[php]#!/usr/bin/perl
#Version 1.2
#print STDERR (join("|",@ARGV),"\n");
use Digest::MD5 qw(md5_hex);
use Term::ANSIColor qw(:constants);
use Getopt::Long;
my $type = "md5";
my $force = "bruteforce";
my $md5 = "md5";
my $computedhash = "";
my $alg;
my $done = 0;
my $timea;
my $timeb;
my $timeg;
my $timemin;
my $timehour;
my $timeday;
my $status;
my $timediff;
my $cnt2;
my $hash;
my $alpnum;
my $salt;
my $strings;
my $begin;
my $end;
my $opt_help;
GetOptions(
"help|?" => \$opt_help,
"algorithm=s" => \$alpnum,
"code=s" => \$hash,
"salt=s" => \$salt,
"words=s" => \$strings,
"begin=s" => \$begin,
"ending=s" => \$end
);
system("cls");
print
" ----- W3studio md5 Hash Cracker for md5 encrypted hashes [Version 1.2] -----\n";
print
"\nCapable to crack standard md5 hashes and \!Joomla md5 hashes up to eleven chars.\n";
print
"\nWe are not responsible for any consequences on use of this application.\n";
print "\n ---------- Use it only for your own purposes ----------\n";
print "\nDeveloped by: Pierre at www.w3studio.nl\n";
print "\nReport bugs : service\@w3studio.nl\n";
print "\n";
if ( $opt_help || $hash eq "" ) {
print
"Usage : $0 -c | hash [-a | charset] [-s | salt] [-w | \"part\"] [-b | \"begin\"] [-e | \"ending\"]\n";
print "\n";
print
"Joomla hash aadd547e6739f2182b922396616bec07:aBpVe7EItCJnPnhLJ Y2Psu8pJKeKGurT\n";
print "\n";
print "Example : $0 -c aadd547e6739f21... -a 1 -s aBpVe7EItCJnPnh....\n";
print "\n";
print
"-c : The md5 hash, first 32 chars before the \":\" when salt [Joomla] is used,\n else only the md5 hash with 32 chars\n => aadd547e6739f2182b922396616bec07\n";
print "\n";
print
"-s : [ --Optional for Joomla-- ] => The salt, second 32 chars after the \":\"\n => aBpVe7EItCJnPnhLJY2Psu8pJKeKGurT\n";
print "\n";
print
"-a : [ --Optional-- ], The charset to use Default, not provided => Numeric,\n 1 => All, 2 => Alpha numeric, 3 => Alpha numeric Lowercase,\n 4 => Alpha numeric Uppercase, 5 => Alpha, 6 => Alpha Lowercase,\n 7 => Alpha Uppercase\n";
print "\n";
print
"If you now a part of the password you can use the following options to.";
print "\n";
print "\n";
print
"-w : [ --Optional-- ], A known part anyware in the password.\n Use double quotes -w \"part\" [ Useable in conjunction with -b and -e ]\n";
print "\n";
print
"-b : [ --Optional-- ], A known part at the beginning of the password.\n Use double quotes -b \"beginpart\" [ Useable in conjunction with -w and -e ]\n";
print "\n";
print
"-e : [ --Optional-- ], A known part at the end of the password.\n Use double quotes -e \"endpart\" [ Useable in conjunction with -w and -b ]\n";
print "\n";
exit();
}
if ( length($hash) == 32 ) {
$type = "md5";
}
else {
print
" ----- Invalid Hash, needs to be 32 chars long and no spaces -----\n";
exit();
}
if ( $salt && length($salt) ne 32 ) {
print
" ----- Invalid Salt, needs to be 32 chars long and no spaces -----\n";
exit();
}
$timeg = time;
$timeb = localtime;
print "Started at : " . $timeb . "\n";
if ( $force eq "bruteforce" ) {
if ( $alpnum eq 9 ) {
@letters = ( "\%", "\$", "\_" );
}
elsif ( $alpnum eq 1 ) {
$alg = "All";
@letters = (
"\!", "\@", "\#", "\$", "\%", "\^", "\&", "\*", "\(", "\)",
"\_", "\+", "\-", "\=", "\?", "\>", "\<", "\;", "\:", "\{",
"\}", "\[", "\]", "\\", "\|", "a", "b", "c", "d", "e",
"f", "g", "h", "i", "j", "k", "l", "m", "n", "o",
"p", "q", "r", "s", "t", "u", "v", "w", "x", "y",
"z", "A", "B", "C", "D", "E", "F", "G", "H", "I",
"J", "K", "L", "M", "N", "O", "P", "Q", "R", "S",
"T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2",
"3", "4", "5", "6", "7", "8", "9"
);
}
elsif ( $alpnum eq 2 ) {
$alg = "Alpha numeric";
@letters = (
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l",
"m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x",
"y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J",
"K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V",
"W", "X", "Y", "Z", "1", "2", "3", "4", "5", "6", "7", "8",
"9", "0"
);
