Reworked core.
This commit is contained in:
Ronald Farrer
parent
b950613976
commit
8c4cff3af3
8 changed files with 121 additions and 51 deletions
|
|
@ -1,12 +1,23 @@
|
|||
# hashcat-aws
|
||||
hashcat on aws
|
||||
|
||||
To deploy, run:
|
||||
ansible-playbook hashcat.yml -i env/hosts -e group_vars/all
|
||||
Setup:
|
||||
1. Edit env/hosts (see env/hosts.example)
|
||||
2. Edit group_vars/all (see group_vars/all.example)
|
||||
3. Set up your S3 bucket as follows:
|
||||
A. MYBUCKETNAME/hashes/crackme (this is the hashcat-ready file that needs crack'n)
|
||||
B. MYBUCKETNAME/hashes/crackme.type (this is the integer for hashcat to tell it the type; i.e. 22000 for WPA2)
|
||||
4. Create an AWS keypair and be sure to reference it in the env/hosts and group_vars/all files
|
||||
5. Create ~/.aws/credentials
|
||||
|
||||
To destroy *ALL*, run:
|
||||
ansible-playbook hashcat-destroy.yml -i env/hosts -e group_vars/all
|
||||
To deploy, run:
|
||||
ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook hashcat.yml -i env/hosts -e group_vars/all
|
||||
|
||||
To destroy *ALL* instances, run:
|
||||
ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook hashcat-destroy.yml -i env/hosts -e group_vars/all
|
||||
|
||||
If not using the default/only AWS profile in ~/.aws/credentials, you can prepend: AWS_PROFILE=myawsprofile
|
||||
|
||||
--
|
||||
|
||||
On successful run the instance will self terminate.
|
||||
On successful run of hashcat.yml the instance will self terminate. If not use the hashcat-destroy.yml to destroy all instances.
|
||||
|
|
|
|||
7
aws/env/hosts
vendored
7
aws/env/hosts
vendored
|
|
@ -1,7 +0,0 @@
|
|||
all:
|
||||
hosts:
|
||||
vars:
|
||||
ansible_user: ubuntu
|
||||
ansible_ssh_private_key_file: <your ssh key file>
|
||||
ansible_ssh_common_args: -o StrictHostKeyChecking=no
|
||||
plugin: aws_ec2, boto
|
||||
8
aws/files/hashcat-cloud.service
Normal file
8
aws/files/hashcat-cloud.service
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
[Unit]
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
ExecStart=/usr/local/bin/hashcat_start
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
|
|
@ -1,25 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
HASHCAT=/usr/local/hashcat/hashcat.bin
|
||||
WORDLIST=/mnt/wordlists/rockyou.txt
|
||||
RULES=/usr/local/hashcat/rules/best64.rule
|
||||
HANDSHAKES=/mnt/hs/
|
||||
TMP=/tmp/
|
||||
HOST=`/bin/hostname`
|
||||
|
||||
# Download hashcat
|
||||
cd $TMP
|
||||
curl -s https://api.github.com/repos/hashcat/hashcat/releases/latest | jq '.assets[] | select(.name|match(".7z$")) | .browser_download_url' | sed 's/"/ /' | sed 's/"/ /' | wget -i -
|
||||
7zr x hashcat*.7z
|
||||
rm -f hashcat*.7z
|
||||
mv -f /tmp/hashcat* /usr/local/hashcat
|
||||
|
||||
$HASHCAT -I >> $HANDSHAKES/hashcat-info-$HOST.log
|
||||
|
||||
for hash in `ls -1 $HANDSHAKES/*.22000`
|
||||
do
|
||||
$HASHCAT -o $hash.cracked -a 0 -m 22000 $hash $WORDLIST -r $RULES
|
||||
done
|
||||
|
||||
# shutdown instance so it can self-terminate
|
||||
shutdown -h now
|
||||
|
|
@ -1,9 +1,9 @@
|
|||
- name: Update repo list (update) and upgrade instance (upgrade)
|
||||
- name: Update repo list (apt update) and upgrade instance (apt upgrade)
|
||||
become: yes
|
||||
ansible.builtin.apt:
|
||||
update_cache: yes
|
||||
|
||||
- name: Upgrade the OS (dist-upgrade)
|
||||
- name: Upgrade the OS (apt dist-upgrade)
|
||||
become: yes
|
||||
ansible.builtin.apt:
|
||||
upgrade: dist
|
||||
|
|
@ -14,12 +14,20 @@
|
|||
name: p7zip
|
||||
update_cache: yes
|
||||
|
||||
- name: jq
|
||||
- name: Install jq
|
||||
become: yes
|
||||
ansible.builtin.apt:
