Follow us on Twitter!
You cannot teach a man anything; you can only help him find it within himself. - Galileo
Sunday, April 20, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 24
Guests Online: 22
Members Online: 2

Registered Members: 82843
Newest Member: hx47
Latest Articles
View Thread

HellBound Hackers | Computer General | Programming

Author

MD5 Hash Cracker


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-04-06 12:15
I wrote an MD5 Hash cracker. But it needs some explination so I'll just post it in the forums, also because nobody ever checks code bank :P.
First of all, it's written in PHP so you'll need an Apache server to run it. I'll up it to my website aswell, i'll post the link later. The script is using the common passwords wordlist from theargon. http://www.thearg. . .swords.txt

Remember: be patient, cracking a hash takes a while


Expliantion:

set_time_limit(0); (line 7)
this is the timeout limit for your script, in seconds. If it's not executed within this time, it'll stop. 0 means no timeout.

$test_hash=file("http://www.theargon.com/achilles/wordlists/common-passwords.txt"); (line 32)
this is the wordlist that is used to check all the hashes. If you want to use a big one, I suggest that you run the script from your PC and are PATIENT! change http://www.theargon.com/achilles/wordlists/common-passwords.txt to the name of your dictionary, if it's in the same folder it would give something like this: $test_hash=file("wordlist.txt"); The wordlist you're using preferably in .txt format, I don't know about others, they should work.

thats it :) I think the rest is all logic, but if you need more expliantion, let me know.

PLEASE don't come saying it doesnt work, I've tested it like a million times :)

Enjoy!



Code

<title>MD5 Hash Cracker</title>
<font face='georgia' size='3'>
<h1><u>MD5 Hash Cracker</u></h1>
<blockquote>
<?php
//Coded by superpimp, for hellboundhackers.org
set_time_limit(0);
function display_form(){
   echo <<<DISPLAY_FORM
      <p> <p>
      <i>You can check if your hash is in the MD5 database <a href='http://gdataonline.com/seekhash.php' target='new'>here</a></i>
      <body>
      <p> <p><u>Enter your hash below:</u>
      <p>
      <table><form action='index.php' method='post'>
      <tr><td><p>
        <INPUT class='field' type='text' name='md5' size='40'>
      </p>
          <p>  </p></td></tr></p>
      <p><tr><td><p>Test password:
         <INPUT class='field' type='text' name='test' size='15'>
      </p>
          <p>  </p></td></tr>
      <input type="hidden" name="hash" value="1">
      <tr><td><INPUT class=button type=submit value='Crack!'></form></td></tr></table>
      </body>
      </html>
DISPLAY_FORM;
}
function crack_hash(){
   echo "Using the <a href='http://www.theargon.com/achilles/wordlists/common-passwords.txt'>common-passwords.txt</a> wordlist from theargon.\r\n";
   $test_hash=file("http://www.theargon.com/achilles/wordlists/common-passwords.txt");
   $md5=$_POST['md5'];
   $test=$_POST['test'];
   if ($test!=NULL){
      echo "<p>Your hash: ".$md5."<p>\r\n";
      echo "Password to test: ".$test."<p>\r\n";
      if ($md5==md5($test)){
         echo "The tested password is <font color='green'>correct!</font>\r\n";
         exit;
      }
      else{
         echo "The tested password is <font color='red'>not correct!</font>\r\n";         
      }
   }else{echo "<p>Your hash: ".$md5."<p>\r\n";}
   if ($md5==NULL){
      echo "Please enter a hash.\r\n";
   }
   else{
      echo "<p> <p>\r\n";
      echo "<u>Checked Hashes:</u>\r\n";
      echo "<p><i>Scroll down to see the cracked hash.</i>\r\n";
      echo "<blockquote>\r\n";
      foreach($test_hash as $test_hash){
         $hash=trim($test_hash);
         if(md5($hash)==$md5){
            echo "<p>hash cracked!\r\n";
            echo "<br><font color='green'>Plaintext: ".$test_hash."</font><br>\r\n";
            echo "<p><p>Coded by Superpimp\r\n";
            exit;
         }
         else{
            echo "<font color='red'>Bad: ".$test_hash."</font><br>\r\n";
         }
      }
      echo "</blockquote>\r\n";
   }
}
$check=$_POST['hash'];
if(isset($check)){
   crack_hash();
}
else{
   display_form();
}

?>
<p><p>Coded by Superpimp
</blockquote>





-Superpimp

PS: I'm working on a website bruteforcer ;) :D


Author

RE: MD5 Hash Cracker


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-04-06 14:49
Nicely done, I've almost finished my md5 cracker in C++.

Just remember, you don't need an Apache webserver. You could just take out all the html, and replace everything that is entered through a form with command line arguments.

Anyway, good job.