CanuteTheGreat/hashcat-cloud
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Reworked core.

Browse source
This commit is contained in:
Ronald Farrer 2023-02-10 17:24:40 -08:00
parent b950613976
commit 8c4cff3af3
8 changed files with 121 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
aws/README.md
View file

@ -1,12 +1,23 @@
# hashcat-aws # hashcat-aws
hashcat on aws hashcat on aws
To deploy, run: Setup:
ansible-playbook hashcat.yml -i env/hosts -e group_vars/all 1. Edit env/hosts (see env/hosts.example)
2. Edit group_vars/all (see group_vars/all.example)
3. Set up your S3 bucket as follows:
A. MYBUCKETNAME/hashes/crackme (this is the hashcat-ready file that needs crack'n)
B. MYBUCKETNAME/hashes/crackme.type (this is the integer for hashcat to tell it the type; i.e. 22000 for WPA2)
4. Create an AWS keypair and be sure to reference it in the env/hosts and group_vars/all files
5. Create ~/.aws/credentials
To destroy *ALL*, run: To deploy, run:
ansible-playbook hashcat-destroy.yml -i env/hosts -e group_vars/all ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook hashcat.yml -i env/hosts -e group_vars/all
To destroy *ALL* instances, run:
ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook hashcat-destroy.yml -i env/hosts -e group_vars/all
If not using the default/only AWS profile in ~/.aws/credentials, you can prepend: AWS_PROFILE=myawsprofile
-- --
On successful run the instance will self terminate. On successful run of hashcat.yml the instance will self terminate. If not use the hashcat-destroy.yml to destroy all instances.

7
aws/env/hosts vendored
View file

@ -1,7 +0,0 @@
all:
hosts:
vars:
ansible_user: ubuntu
ansible_ssh_private_key_file: <your ssh key file>
ansible_ssh_common_args: -o StrictHostKeyChecking=no
plugin: aws_ec2, boto

8
aws/files/hashcat-cloud.service Normal file
View file

@ -0,0 +1,8 @@
[Unit]
After=network.target
[Service]
ExecStart=/usr/local/bin/hashcat_start
[Install]
WantedBy=default.target

25
aws/files/hashcat_start.j2
View file

@ -1,25 +0,0 @@
#!/bin/bash
HASHCAT=/usr/local/hashcat/hashcat.bin
WORDLIST=/mnt/wordlists/rockyou.txt
RULES=/usr/local/hashcat/rules/best64.rule
HANDSHAKES=/mnt/hs/
TMP=/tmp/
HOST=`/bin/hostname`
# Download hashcat
cd $TMP
curl -s https://api.github.com/repos/hashcat/hashcat/releases/latest | jq '.assets[] | select(.name|match(".7z$")) | .browser_download_url' | sed 's/"/ /' | sed 's/"/ /' | wget -i -
7zr x hashcat*.7z
rm -f hashcat*.7z
mv -f /tmp/hashcat* /usr/local/hashcat
$HASHCAT -I >> $HANDSHAKES/hashcat-info-$HOST.log
for hash in `ls -1 $HANDSHAKES/*.22000`
do
$HASHCAT -o $hash.cracked -a 0 -m 22000 $hash $WORDLIST -r $RULES
done
# shutdown instance so it can self-terminate
shutdown -h now

