public static BruteForce.Hash CastAnalyzerHashToBruteForceHash(PcapAnalyzer.NetworkHash hash) { BruteForce.Hash res = null; if (hash is PcapAnalyzer.HttpDigestHash) { res = CastAnalyzerHashToBruteForceHash(hash as PcapAnalyzer.HttpDigestHash); } else if (hash is PcapAnalyzer.CramMd5Hash) { res = CastAnalyzerrHashToBruteForceHash(hash as PcapAnalyzer.CramMd5Hash); } else if (hash is PcapAnalyzer.NtlmHash) { res = CastAnalyzerrHashToBruteForceHash(hash as PcapAnalyzer.NtlmHash); } else if (hash is PcapAnalyzer.KerberosHash) { res = CastAnalyzerrHashToBruteForceHash(hash as PcapAnalyzer.KerberosHash); } else { throw new Exception("Hash type not supported"); } return(res); }
public void HandleHash(PcapAnalyzer.NetworkHash hash) { // Usually the hashes username is named "User" \ "Username". var user = GetPropValue(hash, "User"); var username = GetPropValue(hash, "Username"); var displayUserName = user != null ? user : username; if (displayUserName != null) { var domain = GetPropValue(hash, "Domain"); if (domain != null) { if (domain.ToString().Length > 0) { displayUserName = domain.ToString() + @"\" + displayUserName; } } var edgeText = $"{hash.HashType} Hash"; AddEdge(displayUserName.ToString(), hash.Destination, edgeText); _graph.FindNode(displayUserName.ToString()).Attr.FillColor = Microsoft.Msagl.Drawing.Color.LightGreen; } }