|
||||
name: jq
|
||||
update_cache: yes
|
||||
|
||||
# usually included in the default install, but we'll make sure just in case...
|
||||
- name: Install tmux
|
||||
become: yes
|
||||
ansible.builtin.apt:
|
||||
name: tmux
|
||||
update_cache: yes
|
||||
|
||||
|
||||
#- name: Install build-essential
|
||||
# become: yes
|
||||
# ansible.builtin.apt:
|
||||
|
|
@ -45,7 +53,8 @@
|
|||
|
||||
- name: Copy hashcat_start script
|
||||
become: yes
|
||||
ansible.builtin.copy:
|
||||
#ansible.builtin.copy:
|
||||
template:
|
||||
src: hashcat_start.j2
|
||||
dest: /usr/local/bin/hashcat_start
|
||||
owner: root
|
||||
|
|
@ -68,7 +77,8 @@
|
|||
|
||||
- name: Copy AWS Credentials
|
||||
become: yes
|
||||
ansible.builtin.copy:
|
||||
#ansible.builtin.copy:
|
||||
template:
|
||||
src: credentials.j2
|
||||
dest: /root/.aws/credentials
|
||||
owner: root
|
||||
|
|
@ -81,18 +91,36 @@
|
|||
dest: /etc/fstab
|
||||
line: '{{ item }}'
|
||||
with_items:
|
||||
- 'goofys#{{ s3.bucket_name }} {{ s3.mount_point }} fuse _netdev,allow_other,--file-mode=0660,--dir-mode=0770,--uid=1000,--gid=1000,--endpoint={{ s3.end_point }},noauto 0 0'
|
||||
- 'goofys#{{ s3.bucket_name }} {{ s3.mount_point }} fuse _netdev,allow_other,--file-mode=0660,--dir-mode=0770,--uid=1000,--gid=1000,--endpoint={{ s3.end_point }} 0 0'
|
||||
|
||||
- name: Mount S3 bucket
|
||||
become: yes
|
||||
command: mount /mnt
|
||||
args:
|
||||
warn: no
|
||||
become: true
|
||||
command: mount /mnt
|
||||
#args:
|
||||
#warn: no
|
||||
|
||||
- name: Run hashcat
|
||||
become: yes
|
||||
shell: "(/usr/local/bin/hashcat_start >/dev/null 2>&1 &)"
|
||||
###command: "(/usr/local/bin/hashcat_start &)"
|
||||
- name: Copy .service
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
src: hashcat-cloud.service
|
||||
dest: /etc/systemd/system/hashcat-cloud.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
|
||||
- name: Tell systemd to reread configs
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
daemon_reload: true
|
||||
|
||||
- name: Enable .service
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
state: stopped
|
||||
enabled: true
|
||||
name: hashcat-cloud
|
||||
|
||||
- name: Reboot!
|
||||
become: true
|
||||
ansible.builtin.reboot:
|
||||
|
||||
|
|
|
|||
55
aws/templates/hashcat_start.j2
Normal file
55
aws/templates/hashcat_start.j2
Normal file
|
|
@ -0,0 +1,55 @@
|
|||
#!/bin/bash
|
||||
|
||||
HASHCAT=/usr/local/hashcat/hashcat.bin
|
||||
###WORDLIST=/mnt/wordlists/rockyou.txt
|
||||
###WORDLIST=/mnt/wordlists/crackstation.txt
|
||||
WORDLIST=/mnt/wordlists/xsukax-Wordlist-All.txt
|
||||
RULES=/usr/local/hashcat/rules/best64.rule
|
||||
###HASHTYPE=22000
|
||||
HASHES=/mnt/hashes/
|
||||
TMP=/tmp/
|
||||
HOST=`/bin/hostname`
|
||||
|
||||
# Download hashcat
|
||||
cd $TMP
|
||||
curl -s https://api.github.com/repos/hashcat/hashcat/releases/latest | jq '.assets[] | select(.name|match(".7z$")) | .browser_download_url' | sed 's/"/ /' | sed 's/"/ /' | wget -i -
|
||||
7zr x hashcat*.7z
|
||||
rm -f hashcat*.7z
|
||||
mv -f /tmp/hashcat* /usr/local/hashcat
|
||||
|
||||
if [ -e /mnt/hashcat ]; then
|
||||
cp -f /mnt/hashcat/hashcat.restore /usr/local/hashcat/hashcat.restore
|
||||
cp -f /mnt/hashcat/hashcat.potfile /usr/local/hashcat/hashcat.potfile
|
||||
cp -f /mnt/hashcat/hashcat.dictstat2 /usr/local/hashcat/hashcat.dictstat2
|
||||
cp -f /mnt/hashcat/hashcat.log /usr/local/hashcat/hashcat.log
|
||||
fi
|
||||
|
||||
$HASHCAT -I >> $HASHES/hashcat-info-$HOST.log
|
||||
|
||||
cd /mnt/hashes/
|
||||
|
||||
HASHTYPE=`cat /mnt/hashes/crackme.type`
|
||||
session="hashcat"
|
||||
tmux new-session -d -s $session
|
||||
window=0
|
||||
tmux rename-window -t $session:$window 'hashcat'
|
||||
tmux send-keys -t $session:$window "$HASHCAT -o crackme.cracked -a 0 -m $HASHTYPE crackme $WORDLIST -r $RULES -w 4" C-m
|
||||
|
||||
sleep 60s
|
||||
|
||||
while true
|
||||
do
|
||||
pidof hashcat.bin > /dev/null 2>&1
|
||||
retVal=$?
|
||||
if [[ $retVal -ne 0 ]]; then
|
||||
cp -f /usr/local/hashcat/hashcat.restore /mnt/hashcat/hashcat.restore
|
||||
cp -f /usr/local/hashcat/hashcat.potfile /mnt/hashcat/hashcat.potfile
|
||||
cp -f /usr/local/hashcat/hashcat.dictstat2 /mnt/hashcat/hashcat.dictstat2
|
||||
cp -f /usr/local/hashcat/hashcat.log /mnt/hashcat/hashcat.log
|
||||
# shutdown instance so it can self-terminate
|
||||
shutdown -h now
|
||||
fi
|
||||
sleep 60s
|
||||
done
|
||||
|
||||
|
||||
Loading…
Reference in a new issue