}
elsif ( $alpnum eq 3 ) {
$alg = "Alpha numeric Lowercase";
@letters = (
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l",
"m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x",
"y", "z", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"
);
}
elsif ( $alpnum eq 4 ) {
$alg = "Alpha numeric Uppercase";
@letters = (
"A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L",
"M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X",
"Y", "Z", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"
);
}
elsif ( $alpnum eq 5 ) {
$alg = "Alpha";
@letters = (
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l",
"m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x",
"y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J",
"K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V",
"W", "X", "Y", "Z"
);
}
elsif ( $alpnum eq 6 ) {
$alg = "Alpha Lowercase";
@letters = (
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j",
"k", "l", "m", "n", "o", "p", "q", "r", "s", "t",
"u", "v", "w", "x", "y", "z"
);
}
elsif ( $alpnum eq 7 ) {
$alg = "Alpha Uppercase";
@letters = (
"A", "B", "C", "D", "E", "F", "G", "H", "I", "J",
"K", "L", "M", "N", "O", "P", "Q", "R", "S", "T",
"U", "V", "W", "X", "Y", "Z"
);
}
else {
$alg = "Numeric";
@letters = ( "9", "8", "7", "6", "5", "4", "3", "2", "1", "0" );
}
if ($strings) {
@letters = reverse(@letters);
push( @letters, $strings );
@letters = reverse(@letters);
}
$cnt2 = @letters;
print "\nUsed Charset: $alg -> $cnt2 chars found in Charset\n";
print "\n";
for ( $a = 0 ; $a < $cnt2 ; $a++ ) {
for ( $b = 0 ; $b < $cnt2 ; $b++ ) {
for ( $c = 0 ; $c < $cnt2 ; $c++ ) {
for ( $d = 0 ; $d < $cnt2 ; $d++ ) {
for ( $e = 0 ; $e < $cnt2 ; $e++ ) {
for ( $f = 0 ; $f < $cnt2 ; $f++ ) {
for ( $g = 0 ; $g < $cnt2 ; $g++ ) {
for ( $h = 0 ; $h < $cnt2 ; $h++ ) {
for ( $i = 0 ; $i < $cnt2 ; $i++ ) {
for ( $j = 0 ; $j < $cnt2 ; $j++ ) {
for ( $k = 0 ; $k < $cnt2 ; $k++ ) {
$passtotest =
$begin . $one . $two . $three
. $four
. $five
. $six
. $seven
. $eight
. $nine
. $ten
. $eleven
. $end;
$hashpasstotest =
$passtotest . $salt;
$timea = time - $timeg;
if ( $timea != 0 ) {
$status = $done / $timea;
}
else {
$timea = "0";
}
if ( $timediff > 1000 ) {
$timediff = 0;
$reststring =
"....................";
$passtotest =
substr $passtotest
. $reststring, 0, 15;
print
"Trying : $passtotest -> $done Combies tried -> In "
. $timea
. " sec.\r";
}
if ( $timediff <= 1000 ) {
$timediff++;
}
if ( $type eq $md5 ) {
$computedhash =
md5_hex($hashpasstotest);
}
if ( $computedhash eq $hash ) {
if ($salt) {
$passtotest = substr
$hashpasstotest, 0,
-32;
}
print
"\n\n ------------------ Yes we\'ve got it!! ------------------\n";
print
"\nCracked password hash => $hash\n";
if ($salt) {
print
"\nUsed password salt [Joomla] => $salt\n";
}
print
"\n\n --------------------------------------------------------\n";
print
"\nThe Password is => $passtotest\n";
print
"\n\n --------------------------------------------------------\n";
print "\nStopt at => "
. localtime . "\n";
print
"\nTime used => $timea seconds \n";
if ( $timea > 0 ) {
$status =
$done / $timea;
}
else {
$status = "Undefined";
}
printf
"\nComputed => $done combinations in $timea sec. (%.1f combinations/second) \r",
$status;
$done = 0;
print
"\n\n ------------------ Yes we\'ve got it!! ------------------\n";
exit();
}
$done++;
if (
@letters[$k] eq $strings
&& ( $ten eq $strings
|| $nine eq $strings
|| $eight eq $strings
|| $seven eq $strings
|| $six eq $strings
|| $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$eleven = $letters[$k];
}
if (
@letters[$j] eq $strings
&& ( $nine eq $strings
|| $eight eq $strings
|| $seven eq $strings
|| $six eq $strings
|| $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$ten = $letters[$j];
}
if (
@letters[$i] eq $strings
&& ( $eight eq $strings
|| $seven eq $strings
|| $six eq $strings
|| $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$nine = $letters[$i];
