crosscutsaw
diff --git a/‎README.md
Lines changed: 7 additions & 7 deletions b/‎README.md
Lines changed: 7 additions & 7 deletions
diff --git a/‎pyproject.toml
Lines changed: 1 addition & 1 deletion b/‎pyproject.toml
Lines changed: 1 addition & 1 deletion
diff --git a/‎revealhashed/core.py
Lines changed: 20 additions & 13 deletions b/‎revealhashed/core.py
Lines changed: 20 additions & 13 deletions
diff --git a/‎rp1.PNG
5.08 KB b/‎rp1.PNG
5.08 KB
diff --git a/‎rp2.PNG
-7.25 KB b/‎rp2.PNG
-7.25 KB
diff --git a/‎rp3.PNG
-158 Bytes b/‎rp3.PNG
-158 Bytes
@@ -1,5 +1,5 @@
 
-## about revealhashed-python v0.1.3
+## about revealhashed-python v0.1.4
 revealhashed is a streamlined utility to correlate ntds usernames, nt hashes, and cracked passwords in one view while cutting out time-consuming manual tasks.  
 
 ## how to install
@@ -10,14 +10,14 @@ from github:
 `pipx install git+https://github.com/crosscutsaw/revealhashed-python`  
 
 from deb package:  
-`wget https://github.com/crosscutsaw/revealhashed-python/releases/latest/download/revealhashed_0.1.3_all.deb; apt install ./revealhashed_0.1.3_all.deb'`  
+`wget https://github.com/crosscutsaw/revealhashed-python/releases/latest/download/revealhashed_0.1.4_all.deb; apt install ./revealhashed_0.1.4_all.deb'`  
 
 ## don't want to install?
 grab revealhashed binary from [here](https://github.com/crosscutsaw/revealhashed-python/releases/latest/download/revealhashed).  
 
 ## how to use
 ```
-revealhashed v0.1.3
+revealhashed v0.1.4
 
 usage: revealhashed [-h] [-r] {dump,reveal} ...
 
@@ -35,7 +35,7 @@ just execute `revealhashed -r` to remove contents of ~/.revealhashed
 
 ### revealhashed dump
 ```
-revealhashed v0.1.3
+revealhashed v0.1.4
 
 usage: revealhashed dump [-h] [-debug] [-hashes HASHES] [-no-pass] [-k] [-aesKey AESKEY] [-dc-ip DC_IP] [-codec CODEC] -w WORDLIST WORDLIST2 [WORDLIST WORDLIST2 ...] [-e] [-nd] [-csv] target
 ```
@@ -45,14 +45,14 @@ this command executes [zblurx's ntdsutil.py](https://github.com/zblurx/ntdsutil.
 -w (wordlist) switch is needed. one or more wordlists can be supplied.    
 -e (enabled-only) switch is not needed but suggested. it's self explanatory; only shows enabled users.  
 -nd (no-domain) switch hides domain names in usernames.  
--csv (csv) switch is self explanatory; saves output to csv instead txt.  
+-csv (csv) switch is self explanatory; saves output to csv, together with txt.  
 
 for example:  
 `revealhashed dump '<domain>/<username>:<password>'@<dc_ip> -w wordlist1.txt wordlist2.txt -e -nd -csv`
 
 ### revealhashed reveal
 ```
-revealhashed v0.1.3
+revealhashed v0.1.4
 
 usage: revealhashed reveal [-h] [-ntds NTDS] [-nxc] [-w WORDLIST WORDLIST2 [WORDLIST WORDLIST2 ...]] [-e] [-nd] [-csv]
 
@@ -75,7 +75,7 @@ _ntds file should contain usernames and hashes. it should be not ntds.dit. examp
 -w (wordlist) switch is needed. one or more wordlists can be supplied.  
 -e (enabled-only) switch is not needed but suggested. it's self explanatory; only shows enabled users.  
 -nd (no-domain) switch hides domain names in usernames.  
--csv (csv) switch is self explanatory; saves output to csv instead txt.  
+-csv (csv) switch is self explanatory; saves output to csv, together with txt.  
 
 for example:  
 `revealhashed reveal -ntds <ntds_file>.ntds -w wordlist1.txt -e -nd -csv`  
 
@@ -1,6 +1,6 @@
 [project]
 name = "revealhashed"
-version = "0.1.3"
+version = "0.1.4"
 description = "Dump or analyze existing NTDS data, crack NT hashes with hashcat and match them to their corresponding user accounts."
 authors = [{ name = "aslan emre aslan", email = "emre@zurrak.com" }]
 license = { text = "MIT" }
 
@@ -7,9 +7,12 @@
 import shutil
 import sys
 import csv
+import logging
 from collections import defaultdict
 from datetime import datetime
 from pathlib import Path
+
+# hide secretsdump hash output
 from contextlib import redirect_stdout
 
 # zblurx's ntdsutil.py
@@ -32,6 +35,9 @@
 BOLD_WHITE = "\033[1;37m"
 RESET = "\033[0m"
 
+# hide secretsdump info outputs
+logging.getLogger("impacket").disabled = True
+
 def parse_args():
     parser = argparse.ArgumentParser(
         description=""
@@ -174,25 +180,26 @@ def reveal_credentials(individual_ntds_path, cracked_hashes, session_dir, enable
     for _, _, line_out, _ in output_lines:
         print(line_out)
 
+    output_file_txt = session_dir / "revealhashed.txt"
+    with open(output_file_txt, "w") as outf:
+        for password_key, user, _, status in output_lines:
+            status_str = " <disabled>" if status == "disabled" else ""
+            outf.write(f"{user:<40} {password_key}{status_str}\n")
+
+    print(f"\n{BOLD_GREEN}[+]{RESET} Output saved to {output_file_txt}")
+
     if to_csv:
-        output_file = session_dir / "revealhashed.csv"
-        with open(output_file, "w", newline="") as outf:
+        output_file_csv = session_dir / "revealhashed.csv"
+        with open(output_file_csv, "w", newline="") as outf:
             writer = csv.writer(outf)
             writer.writerow(["Username", "Password", "Status"])
             for password_key, user, _, status in output_lines:
                 stat = "disabled" if status == "disabled" else ""
                 writer.writerow([user, password_key, stat])
-    else:
-        output_file = session_dir / "revealhashed.txt"
-        with open(output_file, "w") as outf:
-            for password_key, user, _, status in output_lines:
-                status_str = " <disabled>" if status == "disabled" else ""
-                outf.write(f"{user:<40} {password_key}{status_str}\n")
-
-    print(f"\n{BOLD_GREEN}[+]{RESET} Output saved to {output_file}")
+        print(f"{BOLD_GREEN}[+]{RESET} Output saved to {output_file_csv}")
 
 def main():
-    print(f"\n{BOLD_BLUE}revealhashed v0.1.3{RESET}\n")
+    print(f"\n{BOLD_BLUE}revealhashed v0.1.4{RESET}\n")
 
     parser = parse_args()
     args = parser.parse_args()
@@ -239,7 +246,7 @@ def main():
             local_ops = LocalOperations(str(system_path))
             boot_key = local_ops.getBootKey()
 
-            with open(os.devnull, 'w') as fnull, redirect_stdout(fnull):
+            with open(os.devnull, 'w') as fnull, redirect_stdout(fnull): # hide secretsdump hash output
                 ntds = NTDSHashes(
                     str(ntds_path),
                     boot_key,
@@ -337,7 +344,7 @@ def main():
 if __name__ == "__main__":
     main()
 
-# revealhashed v0.1.3
+# revealhashed v0.1.4
 # 
 # contact options
 # mail: https://blog.zurrak.com/contact.html