Pentest Tools

Published on April 18th, 2016 📆 | 4761 Views ⚑

0

Gladius — From Responder To Credentials


https://www.ispeech.org
Gladius provides an automated method for cracking credentials from various sources during an engagement. It can currently crack hashes from Responder, secretsdump.py, and smart_hashdump. The usefulness of Gladius is that any sort of file driven event can be captured and triggered. By default, it comes prepackaged with three types of events:

  • Watching for files that match *NTLM* from Responder in Responder’s default directory on Kali:/usr/share/responder
  • Watching for files that match *hashdump* from Metasploit’s smart_hashdump module in/root/.msf*/loot
  • Watching for files that match *secretsdump* from CoreSecurity’s secretsdump.py also in Responder’s default directory

What this means, is that once it is started, all one has to do is perform a smart_hashdump in metasploit or pipe the output from secretsdump.py into /usr/share/responder, and the resulting hashes are automatically passed to hashcat to begin cracking.

One other feature that is useful to clients is the ability to tell them how many credentials were cracked in what span of time. Given a hashdump, this tool will happily displays the following information:

  • Total time it took to crack the given hash
  • How many total hashes have been cracked thus far
  • Total number of hashes to crack
  • Percentage of hashes cracked

 

gladius


 

How To Install Gladius

pip install watchdog
git clone https://www.github.com/praetorian-inc/gladius
cd gladius
git clone https://www.github.com/praetorian-inc/Hob0Rules
cp Hob0Rules/* .
rm -rf Hob0Rules/

 

Start

python gladius.py

Now start the responder session as normal

cd /usr/share/responder
python Responder.py -i YOUR_IP -I YOUR_INTERFACE

 

Working with secretsdump

Send results of secretsdump for parsing and cracking.

for ip in $(cat ips); do secretsdump.py DOMAIN/username:password@$ip > /usr/share/responder/secretsdump_$ip; done

[adsense size='1']

Help

$ python gladius.py -h
usage: gladius.py [-h] [-v] [--responder-dir RESPONDER_DIR]
                  [--hashcat HASHCAT] [-r RULESET] [-w WORDLIST] [--no-art]

optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Increased output verbosity
  --responder-dir RESPONDER_DIR
                        Directory to watch for Responder output
  --hashcat HASHCAT     Path to hashcat binary
  -r RULESET, --ruleset RULESET
                        Ruleset to use with hashcat
  -w WORDLIST, --wordlist WORDLIST
                        Wordlist to use with hashcat
  --no-art              Disable the sword ascii art for displaying credentials
                        and default to only text.

 

 

Source && Download

https://github.com/praetorian-inc/gladius



Leave a Reply

Your email address will not be published.