v0.4

CHANGES

@@ -0,0 +1,4 @@
+v0.4
+- Added MYSQL support for v4.1+ hashes (double SHA1 hashes) - 40 hex characters
+- Removed third-party modules
+- Fixed the WPA handshake file opening mode on non-posix systems

README.md

@@ -1,11 +1,11 @@
-Crackq Client
-=============
+Crackq Client - v0.4
+====================
 
 Crackq is an online distributed GPU-accelerated password cracker designed to
-help penetration testers and network auditors check for weak passwords. It
+help penetration testers and network auditors identify for weak passwords. It
 supports a number of hash types and we are actively adding new algorithms.
 
-Login to your account (https://hashcrack.org/crackq) to get the API key.
+Log in to your account (https://hashcrack.org/crackq) to get your API key.
 
 Installation
 -----------
@@ -27,6 +27,7 @@ Currently, the following algorithms are supported:
 * descrypt / DES(Unix)
 * md5crypt / FreeBSD MD5 / Cisco IOS MD5 / MD5(Unix)
 * PHPass MD5 (Wordpress, Joomla, phpBB3)
+* MYSQL 4.1+ (double SHA1)
 
 Submitting Hashes
 -----------------

crackqcli.py

@@ -1,6 +1,9 @@
 #!/usr/bin/env python
 #
-# [email protected]
+# Hashcrack Crackq command line client
+#
+# Email: support[at]hashcrack.org
+# Web:   hashcrack.org
 
 import json
 import sys
@@ -10,8 +13,6 @@
 import base64
 import re
 from urllib2 import Request, urlopen, URLError, HTTPError
-from thirdparty.termcolor import cprint
-from thirdparty.pdf2john import PdfParser
 
 SERVER = 'https://hashcrack.org'
 CONFIG_PATH = None
@@ -21,12 +22,20 @@
                 'client_ver' : '/crackq/v0.1/client_ver'
             }
 API_KEY = None
-MYVER = '0.3.2'
-HASH_TYPES = ['wpa', 'descrypt', 'md5crypt', 'md5', 'ntlm', 'sha1', 'pdf', 'phpass']
+MYVER = '0.4'
+HASH_TYPES = ['wpa',
+              'descrypt',
+              'md5crypt',
+              'md5',
+              'ntlm',
+              'sha1',
+              'pdf',
+              'phpass',
+              'mysql']
 
 def banner():
-    cprint('Crackq client %s' % MYVER, 'green')
-    cprint('[email protected]\n', 'green')
+    sys.stdout.write('Crackq client %s\n' % MYVER)
+    sys.stdout.write('[email protected]\n\n')
 
 def usage(argv0):
     sys.stdout.write('%s [-t|--type hash_type] [hash|file_path]\n' % argv0)
@@ -40,7 +49,8 @@ def usage(argv0):
     sys.stdout.write('md5crypt         MD5CRYPT / FreeBSD MD5 / Cisco IOS MD5 / MD5(Unix)\n')
     sys.stdout.write('descrypt         DESCRYPT / DES(Unix)\n')
     sys.stdout.write('pdf              PDF 1.4 - 1.6\n')
-    sys.stdout.write('phpass           phpass (Wordpress, Joomla and phpBB3)\n')
+    sys.stdout.write('phpass           PHPASS (Wordpress, Joomla and phpBB3)\n')
+    sys.stdout.write('mysql            MYSQL4.1+ (double SHA1)\n')
 
 def validate_hash(_hash, _hash_type):
     if _hash_type == 'descrypt':
@@ -52,7 +62,10 @@ def validate_hash(_hash, _hash_type):
     elif _hash_type == 'phpass':
        if re.match('^\$[PH]\$[0-9A-Z][./0-9A-Za-z]{30,30}$', _hash) is None:
            return False
-    elif _hash_type == 'sha1':
+    elif _hash_type == 'pdf':
+       if re.match('^\$pdf\$[0-9A-Z][./0-9A-Za-z]{30,30}$', _hash) is None:
+           return False
+    elif _hash_type == 'sha1' or _hash_type == 'mysql':
         if len(_hash) != 40:
             sys.stdout.write('[-] ERROR: Invalid hash\n')
             return False
@@ -136,7 +149,7 @@ def load_config():
         # check for updates
         sys.stdout.write('[+] Checking the current client version...\n')
         if urlopen(SERVER + ENDPOINTS['client_ver']).read() != MYVER:
-            cprint('[-] WARNING: NEW CLIENT VERSION IS AVAILABLE. PLEASE UPDATE.', 'red')
+            sys.stdout.write('[-] WARNING: NEW CLIENT VERSION IS AVAILABLE: https://hashcrack.org/crackq/page?n=install#update\n')
             sys.exit(-1)
 
         if len(args) != 1:
@@ -174,7 +187,7 @@ def load_config():
 
         if _type == 'wpa':
             try:
-                f = open(_content, 'r')
+                f = open(_content, 'rb')
             except IOError:
                 sys.stdout.write('[-] ERROR: Cannot find %s\n' % _content)
                 sys.exit(-1)
@@ -187,20 +200,6 @@ def load_config():
             _content = base64.b64encode(zlib.compress(_raw))
             f.close()
 
-        if _type == 'pdf':
-            parser = PdfParser(_content) 
-
-            if not parser.supported():
-                print 'This PDF format is not supported'
-                sys.exit(-1)
-            try: 
-                pdf_hash = parser.parse() 
-            except RuntimeError: 
-                e = sys.exc_info()[1] 
-                sys.stderr.write("%s : %s\n" % (filename, str(e))) 
-                sys.exit(-1)
-            _content = pdf_hash
-
         data = {'key': API_KEY, 'content': _content, 'type': _type, 'q': 'privq'}
         req = Request(SERVER + ENDPOINTS['submit'])
         req.add_header('Content-Type', 'application/json')
@@ -210,5 +209,5 @@ def load_config():
         sys.stdout.write('[-] ERROR: HTTP %d - %s\n' % (e.code, json.load(e)['msg']))
         sys.exit(-1)
     except URLError as e:
-        cprint('[-] ERROR: UNREACHABLE - %s' % e.reason, 'red')
+        sys.stdout.write('[-] ERROR: UNREACHABLE - %s\n' % e.reason)
         sys.exit(-1)