diff --git a/.github/workflows/lint-client.yml b/.github/workflows/lint-client.yml
index 6cb68d9..e48b6ed 100644
--- a/.github/workflows/lint-client.yml
+++ b/.github/workflows/lint-client.yml
@@ -65,6 +65,7 @@ jobs:
cd externals/gocat
sudo make install
sudo make set-user-permissions USER=${USER}
+ git reset --hard # needed for update-submodules.yaml
- name: Run golangci-lint:client
run: |
diff --git a/.github/workflows/update-modules.yaml b/.github/workflows/update-pull-requests.yaml
similarity index 52%
rename from .github/workflows/update-modules.yaml
rename to .github/workflows/update-pull-requests.yaml
index d5ebe6c..28ef5c6 100644
--- a/.github/workflows/update-modules.yaml
+++ b/.github/workflows/update-pull-requests.yaml
@@ -1,21 +1,13 @@
-name: 'Submodules Sync'
+name: 'Sync Branches'
on:
push:
branches:
- main
- pull_request:
- types:
- - opened
- - reopened
- - ready_for_review
- - synchronize
jobs:
sync:
- if: github.event.pull_request.draft != true
-
- name: 'Submodules Sync'
+ name: 'Sync Branches'
runs-on: ubuntu-22.04
defaults:
@@ -28,11 +20,6 @@ jobs:
with:
submodules: recursive
- # Update references
- - name: Git Submodule Update
- run: |
- git submodule update --init --remote --recursive
-
- uses: docker://chinthakagodawita/autoupdate-action:v1
env:
GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
diff --git a/.github/workflows/update-submodules.yaml b/.github/workflows/update-submodules.yaml
new file mode 100644
index 0000000..eae1a43
--- /dev/null
+++ b/.github/workflows/update-submodules.yaml
@@ -0,0 +1,43 @@
+name: 'Update submodules Branches'
+
+on:
+ schedule:
+ - cron: '0 0 * * 0' # Runs every Sunday at midnight (UTC)
+ pull_request:
+ types:
+ - opened
+ - reopened
+ - ready_for_review
+ - synchronize
+
+jobs:
+ sync:
+ if: github.event.pull_request.draft != true
+
+ name: 'Sync Branches'
+ runs-on: ubuntu-22.04
+
+ defaults:
+ run:
+ shell: bash
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v4
+ with:
+ submodules: recursive
+
+ # Update references
+ - name: Git Submodule Update
+ run: |
+ cd externals/gocat
+ git pull
+ cd ../../
+ cd externals/hcxtools
+ git pull
+
+ - name: Commit and Push Changes
+ uses: stefanzweifel/git-auto-commit-action@v4
+ with:
+ commit_message: "Update submodules"
+ file_pattern: externals/gocat/* externals/hcxtools/*
\ No newline at end of file
diff --git a/README.md b/README.md
index 8e4eb3b..4d85aca 100644
--- a/README.md
+++ b/README.md
@@ -25,12 +25,13 @@ Student: Angelo Rosa
+ 
## Brief
-> **H.D.S (Hashcat-Distributed-Service)** is a university project entirely written in **Go** that can find practical applications for collecting and then distributing hashes and handshakes cracking tasks on multiple hashcat clients through a control panel centre. Include a Deamon for collecting and verifying WPA handshakes from IOT devices.
+> **H.D.S (Hashcat-Distributed-Service)** is a university project entirely written in **Go** that can find practical applications for collecting and then distributing hashes and handshakes cracking tasks on multiple hashcat clients through a control panel centre. Include a Daemon for collecting and verifying WPA handshakes from IOT devices.
You can have multiple clients for multiple tasks and each one operates independently on different machines.
For more information about the project capabilities, please read the [feature section](#project-features)
@@ -38,7 +39,7 @@ You can find releases compiled at: [https://github.com/Virgula0/H.D.S/releases](
But remember to read the following compiling procedures anyway
-- [Compile Deamon](raspberry-pi/README.md#compile-and-run-the-daemon)
+- [Compile Daemon](raspberry-pi/README.md#compile-and-run-the-daemon)
- [Compile Server](server/README.md#compile-and-run)
- [Compile Client](client/README.md#compile-and-run)
@@ -70,6 +71,9 @@ sudo pacman -S xorg-xhost
git submodule init && \
git submodule update && \
git pull --recurse-submodules && \
+# download wordlists
+git lfs install && \
+git lfs pull && \
# change display values as you need
export DISPLAY=:0.0 && \
xhost +local:docker && \
@@ -195,13 +199,14 @@ While security auditing and privacy were not primary objectives for this project
- A symmetric encryption key has been generated, but encryption is yet to be implemented.
2. **Daemon Authentication:**
- - Daemon authenticates via **REST API** before establishing a **TCP** connection.
+ - ~~Daemon authenticates via **REST API** before establishing a **TCP** connection.~~ Fixed with https://github.com/Virgula0/H.D.S/pull/42
- ~~Credentials are sent via command-line arguments, which could be stolen easily if a malicious actor have access remotely to the machine.~~ Fixed with https://github.com/Virgula0/H.D.S/pull/39
3. **gRPC Security:**
- gRPC communication currently lacks **SSL/TLS certificates** for encryption.
### Security Measures Implemented:
+
- Basic protection against vulnerabilities like **SQL Injection** and **IDORs** has been considered.
> If you have suggestions or improvements, feel free to **open a pull request**.
@@ -480,4 +485,5 @@ Ignoring gRPC and other basic deps
- **Gopacket** `github.com/google/gopacket` Parse `.PCAP` files as layers
- **Wifi** `github.com/mdlayher/wifi` used by daemon for understanding if we're connected to our local network
- **Cobra** `github.com/spf13/cobra` used for parsing command line arguments easily in daemon
+- **bubbletea** `github.com/charmbracelet/bubbletea` tui for login implemented in daemon
- Other dependencies could be implicitly downloaded and used because of these deps
\ No newline at end of file
diff --git a/client/Dockerfile b/client/Dockerfile
index fcf59ce..f17cf0b 100644
--- a/client/Dockerfile
+++ b/client/Dockerfile
@@ -8,8 +8,6 @@ RUN apt update -y && \
opencl-headers \
pocl-opencl-icd \
build-essential \
- wget \
- git \
ca-certificates \
libz-dev \
libssl-dev \
@@ -28,10 +26,10 @@ COPY externals/hcxtools /app/externals/hcxtools
# this trick needs to be improved, but needed for git commands in
# gocat Makefile. this copies a ton of GB inside the container
-COPY .git /app/.git
+COPY .git /app/.git
# create user
-RUN useradd -ms /bin/bash client
+RUN useradd -ms /bin/bash client
WORKDIR /app/externals/gocat
# Install hashcat 6.1.1
@@ -44,12 +42,13 @@ RUN make install && \
COPY client /app/client
COPY proto-definitions /app/proto-definitions
COPY proto.sh /app/proto.sh
+
WORKDIR /app/client
RUN chown -R client:client /app && \
# give permissions to run go on client
chown -R client:client /go
-
+
USER client
# install proto
diff --git a/client/Makefile b/client/Makefile
index 414b7b8..fa45466 100644
--- a/client/Makefile
+++ b/client/Makefile
@@ -19,9 +19,15 @@ links-build:
fi; \
if [ ! -e "build/hashcat.hctune" ]; then \
ln -s /usr/local/share/hashcat/hashcat.hctune build/hashcat.hctune; \
+ echo "Created symbolic link for hashcat.hctune"; \
fi; \
if [ ! -e "build/modules" ]; then \
ln -s /usr/local/share/hashcat/modules build/modules; \
+ echo "Created symbolic link for modules"; \
+ fi; \
+ if [ ! -e "build/hashcat.hcstat2" ]; then \
+ ln -s /usr/local/share/hashcat/hashcat.hcstat2 build/hashcat.hcstat2; \
+ echo "Created symbolic link for hashcat.hcstat2"; \
fi; \
}
.PHONY: links-build
@@ -34,9 +40,15 @@ links:
fi; \
if [ ! -e "hashcat.hctune" ]; then \
ln -s /usr/local/share/hashcat/hashcat.hctune hashcat.hctune; \
+ echo "Created symbolic link for hashcat.hctune"; \
fi; \
if [ ! -e "modules" ]; then \
ln -s /usr/local/share/hashcat/modules modules; \
+ echo "Created symbolic link for modules"; \
+ fi; \
+ if [ ! -e "hashcat.hcstat2" ]; then \
+ ln -s /usr/local/share/hashcat/hashcat.hcstat2 hashcat.hcstat2; \
+ echo "Created symbolic link for hashcat.hcstat2"; \
fi; \
}
.PHONY: links
@@ -46,6 +58,7 @@ clean:
rm -rf modules
rm -rf kernels
rm -f *.hctune
+ rm -f hashcat.hcstat2
rm -f *.dictstat*
rm -f main
.PHONY: clean
diff --git a/client/README.md b/client/README.md
index 6572ab7..c3ff7cc 100644
--- a/client/README.md
+++ b/client/README.md
@@ -93,22 +93,20 @@ While this solution works for our current requirements, future improvements coul
> The following dependencies needs to be installed before proceeding, even if you're using compiled binaries from releases
```bash
-apt update -y && \
- apt install -y --no-install-recommends \
- protobuf-compiler
+sudo apt update -y && \
+sudo apt install -y --no-install-recommends \
+ protobuf-compiler \
libminizip-dev \
ocl-icd-libopencl1 \
opencl-headers \
+ git \
+ git-lfs \
pocl-opencl-icd \
build-essential \
- wget \
- git \
- dumb-init \
ca-certificates \
libz-dev \
libssl-dev \
dbus \
- # Graphic libraries for raylib
libgl1-mesa-dev libxi-dev libxcursor-dev libxrandr-dev libxinerama-dev libwayland-dev libxkbcommon-dev
```
@@ -118,9 +116,9 @@ apt update -y && \
Follow these steps to compile and run the client, run it from project root dir
```bash
-git submodule init
-git submodule update --init --remote --recursive
-git pull --recurse-submodule
+git submodule update --init --remote --recursive && \
+git lfs install && \
+git lfs pull
```
1. **You need to install `hashcat` 6.1.1. This step is necesary only for the first time.**
@@ -132,24 +130,35 @@ sudo make set-user-permissions USER=${USER}
cd ../../
```
-2. **Build with**
+2. **Install protobuf**
+
+> [!NOTE]
+> This was tested out using go `1.23.4`. Other version may have problems.
+
+```bash
+go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.31.0 &&
+go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3.0
+```
+
+3. **Build client**
```bash
cd client
make build
```
-Produces the following files tree
+Produces the following files tree in `build`
```
├── client
├── hashcat.hctune -> /usr/local/share/hashcat/hashcat.hctune
+├── hashcat.hcstat2 -> /usr/local/share/hashcat/hashcat.hcstat2
├── libhcxpcapngtool.so
├── modules -> /usr/local/share/hashcat/modules
└── OpenCL -> /usr/local/share/hashcat/OpenCL
```
-3. **Run with**
+4. **Run with**
```bash
make run-compiled
diff --git a/client/internal/gui/process_window.go b/client/internal/gui/process_window.go
index 24c92f7..5d81589 100644
--- a/client/internal/gui/process_window.go
+++ b/client/internal/gui/process_window.go
@@ -14,7 +14,7 @@ import (
)
const (
- windowWidth = 850
+ windowWidth = 851
windowHeight = 550
defaultLogHeight = 300
diff --git a/docker-compose.yaml b/docker-compose.yaml
index e98589a..b759bee 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -60,7 +60,7 @@ services:
- DB_PORT=3306
- DB_NAME=dp_hashcat
- ALLOW_REGISTRATIONS=True # Disable if needed
- - DEBUG=False # This will enable seeds for having handshake, clients, and raspberryPI mocked
+ - DEBUG=True # This will enable seeds for having handshake, clients, and raspberryPI mocked
- RESET=True
- GRPC_URL=0.0.0.0:7777
- GRPC_TIMEOUT=10s
diff --git a/docs/docs.pdf b/docs/docs.pdf
index 5ef06f5..642494c 100644
Binary files a/docs/docs.pdf and b/docs/docs.pdf differ
diff --git a/docs/images/Screenshots/5.png b/docs/images/Screenshots/5.png
new file mode 100644
index 0000000..d863a65
Binary files /dev/null and b/docs/images/Screenshots/5.png differ
diff --git a/externals/hcxtools b/externals/hcxtools
index 7111fe5..bee4b65 160000
--- a/externals/hcxtools
+++ b/externals/hcxtools
@@ -1 +1 @@
-Subproject commit 7111fe51f7cfd7b8b62c4da1e7a57618b26aca5d
+Subproject commit bee4b65668a3528ab267131f1cce89c0382e79f3
diff --git a/raspberry-pi/README.md b/raspberry-pi/README.md
index e654d4a..3289da9 100644
--- a/raspberry-pi/README.md
+++ b/raspberry-pi/README.md
@@ -55,6 +55,11 @@ Make sure the following requirements are met before building and running the dae
> [!IMPORTANT]
> The daemon requires `libpcap0.8-dev` to be installed on your system, even if you're using compiled binaries from releases.
+```bash
+sudo apt update -y && \
+sudo apt install -y libpcap0.8-dev
+```
+
> [!IMPORTANT]
> The file `/etc/machine-id` must exist on your machine.
diff --git a/server/README.md b/server/README.md
index f8c84ef..56b497d 100644
--- a/server/README.md
+++ b/server/README.md
@@ -34,8 +34,8 @@ The **frontend** performs the following tasks:
### **1. Start Database**
```bash
-cd database
-docker build -t dp-database .
+cd database && \
+docker build -t dp-database . && \
docker run -d \
--name dp-database \
-e MYSQL_RANDOM_ROOT_PASSWORD=yes \