CrackerJack – Web GUI for Hashcat

CrackerJack –  Web GUI for Hashcat

Web Interface for Hashcat by Context Information Security

Demo / Start Cracking in Under 5 Minutes

Introduction

CrackerJack is a Web GUI for Hashcat developed in Python.

Architecture

This project aims to keep the GUI and Hashcat independent. In a nutshell, here’s how it works:

  • User uploads hashes, selects wordlist/rules/mask etc, and clicks “start”.
  • Web server spawns a new screen.
    • Generates the hashcat command based on the settings.
    • Runs the command in the screen.
    • Monitors the screen’s output, parses it, and displays in the GUI.

This allows CrackerJack to be future-proof as it ties to the input/output of Hashcat. Also, if the GUI is not working for whatever reason, hashcat will keep running.

Features

  • Minimal dependencies
  • Complete hashcat session management.
    • Start/stop/pause/restore running sessions.
    • Terminate cracking jobs after a specific date/time.
  • Web interface for mask generation (?a?l?u).
  • Web Push notifications when a password is cracked.
  • Swagger 2.0 API.
  • Create wordlists from already cracked passwords and feed back into the cracking session.
  • Session history to track which attacks you have already performed.
  • Multi-user support (local and/or LDAP).
  • Wordlist/Mask/Rule support.
  • Multiple theme support (Bootswatch).
  • Straight-forward setup.
    • Entire configuration is via the GUI. No need for manually editing config files.
    • Run locally on Linux and Windows (WSL).
    • Install on a server using ansible scripts (Ubuntu 14/16/18 and CentOS 7/8).
    • Easy backups – all user data are in the ./data directory.
  • Troubleshoot sessions via SSH.

Limitations

  • Not a solution for queueing jobs – it’s only for on-demand password cracking.
  • Not meant to be a replacement for command-line usage. It’s complimentary and only supports basic and most common cracking tasks.
  • Will not install any GPU drivers. The main assumption is that you have a cracking rig already setup and are looking for a Web GUI.
  • Wordlists and rules should already be present on the system.

Contribution

As we maintain an internal tracker as well, before contributing please create an issue to discuss before implementing any features/changes.

Screenshots

Running Session

crackerjack 2 cj running

Dashboard

crackerjack 3 cj dashboard

Session

crackerjack 4 cj session

Selecting Hashes

 

crackerjack 5 cj hashes

HashType Options

crackerjack 6 cj hashtype

Wordlist Selection

crackerjack 7 cj wordlist

Mask Generation

crackerjack 8 cj mask

General Session Settings

crackerjack 9 cj settings

 

1MrynPby E

Click here for image source link and to read full Article

Read More on Pentesting Tools

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: