Skip to content
/ digestive Public
forked from eric-conrad/digestive

Dictionary cracking tool for HTTP Digest challenge/response hashes

License

GPL-3.0 license
0 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Dajango/digestive

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
media
media
 
 
.gitattributes
.gitattributes
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
digestive
digestive
 
 

Repository files navigation

digestive

Dictionary cracking tool for HTTP Digest challenge/response hashes

Code based on: https://gist.github.com/yesecurity/5fb47f44e289e8bc9c35

Launches dictionary attack vs. captured HTTP Digest credentials (taken from a PCAP, Burp or ZAP proxy, etc.)

Example credentials

Authorization: Digest username="conrad", realm="Security542", nonce="q5mFt62KBQA=30b96361b3061fc88ad88a19170b873073ccb930", uri="/digest/", algorithm=MD5, response="36bf5df32af14d751ee901fcd2d72479", qop=auth, nc=00000001, cnonce="763eb7656a737513"

Resulting command line (using John the Ripper's wordlist)

digestive --username conrad --wordlist /opt/john/run/password.lst --method GET --uri /digest/ --nc 00000001 --qop auth --realm Security542 --cnonce 763eb7656a737513 --nonce q5mFt62KBQA=30b96361b3061fc88ad88a19170b873073ccb930 --response 36bf5df32af14d751ee901fcd2d72479

About

Dictionary cracking tool for HTTP Digest challenge/response hashes

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%