[Ex094]

Nice little tool you got there

Here comes a little suggestion

What database are you using? Does it have hashing functions? If so, then I suggest you add plaintext word as well in its own table to use to look for other combinations than just md5().

This way you can make things more dynamic and easier to add application specific hashing approaches also with salts

Example:
Let's say an application uses md5(md5(salt).password)

In the query you could call something like this (using MySQL for the example)

Code:

SELECT password FROM hashes WHERE MD5(CONCAT(MD5(<salt>),password)) = '<the-hash-provided-by-the-user>'

Salt: shp0ngl3
Hash: 95fc517d1c6a88b3da8a46f35c06f48b

Code:

SELECT password FROM hashes WHERE MD5(CONCAT(MD5('shp0ngl3'),password)) = '95fc517d1c6a88b3da8a46f35c06f48b';

This will return that the plain text password is admin

The method used here is slower than just searching for hashes, but this way you don't need the unique hash for every different salting and hashing combination

Just a suggestion if it's possible

I am using 2 text files, One for hashes and other for the passwords. I'm sorry if I made wrong use of the word "Database"

EDIT: Well I found your suggestion to be pretty useful, TY