Created
January 7, 2024 09:39
-
-
Save Yeeb1/c9ee1fb65c874423100573d6bdf1dbfd to your computer and use it in GitHub Desktop.
This script converts Apache OFBiz hashes into a format suitable for cracking with Hashcat (Mode 120)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import argparse | |
import base64 | |
import binascii | |
def ofbiz2hashcat(hash_string): | |
try: | |
_, hash_type, salt, encoded_hash = hash_string.split('$') | |
except ValueError: | |
return "Invalid hash format. Expected format: $HASH_TYPE$salt$encoded_hash" | |
padding = '=' * (-len(encoded_hash) % 4) | |
encoded_hash_padded = encoded_hash + padding | |
try: | |
decoded_hash = base64.urlsafe_b64decode(encoded_hash_padded) | |
hex_hash = binascii.hexlify(decoded_hash).decode() | |
except (binascii.Error, TypeError): | |
return "Failed to decode and convert hash." | |
return f"{hex_hash}:{salt}" | |
def save_to_file(output, file_path): | |
with open(file_path, 'w') as file: | |
file.write(output) | |
print(f"Output saved to {file_path}") | |
def main(): | |
parser = argparse.ArgumentParser(description="This tool converts Apache OFBiz hashes into a format suitable for cracking with Hashcat (mode 120).", | |
formatter_class=argparse.RawTextHelpFormatter) | |
parser.add_argument("hash_string", help="The hash string in the format: $HASH_TYPE$salt$encoded_hash\nExample: $SHA$d$-71FaEWIBT5CsVLiFRGn_vaqKAg") | |
parser.add_argument("-o", "--output", help="Optional path to save the output to a file.\nIf not specified, the output is printed to the console.") | |
args = parser.parse_args() | |
converted_hash = ofbiz2hashcat(args.hash_string) | |
if args.output: | |
save_to_file(converted_hash, args.output) | |
else: | |
print(f"Converted Hash (suitable for Hashcat -m 120): {converted_hash}") | |
if __name__ == "__main__": | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
made public