From 1b0bc92657ba5dfebe7676504a69bb8379d2622a Mon Sep 17 00:00:00 2001 From: Romke van Dijk Date: Wed, 15 Jan 2025 18:11:05 +0100 Subject: [PATCH] Small moving / renaming of files. Adding TLS configuration setup. --- doc/advanced.md | 33 ------ doc/advanced_usage/docker.md | 2 + doc/advanced_usage/generic_cracker.md | 0 doc/advanced_usage/slow_hashes.md | 7 ++ doc/advanced_usage/tls.md | 107 ++++++++++++++++++ .../advanced_hashlist.md | 0 .../settings_and_configuration.md | 0 .../user_manual.md | 0 mkdocs.yml | 20 +++- 9 files changed, 131 insertions(+), 38 deletions(-) delete mode 100644 doc/advanced.md create mode 100644 doc/advanced_usage/docker.md create mode 100644 doc/advanced_usage/generic_cracker.md create mode 100644 doc/advanced_usage/slow_hashes.md create mode 100644 doc/advanced_usage/tls.md rename doc/{User_Manual => user_manual}/advanced_hashlist.md (100%) rename doc/{User_Manual => user_manual}/settings_and_configuration.md (100%) rename doc/{User_Manual => user_manual}/user_manual.md (100%) diff --git a/doc/advanced.md b/doc/advanced.md deleted file mode 100644 index 136325196..000000000 --- a/doc/advanced.md +++ /dev/null @@ -1,33 +0,0 @@ -# Advanced usage - -## Generic Crackers - -Custom crackers which should be able to get distributed with Hashtopolis need to fulfill some minimal requirements as command line options. Shown here with the help function of a generic example implementation (which is available [here](https://github.com/hashtopolis/generic-cracker)): - -``` -cracker.exe [options] action -Generic Cracker compatible with Hashtopolis - -Options: - -m, --mask Use mask for attack - -w, --wordlist Use wordlist for attack - -a, --attacked-hashlist Hashlist to attack - -s, --skip Keyspace to skip at the beginning - -l, --length Length of the keyspace to run - --timeout Stop cracking process after fixed amount of time - -Arguments: - action Action to execute ('keyspace' or 'crack') -``` - -`-m` and `-w` are used to specify the type of attack, but these options are not mandatory to look like this. - -Please note that not all Hashtopolis clients are compatible with generic cracker binaries (check their README) and if there are slight differences in the cracker compared to the generic requirements there might be changes required on the client to adapt to another handling schema. - -## Slow Algorithms - -To extract all Hashcat modes which are flagged as slow hashes, following command can be run inside the hashcat directory: - -``` -grep -Hr SLOW_HASH src/modules/ | cut -d: -f1 | sort | cut -d'.' -f1 | sed 's/src\/modules\/module_[0]\?//g' -``` diff --git a/doc/advanced_usage/docker.md b/doc/advanced_usage/docker.md new file mode 100644 index 000000000..d3185ca92 --- /dev/null +++ b/doc/advanced_usage/docker.md @@ -0,0 +1,2 @@ +# Docker +Maybe a page here with some docker internals? \ No newline at end of file diff --git a/doc/advanced_usage/generic_cracker.md b/doc/advanced_usage/generic_cracker.md new file mode 100644 index 000000000..e69de29bb diff --git a/doc/advanced_usage/slow_hashes.md b/doc/advanced_usage/slow_hashes.md new file mode 100644 index 000000000..159b6c1ea --- /dev/null +++ b/doc/advanced_usage/slow_hashes.md @@ -0,0 +1,7 @@ +# Slow Algorithms + +To extract all Hashcat modes which are flagged as slow hashes, following command can be run inside the hashcat directory: + +``` +grep -Hr SLOW_HASH src/modules/ | cut -d: -f1 | sort | cut -d'.' -f1 | sed 's/src\/modules\/module_[0]\?