()
| 681 | kb.data.cachedUsersPasswords[user][i] += "%s clear-text password: %s" % ('\n' if kb.data.cachedUsersPasswords[user][i][-1] != '\n' else '', lut[value]) |
| 682 | |
| 683 | def attackDumpedTable(): |
| 684 | if kb.data.dumpedTable: |
| 685 | table = kb.data.dumpedTable |
| 686 | columns = list(table.keys()) |
| 687 | count = table["__infos__"]["count"] |
| 688 | |
| 689 | if not count: |
| 690 | return |
| 691 | |
| 692 | debugMsg = "analyzing table dump for possible password hashes" |
| 693 | logger.debug(debugMsg) |
| 694 | |
| 695 | found = False |
| 696 | col_user = '' |
| 697 | col_passwords = set() |
| 698 | attack_dict = {} |
| 699 | binary_fields = OrderedSet() |
| 700 | replacements = {} |
| 701 | |
| 702 | for column in sorted(columns, key=len, reverse=True): |
| 703 | if column and column.lower() in COMMON_USER_COLUMNS: |
| 704 | col_user = column |
| 705 | break |
| 706 | |
| 707 | for column in columns: |
| 708 | if column != "__infos__" and table[column]["values"]: |
| 709 | if all(INVALID_UNICODE_CHAR_FORMAT.split('%')[0] in (value or "") for value in table[column]["values"]): |
| 710 | binary_fields.add(column) |
| 711 | |
| 712 | if binary_fields: |
| 713 | _ = ','.join(binary_fields) |
| 714 | warnMsg = "potential binary fields detected ('%s'). In case of any problems you are " % _ |
| 715 | warnMsg += "advised to rerun table dump with '--fresh-queries --binary-fields=\"%s\"'" % _ |
| 716 | logger.warning(warnMsg) |
| 717 | |
| 718 | for i in xrange(count): |
| 719 | if not found and i > HASH_RECOGNITION_QUIT_THRESHOLD: |
| 720 | break |
| 721 | |
| 722 | for column in columns: |
| 723 | if column == col_user or column == "__infos__": |
| 724 | continue |
| 725 | |
| 726 | if len(table[column]["values"]) <= i: |
| 727 | continue |
| 728 | |
| 729 | if conf.binaryFields and column in conf.binaryFields: |
| 730 | continue |
| 731 | |
| 732 | value = table[column]["values"][i] |
| 733 | |
| 734 | if column in binary_fields and re.search(HASH_BINARY_COLUMNS_REGEX, column) is not None: |
| 735 | previous = value |
| 736 | value = encodeHex(getBytes(value), binary=False) |
| 737 | replacements[value] = previous |
| 738 | |
| 739 | if hashRecognition(value): |
| 740 | found = True |
no test coverage detected
searching dependent graphs…