OK so someone challenged me today to crack a single word encrypted with sha256 in under 80 years.....After I stopped lol'ing i decided to give it a go..
first you need a word encrypted in sha256 - here is a nice one to test with
4e388ab32b10dc8dbc7e28144f552830adc74787c1e2c0824032078a79f227fb
now you need a box installed with python...lucky for me i have that already set up.
so now you need two more things, first a dictionary of words - easy to find online so i wont bother with that...and secondly and most importantly you need a cracker. thankfully for me someone already wrote one :)
http://packetstormsecurity.org/Crackers/aiocracker.py.txt
now incase that gets taken down for some reason im including it here
#Attempts to crack hash ( md5, sha1, sha256, sha384, sha512) against any givin wordlist.
import os, sys ,hashlib
if len(sys.argv) != 4:
print " \n beenudel1986@gmail.com"
print "\n\nUsage: ./hash.py "
print "\n Example: /hash.py "
sys.exit(1)
algo=sys.argv[1]
pw = sys.argv[2]
wordlist = sys.argv[3]
try:
words = open(wordlist, "r")
except(IOError):
print "Error: Check your wordlist path\n"
sys.exit(1)
words = words.readlines()
print "\n",len(words),"words loaded..."
file=open('cracked.txt','a')
if algo == 'md5':
for word in words:
hash = hashlib.md5(word[:-1])
value = hash.hexdigest()
if pw == value:
print "Password is:",word,"\n"
file.write("\n Cracked Hashes\n\n")
file.write(pw+"\t\t")
file.write(word+"\n")
if algo == 'sha1':
for word in words:
hash = hashlib.sha1(word[:-1])
value = hash.hexdigest()
if pw == value:
print "Password is:",word,"\n"
file.write("\n Cracked Hashes\n\n")
file.write(pw+"\t\t")
file.write(word+"\n")
if algo == 'sha256':
for word in words:
hash = hashlib.sha256(word[:-1])
value = hash.hexdigest()
if pw == value:
print "Password is:",word,"\n"
file.write("\n Cracked Hashes\n\n")
file.write(pw+"\t\t")
file.write(word+"\n")
if algo == 'sha384':
for word in words:
hash = hashlib.sha384(word[:-1])
value = hash.hexdigest()
if pw == value:
print "Password is:",word,"\n"
file.write("\n Cracked Hashes\n\n")
file.write(pw+"\t\t")
file.write(word+"\n")
if algo == 'sha512':
for word in words:
hash = hashlib.sha512(word[:-1])
value = hash.hexdigest()
if pw == value:
print "Password is:",word,"\n"
file.write("\n Cracked Hashes\n\n")
file.write(pw+"\t\t")
file.write(word+"\n")
just copy that into a file called cracker.py, right now you have that you need to install hashlib into python...this is the tricky bit :)
http://code.krypto.org/python/hashlib/
go and download that and then do the following
sudo tar -zxvf hashlib-20060408a.tar.gz
cd hashlib-20060408a/
python setup.py build
sudo python setup.py install
now cd to where you put cracker.py and type the following
python cracker.py sha256 4e388ab32b10dc8dbc7e28144f552830adc74787c1e2c0824032078a79f227fb dictionary.txt
and you should see somthing similar to below
python cracker.py sha256 4e388ab32b10dc8dbc7e28144f552830adc74787c1e2c0824032078a79f227fb dictionary.txt
15 words loaded...
Password is: spam
Obviously I used a tiny dictionary for this example :)
skip to main |
skip to sidebar
Useful and instructive posts for those into computers (warning may stray slightly into the dark grey area of hats)
For more cultural and entertaining links visit our sister site www.aheadofthetimes.co.uk - NOW SHUT DOWN!
Current Visitors
Links Of Interest
Blog Archive
-
▼
2008
(24)
-
▼
July
(17)
- SSH - Shitty Stupid Hack
- IRC for the mtv generation
- apache2
- extracting URLs
- more scripting goodness
- kde/kubuntu and samba
- so long and thanks for all the fish!
- cracking md5 or sha1 or sha256 or sha384 or sha512
- Word frequencies...from files
- dictionary attacks on RAR files.
- Disable "will not be installed because it does not...
- Ubuntu sound lost after upgrade.
- SSHFS
- Hacking for dummies.
- Finding files...
- Securing Backups
- I Have decided to move all the IT posts from ahead...
-
▼
July
(17)