Home / Unlabelled / Graphcat - Generate Graphs And Charts Based On Password Cracking Result

Graphcat - Generate Graphs And Charts Based On Password Cracking Result


Simple script to generate graphs and charts on hashcat (and john) potfile and ntds


Install

git clone https://github.com/Orange-Cyberdefense/graphcatcd graphcatpip install .

Helper

$ graphcat.py -husage: graphcat.py [-h] -potfile hashcat.potfile -hashfile hashfile.txt [-john] [-format FORMAT] [-export-charts] [-output-dir OUTPUT_DIR] [-debug]Password Cracking Graph Reportingoptions:  -h, --help            show this help message and exit  -potfile hashcat.potfile                        Hashcat Potfile  -hashfile hashfile.txt                        File containing hashes (one per line)  -john                 John potfile  -format FORMAT        hashfile format (default 3): 1 for hash; 2 for username:hash; 3 for secretsdump (username:uid:lm:ntlm)  -export-charts        Output also charts in png  -output-dir OUTPUT_DIR                        Output directory  -debug                Turn DEB   UG output ON

Usage

Graphcat just need a potfile with -potfile (default is hashcat, but you can use -john to submit a john potfile) and a hashfile with -hashfile. The hashfile should be in a specific format from the 3 availables formats with -format flag. Default is Secretsdump.

The tool will generate a report with multiple password cracking charts. You can get charts in png with the -export-charts flag.

$ graphcat.py -hashfile entreprise.local.ntds -potfile hashcat.pot[-] Parsing potfile[-] 164 entries in potfile[-] Parsing hashfile[-] 1600 entries in hashfile[-] Generating graphs...[-] Generating report...[-] Report available at graphcat_1672941324.pdf

Formats

1: Only Hash

aad3b435b51404eeaad3b435b51404eeaad3b435b51404eeaad3b435b51404eeaad3b435b51404eeaad3b435b51404ee

2: Username + Hash

test1:aad3b435b51404eeaad3b435b51404eetest2:aad3b435b51404eeaad3b435b51404eetest3:aad3b435b51404eeaad3b435b51404ee

3: Secretsdump

waza.local\test1:4268:aad3b435b51404eeaad3b435b51404ee:aad3b435b51404eeaad3b435b51404ee:::waza.local\test2:4269:aad3b435b51404eeaad3b435b51404ee:aad3b435b51404eeaad3b435b51404ee:::waza.local\test3:4270:aad3b435b51404eeaad3b435b51404ee:aad3b435b51404eeaad3b435b51404ee:::

If a hash occurs more than once in the hash file, it will be counted that many times.

Moreover, if you submit secretsdump with password history (-history in secretsdump command), it will analyze similarity in password history

Charts example




Source: www.kitploit.com
Graphcat - Generate Graphs And Charts Based On Password Cracking Result Graphcat - Generate Graphs And Charts Based On Password Cracking Result Reviewed by Zion3R on 6:24 AM Rating: 5

Tags