hashview v0.7.4-beta releases: web front-end for password cracking & analytics

Hashview is a tool for security professionals to help organize and automate the repetitious tasks related to password cracking. Hashview is a web application that manages hashcat (https://hashcat.net) commands. Hashview strives to bring consistency in your hashcat tasks while delivering analytics with pretty pictures ready for ctrl+c, ctrl+v into your reports.

Installation

Requirement

  1. Hashcat installed and working (https://hashcat.net/hashcat/)
  2. Hashcat installed and working (just double checking)
  3. A working RVM environment (https://rvm.io/rvm/install)

Changelog v0.7.4 beta

Added

  • Added new Analytics portlet “charset breakdown”
  • Extended Masks list to be to 10 instead of top 4.
  • Added Hashfile to Job listings
  • Added ability to create new tasks mid job creation. New tasks are automatically applied to the job.
  • Added new wordlist type (dynamic). These wordlists are dynamic as in they are ever changing based on outside conditions.
  • Newly imported hashfiles automatically trigger and generate a corresponding dynamic wordlist.
  • Added more info for Tasks and Wordlists, now you can easily see which tasks are assigned to what job, and what wordlists are assigned to what tasks.
  • Added dynamic chunking! Now each agent will work on chunks based off of their computed benchmarks.
  • Added fail check when hashfile fails import and loads a hashfile of 0/0.
  • Added ability to create task group ( a predefined set of tasks for easy job assignment)
  • Added ability to perform pre/post shell commands per task (Thanks: https://github.com/dmaasland)

Changed

  • The Last Updated value for jobs has been changed to Job Owner. This value is no longer updated when a user edits a job.
  • Updated Gems and Base Ruby to 2.4.4 (Thanks https://github.com/HugoPouliquen)

Removed

  • Removed Smart Wordlists in favor Customer/Hashfile/All dynamic wordlists.

Fixed

  • Fixed issue where homepage fails to render if remote agents dont checkin
  • Fixed issue when reordering tasks.
  • Fixed bug where getBusy? function was incorrectly citing if hashview was busy.
  • Now prevents the creation of a job with no tasks assigned.
  • Fixed time run calculation bug used in hashfiles
  • Fixed bug where keyspace was improperly being calculated for new task when hashcat was actively running.
  • Fixed bug where rule name was not properly displaying in jobs listing
  • Fixed bug where hashfiles were failing to delete as they were falsely reporting as being associated to a job.
  • Fixed bug where emails were not sending on job completion (Thanks: https://github.com/dmaasland)

Installation

Install mysql & Redis
sudo apt-get update
sudo apt-get install git mysql-server libmysqlclient-dev redis-server openssl rake
[optional, but recommended]
sudo mysql_secure_installation

 

 

 Optimize the database (on ubuntu 16.10 /etc/mysql/mysql.conf.d/mysqld.conf)
sudo vim /etc/mysql/my.cnf

 

 

Add the following line under the [mysqld] section:

innodb_flush_log_at_trx_commit  = 0
innodb_file_format = Barracuda
innodb_large_prefix = 1
innodb_file_per_table=true

 

 

restart mysqld

sudo service mysql restart

 

 

 Install rvm

Setup Hashview

git clone https://github.com/hashview/hashview

Install gems
rvm install ruby-2.2.2
gem install bundler
bundle install

Setup database connectivity
cp config/database.yml.example config/database.yml
vim config/database.yml

RACK_ENV=production rake db:setup
Create database

 

 

 Screenshot

Tutorial 

Author:

  • @caseycammilleri
  • @jarsnah12

Share