//g' +``` diff --git a/doc/advanced_usage/tls.md b/doc/advanced_usage/tls.md new file mode 100644 index 000000000..162fc0822 --- /dev/null +++ b/doc/advanced_usage/tls.md @@ -0,0 +1,107 @@ +# SSL/TLS Setup +On this page the setup proces will be described howto setup SSL for Hashtopolis. Before you continue it is highly recommanded to read [Docker](docker.md). + +## Generate x509 Certificate +First create a folder were we are going to store all of our hashtopolis persistent files. + +```bash + +mkdir hashtopolis/ +cd hashtopolis/ + +``` + +Next generate a self signed certificate + +```bash + +openssl req -x509 -newkey rsa:2048 -keyout nginx.key -out nginx.crt -days 365 -nodes + +``` + +## Setting up docker-compose and env.example + +Please see the [Install](../install.md) page on how to download those settings file. + +1. Edit docker-compose.yaml + +Add the following new container to the `service:` section in the docker-compose.yaml. + +```json + nginx: + container_name: nginx + image: nginx:latest + restart: always + volumes: + - ./nginx.conf:/etc/nginx/nginx.conf:ro + - ./nginx.crt:/etc/nginx/ssl/nginx.crt:ro + - ./nginx.key:/etc/nginx/ssl/nginx.key:ro + ports: + - 443:443 + - 80:80 +``` + +2. Create a nginx.conf + +Make sure that the server_name reflects your real server name. If you have changed the container names inside your docker-compose file, make sure to reflect those changes inside the nginx.conf file below. + +``` +events { + worker_connections 1024; +} + +http { + server { + listen 80; + server_name localhost; + return 301 https://$host$request_uri; + } + + + server { + listen 443 ssl; + server_name localhost; + + ssl_certificate /etc/nginx/ssl/nginx.crt; + ssl_certificate_key /etc/nginx/ssl/nginx.key; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + ssl_ciphers HIGH:!aNULL:!MD5; + + location / { + proxy_pass http://hashtopolis-frontend; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + location /api/v2 { + proxy_pass http://hashtopolis-backend:80/api/v2; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + location /old { + proxy_pass http://hashtopolis-backend/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } +} +``` + +3. Edit the `HASHTOPOLIS_BACKEND_URL` in `.env` to `https://localhost/api/v2` to reflect the changes done above. + +4. Start the containers +``` + +docker compose up + +``` +5. Visit hashtopolis on http://localhost/ the old ui is available via http://localhost/old \ No newline at end of file diff --git a/doc/User_Manual/advanced_hashlist.md b/doc/user_manual/advanced_hashlist.md similarity index 100% rename from doc/User_Manual/advanced_hashlist.md rename to doc/user_manual/advanced_hashlist.md diff --git a/doc/User_Manual/settings_and_configuration.md b/doc/user_manual/settings_and_configuration.md similarity index 100% rename from doc/User_Manual/settings_and_configuration.md rename to doc/user_manual/settings_and_configuration.md diff --git a/doc/User_Manual/user_manual.md b/doc/user_manual/user_manual.md similarity index 100% rename from doc/User_Manual/user_manual.md rename to doc/user_manual/user_manual.md diff --git a/mkdocs.yml b/mkdocs.yml index 13d1c9205..fe9393b7b 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -5,15 +5,25 @@ docs_dir: doc nav: - index.md - install.md - - User_Manual: - - User_Manual/user_manual.md - - User_Manual/advanced_hashlist.md - - User_Manual/settings_and_configuration.md - - advanced.md + - User Manual: + - user_manual/user_manual.md + - user_manual/advanced_hashlist.md + - user_manual/settings_and_configuration.md + - Advanced Usage: + - advanced_usage/tls.md + - advanced_usage/docker.md + - advanced_usage/generic_cracker.md + - advanced_usage/slow_hashes.md - changelog.md + - API Reference: + - APIv2: apiv2.md + theme: name: material logo: assets/images/logo.png + features: + - content.code.copy + - content.action.edit edit_uri: blob/docs/doc/ # Edit the URL to the static branch and folder markdown_extensions: - github-callouts # Add the ability of notes, warnings, etc.