Antichat снова доступен.
Форум Antichat (Античат) возвращается и снова открыт для пользователей.
Здесь обсуждаются безопасность, программирование, технологии и многое другое.
Сообщество снова собирается вместе.
Новый адрес: forum.antichat.xyz
24.07.2007, 09:52
|
|
Новичок
Регистрация: 12.10.2006
Сообщений: 6
Провел на форуме:
49485
Репутация:
0
|
|
Помогите в Brute Perla
1) Вообщем скачал я скрипт для пёрла который брутит хэш md5
Код:
############################################################
# MD5BFCPF 'MD5 Brute Force Cracker in Perl with Forking' #
# Written by Michael Stankiewicz #
# Brainstorming-help by Roberto D. Maggi #
# Ver 0.1.0 #
# 2002 01 31 #
# Software under GNU General Public License (GPL)(II Ver.) #
############################################################
# For bugs and suggestions please e-mail me at #
# michael_stankiewicz@yahoo.com #
############################################################
#### FUNCTIONS DEFINITION ##################################
#Function called when SIGNAL ALARM ('SIG{ALRM}') occurs
sub timed_out {
$total_probed+=$co;
$co = $co / $user_probes;
print "Probed $total_probed passwords \@ $co\/sec. Now probing: $probe_string\n";
$co=0;
if ($probes_found) {
alarm ($user_probes);
}
}
#This prints the help, when '-h --help' switch is choosen
sub help {
print "MD5BFCPF \'MD5 Brute Force Cracker in Perl with Forking\' (Version 0.1.0)\n";
print "Usage: perl md5bfcpf-0.1.0.pl [OPTIONS] [FILE]\n";
print "Options:\n";
print "-h, --help Display this text and exit.\n";
print "-v, --version Print version number and exit.\n";
print "-k, --keys [integer] Specify the number of chars on which probe.\n";
print "-p, --probes [integer] Prints the probes every [integer] seconds.\n";
print "-d, --dictionary [filename] Uses given [filename] for generating probes.\n";
print "-u, --user Specify one or more users\n";
print "---- [i.e. 'perl md5bfcpf-0.1.0.pl -u root -u mike -u bill [FILENAME]'\n";
print "-c, --charset Specify one or more charsets BETWEEN:\n";
print " all [default]\n";
print " alpha\n";
print " alpha_lowercase\n";
print " alpha_uppercase\n";
print " numeric\n";
print " symbols\n";
print "---- [i.e. 'perl md5bfcpf-0.1.0.pl -c alpha_lowercase -c numeric [FILENAME]'\n";
print "###\n";
print "Remember: cracking others computer is illegal!!!\n";
print "Disclaimer: The author does NOT take responsabilities for what you do with this software!!!\n";
print "###\n";
print "---Have fun!\n";
}
#This occurs when no arguments is given
sub usage {
print "Usage: perl md5bfcpf [OPTIONS] [FILENAME]\n";
print "Try `perl md5bfcpf --help' for more information.\n";
}
#This adds to the @charset array the lowercase characters
sub alpha_lowercase {
push (@charset, "a");
push (@charset, "b");
push (@charset, "c");
push (@charset, "d");
push (@charset, "e");
push (@charset, "f");
push (@charset, "g");
push (@charset, "h");
push (@charset, "i");
push (@charset, "j");
push (@charset, "k");
push (@charset, "l");
push (@charset, "m");
push (@charset, "n");
push (@charset, "o");
push (@charset, "p");
push (@charset, "q");
push (@charset, "r");
push (@charset, "s");
push (@charset, "t");
push (@charset, "u");
push (@charset, "v");
push (@charset, "w");
push (@charset, "x");
push (@charset, "y");
push (@charset, "z");
}
#This adds to the @charset array the uppercase characters
sub alpha_uppercase {
push (@charset, "A");
push (@charset, "B");
push (@charset, "C");
push (@charset, "D");
push (@charset, "E");
push (@charset, "F");
push (@charset, "G");
push (@charset, "H");
push (@charset, "I");
push (@charset, "J");
push (@charset, "K");
push (@charset, "L");
push (@charset, "M");
push (@charset, "N");
push (@charset, "O");
push (@charset, "P");
push (@charset, "Q");
push (@charset, "R");
push (@charset, "S");
push (@charset, "T");
push (@charset, "U");
push (@charset, "V");
push (@charset, "W");
push (@charset, "X");
push (@charset, "Y");
push (@charset, "Z");
}
#This adds to the @charset array the numeric characters
sub numeric {
push (@charset, "0");
push (@charset, "1");
push (@charset, "2");
push (@charset, "3");
push (@charset, "4");
push (@charset, "5");
push (@charset, "6");
push (@charset, "7");
push (@charset, "8");
push (@charset, "9");
}
#This adds to the @charset array the other characters (to be completed)
sub symbols {
push (@charset, "!");
push (@charset, "\"");
push (@charset, "Ј");
push (@charset, "\$");
push (@charset, "%");
push (@charset, "\&");
push (@charset, "/");
push (@charset, "\(");
push (@charset, "\)");
push (@charset, "=");
}
#### END OF FUNCTION DEFINITION ############################
#### COMMAND LINE PARSER ###################################
#Every 'for' block parses the command line arguments, given by the @ARGV array
if ($ARGV[0] ne "") {
#This prints out the help
for ($argv_counter=0; $ARGV[$argv_counter]; $argv_counter++) {
if (($ARGV[$argv_counter] eq "-h") || ($ARGV[$argv_counter] eq "--help")) {
&help();
exit;
}
}
#This prints out the version
for ($argv_counter=0; $ARGV[$argv_counter]; $argv_counter++) {
if (($ARGV[$argv_counter] eq "-v") || ($ARGV[$argv_counter] eq "--version")) {
print "MD5BFCPF \'MD5 Brute Force Cracker in Perl with Forking\'\n";
print "Version 0.1.0\n";
exit;
}
}
#This checks if '-k --keys' switch is given
for ($argv_counter=0; $ARGV[$argv_counter]; $argv_counter++) {
if (($ARGV[$argv_counter] eq "-k") || ($ARGV[$argv_counter] eq "--keys")) {
$keys_found=1;
$keys=$ARGV[$argv_counter+1];
#And if it is a valid choice (to do: regexp to check valid input)
if ($keys == 0) {
print "!!!\n";
print "Warning: Please enter an integer greater than 0\n";
exit;
}
}
}
#This checks if '-p --probes' switch is given
for ($argv_counter=0; $ARGV[$argv_counter]; $argv_counter++) {
if (($ARGV[$argv_counter] eq "-p") || ($ARGV[$argv_counter] eq "--probes")) {
$probes_found=1;
$user_probes = $ARGV[$argv_counter+1]
}
}
#This checks if '-d --dictionary' switch is given
for ($argv_counter=0; $ARGV[$argv_counter]; $argv_counter++) {
if (($ARGV[$argv_counter] eq "-d") || ($ARGV[$argv_counter] eq "--dictionary")) {
$dictionary_found=1;
$dictionary_file = $ARGV[$argv_counter+1]
}
}
#Default for probe printing time if no custom is given: half an hour
if (!$probes_found) {
$user_probes = 1800;
print "Working... status will be printed every 30 minutes\n";
}
#This checks if '-c --charset' switch is given
for ($argv_counter=0; $ARGV[$argv_counter]; $argv_counter++) {
if (($ARGV[$argv_counter] eq "-c") || ($ARGV[$argv_counter] eq "--charset")) {
#This block checks which kind of charset was choosen
#And adds the relative charset to '@charset' array with functions above
if ($ARGV[$argv_counter+1] eq "all") {
$all_found=1;
}
if ($ARGV[$argv_counter+1] eq "alpha") {
$alpha_found=1;
&alpha_lowercase();
&alpha_uppercase();
}
if ($ARGV[$argv_counter+1] eq "alpha_lowercase") {
$alpha_lowercase_found=1;
&alpha_lowercase();
}
if ($ARGV[$argv_counter+1] eq "alpha_uppercase") {
$alpha_uppercase_found=1;
&alpha_uppercase();
}
if ($ARGV[$argv_counter+1] eq "numeric") {
$numeric_found=1;
&numeric();
}
if ($ARGV[$argv_counter+1] eq "symbols") {
$symbols_found=1;
&symbols();
}
}
}
#This checks if '-u --user' switch is given
for ($argv_counter=0; $ARGV[$argv_counter]; $argv_counter++) {
if (($ARGV[$argv_counter] eq "-u") || ($ARGV[$argv_counter] eq "--users")) {
$users_found=1;
push(@users, $ARGV[$argv_counter+1]);
}
}
}
#This prints out the usage if no argument is given
if ($ARGV[0] eq "") {
&usage();
exit;
}
#### END OF COMMAND LINE PARSER ############################
#### BEGIN OF CODE #########################################
#Controls if no user-defined charser is given
if ((!$all_found) && (!$alpha_found) && (!$alpha_uppercase_found) && (!$alpha_lowercase_found) && (!$numeric_found) && (!$symbols_found)) {
&alpha_uppercase();
&alpha_lowercase();
&numeric();
