#!/usr/bin/perl -w
#
# bsvejk -- foofus.net
#
use strict;
use vars qw(%userlm1 %userlm2 %userntlm %pw %users);

my $pwdump = shift or die "Please specify pwdump file.";
my $potfile = shift || "/h/lib/passwd/data/john/john.pot";

open PW, "$pwdump" or die "Can't open $pwdump: $!";

open POT, "$potfile" or die "Can't open john.pot: $!";

while(<PW>) {
  chomp;
  my($user,$uid,$lm,$ntlm) = split /:/;
  next if(not defined $ntlm);
  if(($lm !~ /^NO PASS/) && ($lm !~ /^00000000000000000000000000000000$/)) {
    my($lm1,$lm2) = (substr($lm, 0, 16), substr($lm,16));
    if($lm1.$lm2 ne $lm) {
      die "Substr assertion fault.\n";
    }
    $userlm1{$user} = $lm1;
    $userlm2{$user} = $lm2;
    $users{$user} = $_;
  }
  if($ntlm !~ /^NO PASS/) {
    $userntlm{$user} = $ntlm;
    $users{$user} = $_;
  }
}
while(<POT>) {
  chomp;
  if(/^\$LM\$/) {
    my($hash,$pw) = split /:/,$_,2;
    $hash =~ s/^\$LM\$//;
    $pw{$hash} = $pw;
  } elsif(/^\$NT\$/) {
    my($hash,$pw) = split /:/,$_,2;
    $hash =~ s/^\$NT\$//;
    $pw{$hash} = $pw;
  }
}
$pw{'AAD3B435B51404EE'} = '';

foreach my $user (keys %users) {
  if(0) {
    if((defined $userntlm{$user}) and (not defined $pw{$userntlm{$user}})) {
      print "$user\t0\t".$userntlm{$user};
      my $tab = 0;
      if(defined $userlm1{$user} and defined $pw{$userlm1{$user}}) {
        print "\t";
        $tab = 1;
        print $pw{$userlm1{$user}};
      }
      if(defined $userlm2{$user} and defined $pw{$userlm2{$user}}) {
        if(not $tab) {
          print "\t";
        }
        print $pw{$userlm2{$user}};
      }
      print "\n";
    }
  }
  if(defined $userlm1{$user} and 
     defined $userlm2{$user} and
     defined($pw{$userlm1{$user}}) and 
     defined($pw{$userlm2{$user}})) {
    next;
  }    
  if(defined $userlm1{$user} and not defined $pw{$userlm1{$user}}) {
    #print "$user\t1\t".$userlm1{$user}."\n";
    print "$users{$user}\n";
    next;
  }
  if(defined $userlm2{$user} and not defined $pw{$userlm2{$user}}) {
    #print "$user\t2\t".$userlm2{$user}."\n";
    print "$users{$user}\n";
    next;
  }
  if(not defined $userlm1{$user} and 
     not defined $userlm2{$user} and
     defined $userntlm{$user} and 
     not defined $pw{$userntlm{$user}}) {
    print STDERR "LM hash not defined: Use NTLM brute-force.\n";
    print STDERR "$users{$user}\n";
    print "$users{$user}\n";
    next;
  }
}

__END__


434D598B51F7F611
AAD3B435B51404EE