Frameworks Windows

Doozer :

Written by Mubassir patel

Doozer

Doozer is an extensible, automated hash cracking utility used to automate the parsing, cracking, and organization of password hashes. Currently, Doozer supports nt/lm, ntlmv1, and ntlmv2 hashes (from Responder or SAM), but sports a modular architecture that allows other hash types to be trivially plugged in. A simple, Django-based web interface allows users to view cracking sessions in real time, view session results, and search the hash database. A simple REST API is also exposed, allowing scripts to easily interface with the database.

This tool’s features a folder monitoring solution; in order to provide a seamless method for cracking hashes, Doozer allows you to set a folder that it will monitor for hash files. Once a file is dropped into this location, Doozer will move it to a working directory and queue it for cracking. Doozer supports a configurable number of parallel cracking sessions as well as a simple queuing system to automatically start up sessions once one has completed. This is configured in doozer/core/sethor.py.

There are bugs, and Doozer is currently still in development.

Hash view: Hashes

Session view: Session

requires

  • django-1.5+ (tested on 1.5.4)
  • django-bootstrap3
  • watchdog
  • requests
  • passlib

 contains

  • monitor.py — Manages monitoring our watched folder, running, and spinning up jobs.
  • horstop.py — Auxiliary tool for interacting with masterhor. Can be used to insert data into the master list.
  • doozer.py — doozer – the next generation

To run:

$ ./doozer/horstop.py --startup 

This kicks off our Django application as well as our monitoring application

USAGE

Please see the wikipedia entry for usage information

TODO

  • roll over monitor_log and create a log archive
  • limit default hash page to top 100
  • add more awesome hash types
  • provide more hash statistics (reports?)

About the author

Mubassir patel

Mubassir is a founder and developer of this site. He is a computer science engineer. He has a very deep interest in ethical hacking, penetration testing, website development and including all technology topic.

Leave a Comment