&symbols();
}
#Controls if user-defined 'all' charser is given
if (($all_found) && (!$alpha_found) && (!$alpha_uppercase_found) && (!$alpha_lowercase_found) && (!$numeric_found) && (!$symbols_found)) {
&alpha_uppercase();
&alpha_lowercase();
&numeric();
&symbols();
}
#Counts the items in the charset array
$charset_items=$#charset;
#Open the file containing shadows, taking from last command line argument
open(shadow_file, "<$ARGV[-1]") or die "Error in reading \'$ARGV[-1]\' check if file exists!!!\n";
while($shadow_file_string=<shadow_file>) {
#Regexp that gets usernames,salts and shadows
if ($shadow_file_string =~ /^(.*?):(\$1\$.*?)\$(.*?):/i) {
push(@file_users,$1);
push(@salts,$2);
push(@shadows,$3);
}
}
close(shadow_file);
#If no custom users is given, copy @file_users in @users
if (!$users_found) {
foreach (@file_users) {
push (@users,$_);
}
}
#If custom users is given, populate @custom_salts and
#@custom_shadows with corrispective in @salts and @shadows
if ($users_found) {
#This checks if all given users are found in the shadow file
$user_counter=0;
while ($users[$user_counter]) {
$file_counter=0;
$user_ok=0;
while ($file_users[$file_counter]) {
if ($users[$user_counter] eq $file_users[$file_counter]) {
$user_ok=1;
}
$file_counter++;
}
$user_counter++;
if ($user_ok == 0) {
print "Error: custom users not found, check file '$ARGV[-1]'\n";
exit;
}
}
#This eliminates users not selected from @users, @salts and @shadows arrays, for speed up
#Only if user custom users are given (i.e.: -u root)
$user_counter=0;
while ($users[$user_counter]) {
$file_counter=0;
while ($file_users[$file_counter]) {
$counter=0;
if ($file_users[$file_counter] eq $users[$user_counter]) {
if ($salts[$file_counter] ne "") {
push (@custom_salts,$salts[$file_counter]);
}
if ($salts[$file_counter] eq "") {
print "Error: user $file_users[$file_counter] has bad salt format in file \'$ARGV[-1]\'\n";
exit;
}
if ($shadows[$file_counter] ne "") {
push (@custom_shadows,$shadows[$file_counter]);
}
if ($shadows[$file_counter] eq "") {
print "Error: user $file_users[$file_counter] has bad shadow format in file \'$ARGV[-1]\'\n";
exit;
}
}
$file_counter++;
}
$counter++;
$user_counter++;
}
$counter=0;
#Destroy the '@salts' array and replace with '@custom_salts' array
#In that way the probes is done only on given users
while ($salts[$counter]) {
$salts[$counter]=0;
$salts[$counter]=$custom_salts[$counter];
$counter++;
}
$counter=0;
#Destroy the '@shadows' array and replace with '@custom_shadows' array
while ($shadows[$counter]) {
$shadows[$counter]=0;
$shadows[$counter]=$custom_shadows[$counter];
$counter++;
}
}
#Define the action to perform when alarm event occurs (calls the 'timed_out' function)
#Thanks to 'Tom Christiansen' and Oreilly's book 'Advanced Perl Programming' for this workaround
$SIG{ALRM} = \&timed_out;
alarm ($user_probes);
#Counter of probes
$co=0;
#Here starts the show
if ((!$keys_found) and (!$dictionary_found)) {
#Loops as many times as the number of elements in the '@charset' array
while ($#charset_step_inc <= $#charset) {
push (@charset_step_inc, 0);
$a=0;
while ($charset_step_inc[$a]) {
$charset_step_inc[$a]=0;
$a++;
}
THE_LOOP: while () {
$t=0;
$modified=0;
foreach (@charset_step_inc) {
if (($charset_step_inc[$t] < $charset_items) && (!$modified)) {
$probe_string="";
for ($i=0;$i<=$#charset_step_inc;$i++) {
$probe_string.=@charset[$charset_step_inc[$i]];
}
$pwd_track=0;
foreach (@users) {
if ($users[$pwd_track] ne "") {
$pwd_probe=crypt($probe_string,$salts[$pwd_track]);
$co++;
if ($pwd_probe eq $salts[$pwd_track]."\$".$shadows[$pwd_track]) {
print "\n\nFOUND PASSWORD FOR USER: $users[$pwd_track] PASSWD: $probe_string\n";
#This deletes the user of which we own the password from the list of users in the '@users' array
$users[$pwd_track]="";
$aybabtu=0;
#This checks if there are still users to probe on
foreach (@users) {
if ($_ ne "") {
$aybabtu=1;
}
}
if (!$aybabtu) {