0
aws/group_vars/all → aws/group_vars/all.example
View file

56
aws/roles/ec2_hashcat/tasks/main.yml
View file

@ -1,9 +1,9 @@
- name: Update repo list (update) and upgrade instance (upgrade) - name: Update repo list (apt update) and upgrade instance (apt upgrade)
become: yes become: yes
ansible.builtin.apt: ansible.builtin.apt:
update_cache: yes update_cache: yes
- name: Upgrade the OS (dist-upgrade) - name: Upgrade the OS (apt dist-upgrade)
become: yes become: yes
ansible.builtin.apt: ansible.builtin.apt:
upgrade: dist upgrade: dist
@ -14,12 +14,20 @@
name: p7zip name: p7zip
update_cache: yes update_cache: yes
- name: jq - name: Install jq
become: yes become: yes
ansible.builtin.apt: ansible.builtin.apt:
name: jq name: jq
update_cache: yes update_cache: yes
# usually included in the default install, but we'll make sure just in case...
- name: Install tmux
become: yes
ansible.builtin.apt:
name: tmux
update_cache: yes
#- name: Install build-essential #- name: Install build-essential
# become: yes # become: yes
# ansible.builtin.apt: # ansible.builtin.apt:
@ -45,7 +53,8 @@
- name: Copy hashcat_start script - name: Copy hashcat_start script
become: yes become: yes
ansible.builtin.copy: #ansible.builtin.copy:
template:
src: hashcat_start.j2 src: hashcat_start.j2
dest: /usr/local/bin/hashcat_start dest: /usr/local/bin/hashcat_start
owner: root owner: root
@ -68,7 +77,8 @@
- name: Copy AWS Credentials - name: Copy AWS Credentials
become: yes become: yes
ansible.builtin.copy: #ansible.builtin.copy:
template:
src: credentials.j2 src: credentials.j2
dest: /root/.aws/credentials dest: /root/.aws/credentials
owner: root owner: root
@ -81,18 +91,36 @@
dest: /etc/fstab dest: /etc/fstab
line: '{{ item }}' line: '{{ item }}'
with_items: with_items:
- 'goofys#{{ s3.bucket_name }} {{ s3.mount_point }} fuse _netdev,allow_other,--file-mode=0660,--dir-mode=0770,--uid=1000,--gid=1000,--endpoint={{ s3.end_point }},noauto 0 0' - 'goofys#{{ s3.bucket_name }} {{ s3.mount_point }} fuse _netdev,allow_other,--file-mode=0660,--dir-mode=0770,--uid=1000,--gid=1000,--endpoint={{ s3.end_point }} 0 0'
- name: Mount S3 bucket - name: Mount S3 bucket
become: yes
command: mount /mnt
args:
warn: no
become: true become: true
command: mount /mnt
#args:
#warn: no
- name: Run hashcat - name: Copy .service
become: yes become: true
shell: "(/usr/local/bin/hashcat_start >/dev/null 2>&1 &)" ansible.builtin.copy:
###command: "(/usr/local/bin/hashcat_start &)" src: hashcat-cloud.service
dest: /etc/systemd/system/hashcat-cloud.service
owner: root
group: root
mode: '0644'
- name: Tell systemd to reread configs
become: true
ansible.builtin.systemd:
daemon_reload: true
- name: Enable .service
become: true
ansible.builtin.systemd:
state: stopped
enabled: true
name: hashcat-cloud
- name: Reboot!
become: true
ansible.builtin.reboot:

0
aws/files/credentials.j2 → aws/templates/credentials.j2
View file

55
aws/templates/hashcat_start.j2 Normal file
View file

@ -0,0 +1,55 @@
#!/bin/bash
HASHCAT=/usr/local/hashcat/hashcat.bin
###WORDLIST=/mnt/wordlists/rockyou.txt
###WORDLIST=/mnt/wordlists/crackstation.txt
WORDLIST=/mnt/wordlists/xsukax-Wordlist-All.txt
RULES=/usr/local/hashcat/rules/best64.rule
###HASHTYPE=22000
HASHES=/mnt/hashes/
TMP=/tmp/
HOST=`/bin/hostname`
# Download hashcat
cd $TMP
curl -s https://api.github.com/repos/hashcat/hashcat/releases/latest | jq '.assets[] | select(.name|match(".7z$")) | .browser_download_url' | sed 's/"/ /' | sed 's/"/ /' | wget -i -
7zr x hashcat*.7z
rm -f hashcat*.7z
mv -f /tmp/hashcat* /usr/local/hashcat
if [ -e /mnt/hashcat ]; then
cp -f /mnt/hashcat/hashcat.restore /usr/local/hashcat/hashcat.restore
cp -f /mnt/hashcat/hashcat.potfile /usr/local/hashcat/hashcat.potfile
cp -f /mnt/hashcat/hashcat.dictstat2 /usr/local/hashcat/hashcat.dictstat2
cp -f /mnt/hashcat/hashcat.log /usr/local/hashcat/hashcat.log
fi
$HASHCAT -I >> $HASHES/hashcat-info-$HOST.log
cd /mnt/hashes/
HASHTYPE=`cat /mnt/hashes/crackme.type`
session="hashcat"
tmux new-session -d -s $session
window=0
tmux rename-window -t $session:$window 'hashcat'
tmux send-keys -t $session:$window "$HASHCAT -o crackme.cracked -a 0 -m $HASHTYPE crackme $WORDLIST -r $RULES -w 4" C-m
sleep 60s
while true
do
pidof hashcat.bin > /dev/null 2>&1
retVal=$?
if [[ $retVal -ne 0 ]]; then
cp -f /usr/local/hashcat/hashcat.restore /mnt/hashcat/hashcat.restore
cp -f /usr/local/hashcat/hashcat.potfile /mnt/hashcat/hashcat.potfile
cp -f /usr/local/hashcat/hashcat.dictstat2 /mnt/hashcat/hashcat.dictstat2
cp -f /usr/local/hashcat/hashcat.log /mnt/hashcat/hashcat.log
# shutdown instance so it can self-terminate
shutdown -h now
fi
sleep 60s
done