Skip to content

Flags overview

Jump to bottom
Thomas Perkins edited this page Jun 28, 2017 · 3 revisions

This is a full, extensive run down on all the argument flags available to Dagon and what they are capable of doing. There will be no pictures here, just descriptions and examples of using the flag.

Mandatory options

Dagon has some mandatory options that have to be passed in order for the program to run your hashes.

Cracking hashes:

Note: For all arguments that require cracking a hash, you will need to tell Dagon what technique it needs to try, as of now the only technique available is bruteforcing the hash, so you will need to pass the --bruteforce flag along with the other flags, see below for examples:

  • -c/--crack <HASH> provide the -c flag a hash in order for it to start the cracking process. You must provide a hash as an argument to the flag and pass the --bruteforce flag to allow the program to start the cracking, for example: python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce this will attempt to crack the given hash 098f6bcd4621d373cade4e832627b4f6
  • -l/--hash-list <FILE-PATH> provide the -l flag in order to run through a list of hashes and start the cracking process on each hash in the file. File must be in the format of one hash per line. You must provide the full path to the file as an argument to the flag and you must provide the --bruteforce flag so Dagon knows what to do, for example: python dagon.py -l /tmp/shadow-files/hash_list.txt --bruteforce this will start cracking the hashes one at a time, and prompt you if you would like to skip or crack the hash.

Verifying hashes

  • -v/--verify <HASH-TO-VERIFY> provide the -v flag and a hash and attempt to verify the hash type given. Dagon will run the hash through a series of regular expressions and attempt to verify the possible algorithms used during the hashing phase. For example: python dagon.py -v 098f6bcd4621d373cade4e832627b4f6 this will run that hash through a series of regular expressions and output the most likely types of hashes could have been used to hash the string.
  • -V/--verify-list <PATH-TO-HASH-FILE> provide the -V flag followed by a path to a file and Dagon will run through each file and attempt to verify the hash that is read from the file. Dagon will keep a count of how many hashes are in the file along with prompt you if you want to try and verify the hash. Example: python dagon.py -V /tmp/shadow-files/hash_list.txt

Example of a correctly formatted hash file:

9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
098f6bcd4621d373cade4e832627b4f6
db346d691d7acc4dc2625db19f9e3f52
cf80cd8aed482d5d1527d7dc72fceff84e6326592848447d2dc0b0e87dfc9a90
ae2b1fca515949e5d54fb22b8ed95575
0c2be0003f0debdcf644525bdaf6e45d
c29a4b42073219ba62efff97387973eb72dcfbc1e126e7b45c7dc7d1960b911e
d941191e51e81390343e12b159bb123f
8fe7f927cae4e2c840d05a489575a2be

Manipulation arguments

These arguments are used to manipulate the way the hash is formed, they range from salts, to what algorithm should be used

Salt manipulations

  • -S/--salt <SALT>, <PLACEMENT> this flag will allow you to create your own customized salt and add choose the placement of the salt, (front or back of the hash). What will happen is Dagon will take the salt given, append it to the hash and attempt to crack the hash using the appended salt. Example: python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce -S "test", "back"
  • -R/--rand-salt pass the -R flag to generate random salts and random placements of the salt and Dagon will do the same as providing your own custom salt with the -S flag, if not flags are given for a choice of what you want the salt to be it will default to numbers, the default length is 8 characters. Example: python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce -R
  • --urandom <LENGTH> provide the --urandom flag to generate random bytes of the specified length and use them as the salt, it will also generate a random placement for the salt to be appended to, example: python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce --urandom
  • --use-chars used in conjunction with the -R flag this will use only characters for the randomly generated salt. Example: python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce -R --use-chars
  • --use-int also used in conjunction with the -R flag this will use only integers for the randomly generated salt. Example: python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce -R --use-int
  • You can also use the --use-chars and --use-int flags in with one another to create a random salt of numbers and characters, example: python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce -R --use-chars --use-int
  • --salt-size <LENGTH> used in conjunction with any flag that generates salt flag this will change the size of the salt to a specified length, example: python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce -R --salt-size 12

Misc manipulation arguments

  • --posx <POSITION> this flag will allow you to specify the position of the hash you want to return, it will only take effect on half algorithm functions, such as half MD5. The available positions are front, mid, back if no **--posx** flag is given Dagon will randomly select a position to return, example: **python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce --posx="front"`
  • --use-hex this flag will return the hex version of the hash, for example with CRC32 you have a version that looks like this 0xd87f7e0cL and the hash itself d87f7e0c when the --use-hex flag is given, Dagon will use the hex version of the hash to attempt to crack the hash. Example: python dagon.py -c 0xd87f7e0cL --bruteforce --use-hex

Dictionary attack arguments

These arguments allow you to use a dictionary to do the bruteforcing with, Dagon will automatically create it's own bruteforce dictionary when run for the first time, this dictionary will have all manipulations from aaaaaa to zzzzzzzz.

Using your own dictionary as a wordlist

  • -W/--wordlist <PATH-TO-FILE> provide this flag to use your own wordlist to try and do the cracking with. This will allow you to read from your own personal wordlist and Dagon will skip the generation of it's own personal bruteforce dictionary. Example: python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce -W /tmp/shadow-files/words.txt

Download a wordlist

  • --download if you do not have a wordlist around and you want to download one, you can pass this flag in order to download a wordlist. This flag does not require one of the mandatory flags and will begin a download from a randomly selected base64 encoded link. Example: python dagon.py --download

Technique arguments

These arguments tell the program what technique to use while doing the cracking, as of right now there is only one technique, and that is bruteforce. To use this technique you will need to pass the --bruteforce flag as mentioned above. Example: python dagon.py -c 098f6bcd4621d373cade4e832627b4f6 --bruteforce

Miscellaneous arguments

These arguments are used for random purposes and don't really fit into any of the categories above

  • -L/--least-likely use this in conjunction with either the hash list verification flag -V or the singular hash verification flag -v this will display ALL algorithms that could have been used to create the hash from the most likely to the least likely algorithm. Note: Not all the algorithms displayed will be implemented at this time. Example: python dagon.py -v d941191e51e81390343e12b159bb123f -L
  • -B/--benchmark Run a benchmark test on the program to see how long it took to process, this will show you how quickly the program is capable of finishing your requests, example: python dagon.py -v d941191e51e81390343e12b159bb123f -B
  • --banner show the long version of the banner, this will display Dagon's custom made banner and will not effect any processing, manipulation, timing, or mandatory arguments. Example: python dagon.py -v d941191e51e81390343e12b159bb123f --banner
  • --update this flag does not require one of the mandatory arguments and can be used as a singular flag, it will update the application to the newest development version by pulling the data from github, example: python dagon.py --update
  • --avail-algs this will display all algorithms that Dagon is capable of creating and cracking. It does not require one of the madatory arguments and can be used by itself like the --update flag. Example: python dagon.py --avail-algs
  • --all-algs used in conjunction with the --avail-algs flag, this flag will display the algorithms currently in the process of being created by the order they will be inserted. Example: python dagon.py --avail-algs --all-algs
  • --version pretty self explanatory, show the version number and exit. Does not require a mandatory argument to run, example: python dagon.py --version
  • --batch this flag is used in conjunction with any flag that requires a hash file to be passed. What this will do is skip all the questions, so it will attempt to either verify or crack the hashes one after another without questioning you about it. Example: python dagon.py -l /tmp/shadow-files/hashes.txt --bruteforce --batch
Clone this wiki locally