print "\n\nFound all given passwords, exiting\n";
exit;
}
}
}
$pwd_track++;
}
$charset_step_inc[$t]++;
if ($charset_step_inc[$t] => $charset_items) {
$d=0;
while ($d != $t) {
$charset_step_inc[$d]=0;
$d++;
}
}
$modified=1;
}
$t++;
}
$end_value=0;
#If no more characters to be probe are found, $end_value will be void and THE_LOOP will exit
foreach (@charset_step_inc) {
if ($_ != $charset_items) {
$end_value++;
}
}
last THE_LOOP if $end_value==0;
}
$probe_string="";
foreach (@charset_step_inc) {
$probe_string.=$charset[-1];
}
$pwd_track=0;
foreach (@users) {
if ($users[$pwd_track] ne "") {
$pwd_probe=crypt($probe_string,$salts[$pwd_track]);
$co++;
if ($pwd_probe eq $salts[$pwd_track]."\$".$shadows[$pwd_track]) {
print "\n\nFOUND PASSWORD FOR USER: $users[$pwd_track] PASSWD: $probe_string\n";
$users[$pwd_track]="";
$aybabtu=0;
foreach (@users) {
if ($_ ne "") {
$aybabtu=1;
}
}
if (!$aybabtu) {
print "\n\nFound all given passwords, exiting\n";
exit;
}
}
}
$pwd_track++;
}
}
}
#This block occurs if '-k --keys' switch is given
if (($keys_found) and (!$dictionary_found)) {
for ($v=1;$v<=$keys;$v++) {
push(@charset_step_inc, 0);
}
THE_LOOP: while () {
$t=0;
$modified=0;
foreach (@charset_step_inc) {
if (($charset_step_inc[$t] < $charset_items) && (!$modified)) {
$probe_string="";
for ($i=0;$i<=$#charset_step_inc;$i++) {
$probe_string.=$charset[$charset_step_inc[$i]];
}
$pwd_track=0;
foreach (@users) {
if ($users[$pwd_track] ne "") {
$pwd_probe=crypt($probe_string,$salts[$pwd_track]);
$co++;
if ($pwd_probe eq $salts[$pwd_track]."\$".$shadows[$pwd_track]) {
print "\n\nFOUND PASSWORD FOR USER: $users[$pwd_track] PASSWD: $probe_string\n";
$users[$pwd_track]="";
$aybabtu=0;
foreach (@users) {
if ($_ ne "") {
$aybabtu=1;
}
}
if (!$aybabtu) {
print "\n\nFound all given passwords, exiting\n";
exit;
}
}
}
$pwd_track++;
}
$charset_step_inc[$t]++;
if ($charset_step_inc[$t] => $charset_items) {
$d=0;
while ($d != $t) {
$charset_step_inc[$d]=0;
$d++;
}
}
$modified=1;
}
$t++;
}
$end_value=0;
foreach (@charset_step_inc) {
if ($_ != $charset_items) {
$end_value++;
}
}
last THE_LOOP if $end_value==0;
}
$probe_string="";
foreach (@charset_step_inc) {
$probe_string.=$charset[-1];
}
$pwd_track=0;
foreach (@users) {
if ($users[$pwd_track] ne "") {
$pwd_probe=crypt($probe_string,$salts[$pwd_track]);
$co++;
if ($pwd_probe eq $salts[$pwd_track]."\$".$shadows[$pwd_track]) {
print "\n\nFOUND PASSWORD FOR USER: $users[$pwd_track] PASSWD: $probe_string\n";
$users[$pwd_track]="";
$aybabtu=0;
foreach (@users) {
if ($_ ne "") {
$aybabtu=1;
}
}
if (!$aybabtu) {
print "\n\nFound all given passwords, exiting\n";
exit;
}
}
}
$pwd_track++;
}
$total_probed+=$co;
print "\n\nProbed: $total_probed passwords\n";
}
#This block occurs if '-d --dictionary' switch is given
if ($dictionary_found) {
open(dic_file, "<$dictionary_file") or die "Error in reading \'$dictionary\' check if file exists!!!\n";
#The use of chomp() function is to avoid the 'carriage return' characther to be part of the probe
while (chomp($probe_string = <dic_file>)) {
$pwd_track=0;
foreach (@users) {
if ($users[$pwd_track] ne "") {
$pwd_probe=crypt($probe_string,$salts[$pwd_track]);
$co++;
if ($pwd_probe eq $salts[$pwd_track]."\$".$shadows[$pwd_track]) {
print "\n\nFOUND PASSWORD FOR USER: $users[$pwd_track] PASSWD: $probe_string\n";
$users[$pwd_track]="";
$aybabtu=0;
foreach (@users) {
if ($_ ne "") {
$aybabtu=1;
}
}
if (!$aybabtu) {
print "\n\nFound all given passwords, exiting\n";
exit;
}
}
}
$pwd_track++;
}
}
$total_probed+=$co;
print "\n\nProbed: $total_probed passwords\n";
close(dic_file);
}
#### END OF CODE ###########################################
2)Скачал ActivePerl 5.8.
Теперь подскажите как запустить скрипт md5.pl
чтобы сбрутить этот хэш 3aca5b830872cb0d55a55a9301877a7c
Всем спасибо кто внятно ответит) |
|
|
|
|
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
|
|
|
|
Похожие темы
Древовидный вид