From ec7d302c5574d54bb875e6d9003ba1cc20c0a75b Mon Sep 17 00:00:00 2001
From: lanjelot <lanjelot@gmail.com>
Date: Mon, 22 Jul 2013 08:31:14 +1000
Subject: [PATCH] new umbraco_crack module

---
 patator.py | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/patator.py b/patator.py
index 209f635..4f600e4 100755
--- a/patator.py
+++ b/patator.py
@@ -3615,6 +3615,38 @@ class Keystore_pass:
 
 # }}}
 
+# Umbraco {{{
+import hmac
+class Umbraco_crack:
+  '''Crack Umbraco HMAC-SHA1 password hashes'''
+
+  usage_hints = (
+    """%prog hashlist=@umbraco_users.pw password=FILE0 0=rockyou.txt""",
+    )
+
+  available_options = (
+    ('hashlist', 'hashes to crack'),
+    ('password', 'password to test'),
+    )
+  available_actions = ()
+
+  Response = Response_Base
+
+  def execute(self, password, hashlist):
+
+    p = password.encode('utf-16-le')
+    h = b64encode(hmac.new(p, p, digestmod=hashlib.sha1).digest())
+
+    if h not in hashlist:
+      code, mesg = 1, 'fail'
+    else:
+      cracked = [line.rstrip() for line in hashlist.split('\n') if h in line]
+      code, mesg = 0, ' '.join(cracked)
+
+    return self.Response(code, mesg)
+
+# }}}
+
 # TCP Fuzz {{{
 class TCP_fuzz:
   '''Fuzz TCP services'''
@@ -3702,6 +3734,7 @@ modules = [
   
   ('unzip_pass', (Controller, Unzip_pass)),
   ('keystore_pass', (Controller, Keystore_pass)),
+  ('umbraco_crack', (Controller, Umbraco_crack)),
 
   ('tcp_fuzz', (Controller, TCP_fuzz)),
   ('dummy_test', (Controller, Dummy_test)),