crowbar
crowbar copied to clipboard
galkan
passing a txt file with passwords not working
launching : crowbar -b rdp -s 192.168.0.15/32 -u IEUser -C /usr/share/wordlists/rockyou.txt result: 2020-08-22 17:55:31 START 2020-08-22 17:55:31 Crowbar v0.4.1 2020-08-22 17:55:31 Trying 192.168.0.15:3389 File: /usr/share/wordlists/rockyou.txt doesn't exists
does anyone has experimenting the same issue?
Hey, I just had this issue with rockyou.txt, but I think I've been able to work around it.
Assuming you are using kali and used "apt install crowbar" to install the package to /usr/share
- Navigate to /usr/share/crowbar/lib/
- Make a backup of main.py (I used "cp main.py main.py.backup")
- Once you have a backup, open up the main.py file (Ex. sudo nano main.py).
- Look for "def sshlogin(self, ip, port, user, keyfile, timeout):" as the start of the next function (the function before it should be def rdp(self): but we need to make the change at the bottom of this function, hence why I suggest looking for def sshlogin.
- A few lines above that you should see a try statement followed by "passwdfile = open(self.args.passwd_file, "r").read().splitlines()"
- This is the line causing problems with rockyou.txt.
- I modified the open command to add encoding="latin-1" instead of Python3 using "UTF-8" that throws the error.
- ie. the line should look like "passwdfile = open(self.args.passwd_file, "r", encoding="latin-1").read().splitlines()"
- Save your changes and test it out.
- Seems to be working (I think), at least crowbar is running and the passwords it's attempting look okay. Worth a try at least.
It's the rockyou.txt and some of the passwords in there not working well with UTF-8.
Alternative solution which doesn't require crowbar to change: Convert rockyou.txt to UTF-8.
https://github.com/wpscanteam/wpscan/issues/190#issuecomment-18087644
iconv -f ISO-8859-1 -t UTF-8 /usr/share/wordlists/rockyou.txt > rockyou_utf8.txt
Alternative solution which doesn't require crowbar to change: Convert rockyou.txt to UTF-8.
wpscanteam/wpscan#190 (comment)
iconv -f ISO-8859-1 -t UTF-8 /usr/share/wordlists/rockyou.txt > rockyou_utf8.txt
This works for me, thanks.
For anyone who stumbles upon this issue...
Alternatively you can create another rockyou file and update that one.
sudo cp /usr/share/wordlists/rockyou.txt /usr/share/wordlists/rockyou_utf8.txt
sudo vim -c ':set nobomb' -c ':set fileencoding=utf-8' -c ':wq' /usr/share/wordlists/rockyou_utf8.txt
The commands, :set nobomb, :set fileencoding=utf-8 and :wq work in vim too; for when you have vim already opened.
- https://en.wikipedia.org/wiki/Byte_order_mark
- https://unix.stackexchange.com/questions/381230/how-can-i-remove-the-bom-from-a-utf-8-file
- https://stackoverflow.com/questions/778069/how-can-i-change-a-files-encoding-with-vim
that's weird, my rockyou.txt is already utf-8 and even with these workarounds I'm still getting "file doesn't exists" Copying rockyou.txt to the same folder I'm running crowbar worked, though.
that's weird, my rockyou.txt is already utf-8 and even with these workarounds I'm still getting "file doesn't exists" Copying rockyou.txt to the same folder I'm running crowbar worked, though.
it works. you will end up with a rockyou_utf8.txt file, try to fix it because you will need it. this post helped me a lot for the oscp.
All you need are these two commands:
kali~$ sudo cp /usr/share/wordlists/rockyou.txt /usr/share/wordlists/rockyou_utf8.txt
kali~$ sudo vim -c ':set nobomb' -c ':set fileencoding=utf-8' -c ':wq' /usr/share/wordlists/rockyou_utf8.txt
