Members Online
Total Online: 35 Web Spiders: 14
Guests Online: 30
Members Online: 5
Registered Members: 70200 Newest Member: ScubaSteve
|
View Thread
| Author |
MD5 Hash Cracker |
superpimp
Member
Posts: 113
Location: Belgium
Joined: 17.12.05
Rank: Monster |
|
I wrote an MD5 Hash cracker. But it needs some explination so I'll just post it in the forums, also because nobody ever checks code bank :P.
First of all, it's written in PHP so you'll need an Apache server to run it. I'll up it to my website aswell, i'll post the link later. The scblockedript is using the common passwords wordlist from theargon. http://www.theargon.com/achilles/wordlists/common-passwords.txt
Remember: be patient, cracking a hash takes a while
Expliantion:
set_time_limit(0); (line 7)
this is the timeout limit for your scblockedript, in seconds. If it's not executed within this time, it'll stop. 0 means no timeout.
$test_hash=file("http://www.theargon.com/achilles/wordlists/common-passwords.txt"); (line 32)
this is the wordlist that is used to check all the hashes. If you want to use a big one, I suggest that you run the scblockedript from your PC and are PATIENT! change http://www.theargon.com/achilles/wordlists/common-passwords.txt to the name of your dictionary, if it's in the same folder it would give something like this: $test_hash=file("wordlist.txt"); The wordlist you're using preferably in .txt format, I don't know about others, they should work.
thats it :) I think the rest is all logic, but if you need more expliantion, let me know.
PLEASE don't come saying it doesnt work, I've tested it like a million times :)
Enjoy!
<title>MD5 Hash Cracker</title>
<font face='georgia' size='3'>
<h1><u>MD5 Hash Cracker</u></h1>
<blockquote>
<?php
//Coded by superpimp, for hellboundhackers.org
set_time_limit(0);
function display_form(){
echo <<<DISPLAY_FORM
<p> <p>
<i>You can check if your hash is in the MD5 database <a href='http://gdataonline.com/seekhash.php' target='new'>here</a></i>
<body>
<p> <p><u>Enter your hash below:</u>
<p>
<table><form action='index.php' method='post'>
<tr><td><p>
<INPUT class='field' type='text' name='md5' size='40'>
</p>
<p> </p></td></tr></p>
<p><tr><td><p>Test password:
<INPUT class='field' type='text' name='test' size='15'>
</p>
<p> </p></td></tr>
<input type="hidden" name="hash" value="1">
<tr><td><INPUT class=button type=submit value='Crack!'></form></td></tr></table>
</body>
</html>
DISPLAY_FORM;
}
function crack_hash(){
echo "Using the <a href='http://www.theargon.com/achilles/wordlists/common-passwords.txt'>common-passwords.txt</a> wordlist from theargon.\r\n";
$test_hash=file("http://www.theargon.com/achilles/wordlists/common-passwords.txt");
$md5=$_POST['md5'];
$test=$_POST['test'];
if ($test!=NULL){
echo "<p>Your hash: ".$md5."<p>\r\n";
echo "Password to test: ".$test."<p>\r\n";
if ($md5==md5($test)){
echo "The tested password is <font color='green'>correct!</font>\r\n";
exit;
}
else{
echo "The tested password is <font color='red'>not correct!</font>\r\n";
}
}else{echo "<p>Your hash: ".$md5."<p>\r\n";}
if ($md5==NULL){
echo "Please enter a hash.\r\n";
}
else{
echo "<p> <p>\r\n";
echo "<u>Checked Hashes:</u>\r\n";
echo "<p><i>Scroll down to see the cracked hash.</i>\r\n";
echo "<blockquote>\r\n";
foreach($test_hash as $test_hash){
$hash=trim($test_hash);
if(md5($hash)==$md5){
echo "<p>hash cracked!\r\n";
echo "<br><font color='green'>Plaintext: ".$test_hash."</font><br>\r\n";
echo "<p><p>Coded by Superpimp\r\n";
exit;
}
else{
echo "<font color='red'>Bad: ".$test_hash."</font><br>\r\n";
}
}
echo "</blockquote>\r\n";
}
}
$check=$_POST['hash'];
if(isset($check)){
crack_hash();
}
else{
display_form();
}
?>
<p><p>Coded by Superpimp
</blockquote>
-Superpimp
PS: I'm working on a website bruteforcer ;) :D
 |
  
|
| Author |
RE: MD5 Hash Cracker |
BobbyB
Member
Posts: 260
Location: England
Joined: 16.03.05
Rank: Monster |
|
Nicely done, I've almost finished my md5 cracker in C++.
Just remember, you don't need an Apache webserver. You could just take out all the html, and replace everything that is entered through a form with command line arguments.
Anyway, good job.
|
|
|
|
|
|
Main:
