tmp/output.txt
        done
        php /var/www/check.php
fi

########################################################

Source: http://exploit.co.il/hacking/wophcrack-ophcrack-web-interface/ 

No comments:

 

Sponsors

lusovps.com

Blogroll

About

 Please subscribe my blog.

 Old Subscribe

Share |