File: libSQLServerPassword.py

package info (click to toggle)
inguma 0.0.7.2-1
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 6,600 kB
  • ctags: 7,859
  • sloc: python: 74,776; ansic: 344; makefile: 64; sql: 45; sh: 39
file content (77 lines) | stat: -rw-r--r-- 2,427 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
#!/usr/bin/python
"""
Inguma Penetration Testing Toolkit
Copyright (c) 2006, 2007 Joxean Koret, joxeankoret [at] yahoo.es

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; version 2
of the License.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
"""
import sys
import sha

from core import str2uni

class CSQLServerPassword:

    data = ""
    _header = ""
    _key = ""
    _password = ""
    _upperPassword = ""
    
    def __init__(self, data = None):

        if data:
            self.data = data

            if len(self.data) != 94:
                raise "Invalid password hash size"

            if self.data[0:2].lower() != "0x":
                raise "Invalid password hash"

            self._header   = int(self.data[2:6])
            self._key      = int(self.data[6:8])
            self._password = self.data[8:40]
            self._upperPassword = self.data[40:]

    def printSummary(self):
        print "Header           : ", hex(self._header)
        print "Key              : ", self._key
        print "Password         : ", self._password
        print "Password (Upper) : ", self._upperPassword

    def encrypt(self, passwd):
        # Convert the password to an unicode string
        mPasswd = str2uni(passwd)
        # Append the random stuff (the key)
        mPasswd += str(self._key)
        # Get the first hash (normal)
        baseHash = sha.sha(mPasswd).hexdigest().upper()
        # Get the upper case hash
        upperHash = sha.sha(mPasswd.upper()).hexdigest().upper()

        # Generate the password
        buf  = "0x"
        buf += str(self._header)
        buf += str(self._key)
        buf += baseHash
        buf += upperHash

        return buf

if __name__ == "__main__":
    passwd = "0x01008444930543174C59CC918D34B6A12C9CC9EF99C4769F819B43174C59CC918D34B6A12C9CC9EF99C4769F819B"
    objSQLServer = CSQLServerPassword(passwd)
    print objSQLServer.encrypt("sa")