• Stars
    star
    357
  • Rank 119,149 (Top 3 %)
  • Language
    Python
  • License
    MIT License
  • Created over 4 years ago
  • Updated 9 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

CrackerJack / Hashcat Web Interface / Context Information Security

CrackerJack

Web Interface for Hashcat by Context Information Security

Contents

Introduction

CrackerJack is a Web GUI for Hashcat developed in Python.

Architecture

This project aims to keep the GUI and Hashcat independent. In a nutshell, here's how it works:

  • User uploads hashes, selects wordlist/rules/mask etc, and clicks "start".
  • Web server spawns a new screen.
    • Generates the hashcat command based on the settings.
    • Runs the command in the screen.
    • Monitors the screen's output, parses it, and displays in the GUI.

This allows CrackerJack to be future-proof as it ties to the input/output of Hashcat. Also, if the GUI is not working for whatever reason, hashcat will keep running.

Features

  • Minimal dependencies
  • Complete hashcat session management.
    • Start/stop/pause/restore running sessions.
    • Terminate cracking jobs after a specific date/time.
  • Web interface for mask generation (?a?l?u).
  • Web Push notifications when a password is cracked.
  • Swagger 2.0 API.
  • Create wordlists from already cracked passwords and feed back into the cracking session.
  • Session history to track which attacks you have already performed.
  • Multi-user support (local and/or LDAP).
  • Wordlist/Mask/Rule support.
  • Multiple theme support (Bootswatch).
  • Straight-forward setup.
    • Entire configuration is via the GUI. No need for manually editing config files.
    • Run locally on Linux and Windows (WSL).
    • Install on a server using ansible scripts (Ubuntu 14/16/18 and CentOS 7/8).
    • Easy backups - all user data are in the ./data directory.
  • Troubleshoot sessions via SSH.

Limitations

  • Not a solution for queueing jobs - it's only for on-demand password cracking.
  • Not meant to be a replacement for command-line usage. It's complimentary and only supports basic and most common cracking tasks.
  • Will not install any GPU drivers. The main assumption is that you have a cracking rig already setup and are looking for a Web GUI.
  • Wordlists and rules should already be present on the system.

Contribution

As we maintain an internal tracker as well, before contributing please create an issue to discuss before implementing any features/changes.

Screenshots

Running Session

Dashboard

Session

Selecting Hashes

HashType Options

Wordlist Selection

Mask Generation

General Session Settings

License

CrackerJack is released under MIT License.

In addition, the following third-party components are also used:

More Repositories

1

CAPE

Malware Configuration And Payload Extraction
Python
747
star
2

SnitchDNS

Database Driven DNS Server with a Web UI
Python
236
star
3

beemka

Basic Electron Exploitation
Python
201
star
4

RDP-Replay

Replay RDP traffic from PCAP
C
183
star
5

canape

CANAPE Network Testing Tool
Python
183
star
6

django-admin-view-permission

Reusable application which provides a view permission for the existing models.
Python
151
star
7

DLLHSC

DLLHSC - DLL Hijack SCanner a tool to assist with the discovery of suitable candidates for DLL Hijacking
C++
138
star
8

DynamicLabs

Dynamic Labs is an open source tool aimed at red teamers and pentesters for the quick deployment of flexible, transient and cloud-hosted lab environments.
HCL
60
star
9

django-admin-multiple-choice-list-filter

Python
59
star
10

DynamicWrapperEx

x64 Registration-Free In-Process COM Automation Server.
C++
46
star
11

Furby

Python tools for handing Furby Connect DLC files
Python
43
star
12

capemon

CAPE monitor DLLs
C
38
star
13

cbrcli

Command line interface to Carbon Black Response
Python
38
star
14

cvsslib

A library implementing CVSS v2 and v3 scores
Python
31
star
15

pac-leak-demo

PAC HTTPS leak demo from DEF CON 24 'Toxic Proxies' talk
JavaScript
29
star
16

yate-bts

Yate BTS
C
20
star
17

VulnerableXsltConsoleApplication

Vulnerable XSLT Console Application
10
star
18

OpenBanking-BurpExtension

Java
7
star
19

stun-remote-control

Control Motorola/Binatone IP cameras behind NAT
Python
5
star
20

django-inline-admin-extensions

Add pagination to Django inline admin
Python
4
star
21

OpenBanking-MessageSigning

Java
3
star
22

RFTap

Modified RFTap dissector for Wireshark
C
3
star
23

OpenBanking-AuthorisationRedirect

Java
2
star
24

mid-level-interview

Python
1
star
25

blog

Archived posts from www.contextis.com
HTML
1
star
26

webdev-demo

An example of a typical web dev environment built with Docker, Django, Nginx, Redis, and more.
Python
1
star