51 lines
1.5 KiB
Python
51 lines
1.5 KiB
Python
import crypt
|
|
from hmac import compare_digest as compare_hash
|
|
import sys
|
|
|
|
|
|
passwordFileArg = sys.argv[1]
|
|
passwordList = sys.argv[2]
|
|
passwordHashLines = [ ]
|
|
hashesAndSalt = []
|
|
userIDs = [ ]
|
|
hashesFromFile = []
|
|
hashArr = []
|
|
index = 0
|
|
|
|
passwordFile = open(passwordFileArg)
|
|
passwordHashes = passwordFile.readlines()
|
|
|
|
for line in passwordHashes:
|
|
passwordHashLines.append(line)
|
|
passwordHashArr = passwordHashLines[index].split(":")
|
|
# Store salt + hashes, and hashes seperately as well
|
|
hash = passwordHashArr[1]
|
|
hashesAndSalt.append(hash)
|
|
passHash = hash.split("$")
|
|
userIDs.append(passwordHashArr[0])
|
|
hashArr.append(passHash[3])
|
|
# Use hashes
|
|
hashesFromFile.append(passwordHashArr[1])
|
|
index += 1
|
|
|
|
passwordFile.close()
|
|
index = 0
|
|
|
|
# Check hashes against passwords from file
|
|
passwordListFile = open(passwordList)
|
|
passwordList = passwordListFile.readlines()
|
|
|
|
# inner loop inside a loop over the password hashes
|
|
for hashedPassword in hashArr:
|
|
for password in passwordList:
|
|
# Compare hashes
|
|
cmpHash = crypt.crypt(password.rstrip().lstrip(), hashesAndSalt[index])
|
|
cmpHashPass = cmpHash.split("$")
|
|
cmpHashPass = cmpHashPass[3]
|
|
# print(cmpHashPass + " Password Hash: " + hashedPassword)
|
|
if compare_hash(cmpHashPass, hashedPassword):
|
|
print("Match found for userid " + userIDs[index] + ". Password = " + password)
|
|
break
|
|
else:
|
|
print("No match was found for " + userIDs[index] + ".")
|
|
index += 1 |