EvilZone

Programming and Scripting => Scripting Languages => Topic started by: neusbeer on February 09, 2012, 05:27:41 PM

Title: bash script find and replace (problem)
Post by: neusbeer on February 09, 2012, 05:27:41 PM

ok, I have a list with hash:pass
and I want to replace it on a document.
(Html in this case).


I made this script:

Code: [Select]

#!/bin/bash
# $1 file with search:replace list
# $2 files to check


# read s&r list


lijst=( `cat "$1" `)


for t in "${lijst[@]}"
do
 hash=$(echo $t | cut -d\: -f1)
 pass=$(echo $t | cut -d\: -f2)
 sed -i 's/"$hash"/"$pass"/g' "$2"
done


but this takes forrrreeevvveerrr.. :-)


any ideas on this?


addition: It doesn't even work correct  :o

Title: Re: bash script find and replace (problem)
Post by: Kulverstukas on February 09, 2012, 08:05:49 PM

Why not try python? If I had more details, I'd wind it up for ya.

Title: Re: bash script find and replace (problem)
Post by: neusbeer on February 09, 2012, 08:16:06 PM

Python can also work, but I'm just learning that.
Delphi would work for sure, but I want to let it work in win/cygwin/linux.. soo..

ok.. some more details..


at start.. a Havij html page with hashes and further info..
http://dl.dropbox.com/u/4378489/Forums/evilzone/phpbb_users.html (http://dl.dropbox.com/u/4378489/Forums/evilzone/phpbb_users.html)


I extract the hashes with grep and try to bruteforce them which results in a textfile:
http://dl.dropbox.com/u/4378489/Forums/evilzone/hashes_found.txt (http://dl.dropbox.com/u/4378489/Forums/evilzone/hashes_found.txt)


The main idea is to read the hashes_found.txt and replace the hashes in the html
file with the found passwords.


(whehehe don't mind the example.. from a dutch site I just found which is really fun to deface I think :P)

Title: Re: bash script find and replace (problem)
Post by: xzid on February 09, 2012, 09:15:04 PM

Code: [Select]

#!/usr/bin/env ruby

unless ARGV.length == 3
    puts "USE: #{$0} <hash_list> <input> <output>"
    exit
end

w = File.new(ARGV[2], 'w')
file = File.read(ARGV[1])

File.open(ARGV[0], 'r') do |f|
    while line = f.gets
        t = line.chomp.split(':')
        file.gsub!(t[0], t[1])
    end
end

w.puts file

seems to work

Code: [Select]

~ $ wget -q http://dl.dropbox.com/u/4378489/Forums/evilzone/hashes_found.txt
~ $ lynx -dump http://dl.dropbox.com/u/4378489/Forums/evilzone/phpbb_users.html > phpbb_users.txt
~ $ time ruby hash_sub.rb hashes_found.txt phpbb_users.txt new_phpbb_users.txt

real    0m0.388s
user    0m0.204s
sys    0m0.028s
~ $ diff phpbb_users.txt new_phpbb_users.txt
.... etc ....
<    twocv6 eb4d6d44963cdab468008da180c51414 twocv@live.nl
<    Suzette 3b0dd31021ff0d76d3e848b997c021c2 a.sinte@aol.com
---
>    twocv6 vannelle twocv@live.nl
>    Suzette passs1 a.sinte@aol.com
2256c2256
<    Daphne36 db9679033bcfd3f57531fc696f64a0d5 daphnetv30@hotmail.com
---
>    Daphne36 panty daphnetv30@hotmail.com
~ $ grep panty hashes_found.txt
db9679033bcfd3f57531fc696f64a0d5:panty
4606b268635276633039f7f833f7e85b:pantyhose
ae4b96fef1e6d5ad2e32f02744af7e38:pantys
623d871d9af3835a8d70d549334406fa:panty1

I used lynx to strip some HTML but the file still came out pretty ugly.

Title: Re: bash script find and replace (problem)
Post by: neusbeer on February 09, 2012, 09:21:19 PM

well the idea is that the html code stays intact.. only hash/pass replacement..

Title: Re: bash script find and replace (problem)
Post by: xzid on February 09, 2012, 09:26:20 PM

Quote from: neusbeer on February 09, 2012, 09:21:19 PM

well the idea is that the html code stays intact.. only hash/pass replacement..

works with HTML too, you just have a shitload more text to parse so it takes much longer.

Title: Re: bash script find and replace (problem)
Post by: neusbeer on February 09, 2012, 09:31:29 PM

true.. thnxs.. gonna work with this one..
sed is just tooo slow..

@Kulverstukas a python script is also welcome..

Title: Re: bash script find and replace (problem)
Post by: xzid on February 09, 2012, 09:33:26 PM

see updated code, load everything in mem.. much faster.

in retrospect, the old code was stupid.

edit: even better, and now the code is good.

Title: Re: bash script find and replace (problem)
Post by: neusbeer on February 09, 2012, 10:06:32 PM

Kuddo's man.. works like a charm.. and blazing fast..


thnxs.. I was struggling with this for quite a while....

Title: Re: bash script find and replace (problem)
Post by: Kulverstukas on February 09, 2012, 10:21:42 PM

Ahh seems I'm a bit late :D but here is my version anyway:

Code: [Select]

counter = 0

print 'Trying to open files...'
crackedPassFile = open('hashes_found.txt', 'r')
# open it for reading
replaceIn = open('phpbb_users.html', 'r')

#load the text into memory
print 'Loading the text into memory...'
tmp = ''
text = replaceIn.read()
replaceIn.close()
   
# start replacing hashed with passwords
print 'Replacing hashes with passwords...'
tmp = ''
for tmp in crackedPassFile:
    splitTmp = tmp.split(':')
    hash = splitTmp[0]
    password = splitTmp[1]
    text = text.replace(hash, password)
    counter += 1
   
# write replaced content to a file
print 'Writing replaced shit to a file...'
replaceIn = open('phpbb_users_replaced.html', 'w')
replaceIn.write(text)
replaceIn.close()

# print a status message
print 'Finished. Replaced '+str(counter)+' hashes'

Nothing fancy, but seems to be "blazing fast" :D

Title: Re: bash script find and replace (problem)
Post by: neusbeer on February 09, 2012, 10:30:32 PM

thnxs... python is more understandable for me (at this moment)
gonna test it tomorrow.. gonna get some sleep..