=========================--- PWDB Scripts ---===========================
Automated LM and NTLM hash cracking scripts, database management and cracked password analysis
Written by Felix Ryan
Pre-release Version, see CHANGELOG and script files for details
Basically, cracking hashes and performing analysis on those that you cracked is a common task in a pen-testers day to day life. It doesn't half seem to take up a lot of time though given how straight forward the process should be once developed. This meant I had standardised the commands I used on a regular basis to make it more efficient. We then got a new cracking box to share between the consultants and it was obvious even before this was launched that we were going to need a standard way of working with it and sharing the resource. This set of scripts aim to automate the process as much as possible to allow multiple users to make the best use of the technology.
Depending on how you set it up, it could be as simple as uploading a few files. Or as complicated as uploading a few files and executing the scripts manually.
There are a few files needed for best outcomes:
-
PWDUMP file, created by a combination of Metasploit / Meterpreter / Incognito alternatively, you can also use the PWDUMP file generated by FGDUMP
-
A domain enumeration file as generated with "Enum4Linux" which can be found here: http://labs.portcullis.co.uk/tools/enum4linux/
-
Once cracking as completed, analysis is performed with or without a "liveusers" file. Instructions for the generation of this file are given at the end of the initial cracking run but essentially it utilises hydra with the SMB module.
The files should be named as follows:
- PWDUMP : [CLIENT NAME].pwdump
- Domain Enumeration file : [CLIENT NAME].domainenum
- Live users file : [CLIENT NAME].liveusers
- You will need PostgreSQL installed.
- Import the SQL in sundries/pwdb.sql.