[HC Official] T0rn - Hash Cracker V.2

Ex094 · 03-15-2014, 06:58 AM

Hey HC! I thought that my previous version of Python MD5 hash cracker had become a little old so decided to do a new one in C++. It includes some new features and for now it supports MD5 but will be adding SHA-1 and other dictionary attack vulnerable hashes. Also I've added OS compatibility for MAC OSX, Linux and Windows which I think was limited to only one OS in my previous version.

Screen Shot:

Main Menu (After loading both Hash and Dictionary, Notice the 'Loaded!' keywords)

Spoiler:

Entering your Hash to Crack

Spoiler:

Successful Crack

Spoiler:

If Hash is Already present in database

Spoiler:

Features:

1) Faster Cracking

2) Introduced a new feature to store cracked hashes automatically in a text file so next
time if the same hash come's around you will be prompted that this hash has been cracked
already and the password is.

3) OS Support added for Linux, MAC OSX, Windows (32bit & 64bit)

4) Will support more hashes (MD5 for now)

Future Update: Will recognize hashes on it's own

How to Crack:

1) Compile the Hash Cracker

2) Put the dictionary file in it's directory (Compiled)

3) Choose option 1 to load dictionary and enter your file name, You will be prompted if it's wrong.

4) Next, Choose option 2 from the menu and enter your MD5 hash.

5) Choose option 3

6) If you are not prompted with anything during the cracking process,
it means that no suitable match case was found in your dictionary

For improvements and suggestions, PM me or comment below Smile

Thank you!

Project Source:

Code:
https://github.com/Ex094/HashCrackerV.2

Psycho_Coder · 03-15-2014, 07:40 AM

Nice tool will be testing it soon. Well I would suggest adding a makefile as well.

Makefile : A file that instructs the program make how to compile and link a program.

http://mrbook.org/tutorials/make/

The Real Slim Shady · 03-15-2014, 07:48 AM

Off topic, but too funny not to share:

I looked at one of your terminal screenshots, then went to close it by clicking the X in the right hand corner, LOL

Ex094 · 03-15-2014, 08:08 AM

(03-15-2014, 07:40 AM)Psycho_Coder Wrote: Nice tool will be testing it soon. Well I would suggest adding a makefile as well.

Makefile : A file that instructs the program make how to compile and link a program.

http://mrbook.org/tutorials/make/

Yeah Sure! I'll make one.

EDIT: Forgot to add Hackcommunity's name, it's now added to the original source code

Deque · 03-15-2014, 12:02 PM

Makefile was also my first thought, but Psycho_Coder was first.
Well done contribution.

RogueCoder · 03-15-2014, 01:34 PM

Nice little tool you got there Smile

Here comes a little suggestion Smile

What database are you using? Does it have hashing functions? If so, then I suggest you add plaintext word as well in its own table to use to look for other combinations than just md5().

This way you can make things more dynamic and easier to add application specific hashing approaches also with salts

Example:
Let's say an application uses md5(md5(salt).password)

In the query you could call something like this (using MySQL for the example)

Code:
SELECT password FROM hashes WHERE MD5(CONCAT(MD5(<salt>),password)) = '<the-hash-provided-by-the-user>'

Salt: shp0ngl3
Hash: 95fc517d1c6a88b3da8a46f35c06f48b

Code:
SELECT password FROM hashes WHERE MD5(CONCAT(MD5('shp0ngl3'),password)) = '95fc517d1c6a88b3da8a46f35c06f48b';

This will return that the plain text password is admin

The method used here is slower than just searching for hashes, but this way you don't need the unique hash for every different salting and hashing combination Smile

Just a suggestion if it's possible Smile

Ex094 · 03-15-2014, 01:49 PM

(03-15-2014, 01:34 PM)shp0ngl3 Wrote: Nice little tool you got there

Here comes a little suggestion

What database are you using? Does it have hashing functions? If so, then I suggest you add plaintext word as well in its own table to use to look for other combinations than just md5().

This way you can make things more dynamic and easier to add application specific hashing approaches also with salts

Example:
Let's say an application uses md5(md5(salt).password)

In the query you could call something like this (using MySQL for the example)

Code:
SELECT password FROM hashes WHERE MD5(CONCAT(MD5(<salt>),password)) = '<the-hash-provided-by-the-user>'

Salt: shp0ngl3
Hash: 95fc517d1c6a88b3da8a46f35c06f48b

Code:
SELECT password FROM hashes WHERE MD5(CONCAT(MD5('shp0ngl3'),password)) = '95fc517d1c6a88b3da8a46f35c06f48b';

This will return that the plain text password is admin

The method used here is slower than just searching for hashes, but this way you don't need the unique hash for every different salting and hashing combination

Just a suggestion if it's possible

I am using 2 text files, One for hashes and other for the passwords. I'm sorry if I made wrong use of the word "Database" Tongue

EDIT: Well I found your suggestion to be pretty useful, TY Biggrin

RogueCoder · 03-15-2014, 04:23 PM

You can do this with text files as well Smile

Just grab the word, hash it and check against the given hash Smile

Edit: You are very welcome my friend Smile

waslgxl · 03-21-2014, 08:45 PM

just to try it out!

Ronan · 03-29-2014, 04:02 PM

Thanks for the share.