}
if (
@letters[$h] eq $strings
&& ( $seven eq $strings
|| $six eq $strings
|| $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$eight = $letters[$h];
}
if (
@letters[$g] eq $strings
&& ( $six eq $strings
|| $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$seven = $letters[$g];
}
if (
@letters[$f] eq $strings
&& ( $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$six = $letters[$f];
}
if (
@letters[$e] eq $strings
&& ( $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$five = $letters[$e];
}
if (
@letters[$d] eq $strings
&& ( $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$four = $letters[$d];
}
if (
@letters[$c] eq $strings
&& ( $two eq $strings
|| $one eq $strings )
)
{
next;
}
$three = $letters[$c];
}
if ( @letters[$b] eq $strings && $one eq $strings ) {
next;
}
$two = $letters[$b];
}
$one = $letters[$a];
}
}
[/php]
#Version 1.2
#print STDERR (join("|",@ARGV),"\n");
use Digest::MD5 qw(md5_hex);
use Term::ANSIColor qw(:constants);
use Getopt::Long;
my $type = "md5";
my $force = "bruteforce";
my $md5 = "md5";
my $computedhash = "";
my $alg;
my $done = 0;
my $timea;
my $timeb;
my $timeg;
my $timemin;
my $timehour;
my $timeday;
my $status;
my $timediff;
my $cnt2;
my $hash;
my $alpnum;
my $salt;
my $strings;
my $begin;
my $end;
my $opt_help;
GetOptions(
"help|?" => \$opt_help,
"algorithm=s" => \$alpnum,
"code=s" => \$hash,
"salt=s" => \$salt,
"words=s" => \$strings,
"begin=s" => \$begin,
"ending=s" => \$end
);
system("cls");
" ----- W3studio md5 Hash Cracker for md5 encrypted hashes [Version 1.2] -----\n";
"\nCapable to crack standard md5 hashes and \!Joomla md5 hashes up to eleven chars.\n";
"\nWe are not responsible for any consequences on use of this application.\n";
print "\n ---------- Use it only for your own purposes ----------\n";
print "\nDeveloped by: Pierre at www.w3studio.nl\n";
print "\nReport bugs : service\@w3studio.nl\n";
print "\n";
if ( $opt_help || $hash eq "" ) {
"Usage : $0 -c | hash [-a | charset] [-s | salt] [-w | \"part\"] [-b | \"begin\"] [-e | \"ending\"]\n";
print "\n";
"Joomla hash aadd547e6739f2182b922396616bec07:aBpVe7EItCJnPnhLJ Y2Psu8pJKeKGurT\n";
print "\n";
print "Example : $0 -c aadd547e6739f21... -a 1 -s aBpVe7EItCJnPnh....\n";
print "\n";
"-c : The md5 hash, first 32 chars before the \":\" when salt [Joomla] is used,\n else only the md5 hash with 32 chars\n => aadd547e6739f2182b922396616bec07\n";
print "\n";
"-s : [ --Optional for Joomla-- ] => The salt, second 32 chars after the \":\"\n => aBpVe7EItCJnPnhLJY2Psu8pJKeKGurT\n";
print "\n";
"-a : [ --Optional-- ], The charset to use Default, not provided => Numeric,\n 1 => All, 2 => Alpha numeric, 3 => Alpha numeric Lowercase,\n 4 => Alpha numeric Uppercase, 5 => Alpha, 6 => Alpha Lowercase,\n 7 => Alpha Uppercase\n";
print "\n";
"If you now a part of the password you can use the following options to.";
print "\n";
print "\n";
"-w : [ --Optional-- ], A known part anyware in the password.\n Use double quotes -w \"part\" [ Useable in conjunction with -b and -e ]\n";
print "\n";
"-b : [ --Optional-- ], A known part at the beginning of the password.\n Use double quotes -b \"beginpart\" [ Useable in conjunction with -w and -e ]\n";
print "\n";
"-e : [ --Optional-- ], A known part at the end of the password.\n Use double quotes -e \"endpart\" [ Useable in conjunction with -w and -b ]\n";
print "\n";
exit();
}
if ( length($hash) == 32 ) {
$type = "md5";
}
else {
" ----- Invalid Hash, needs to be 32 chars long and no spaces -----\n";
exit();
}
if ( $salt && length($salt) ne 32 ) {
" ----- Invalid Salt, needs to be 32 chars long and no spaces -----\n";
exit();
}
$timeg = time;
$timeb = localtime;
print "Started at : " . $timeb . "\n";
if ( $force eq "bruteforce" ) {
if ( $alpnum eq 9 ) {
@letters = ( "\%", "\$", "\_" );
}
elsif ( $alpnum eq 1 ) {
$alg = "All";
@letters = (
"\!", "\@", "\#", "\$", "\%", "\^", "\&", "\*", "\(", "\)",
"\_", "\+", "\-", "\=", "\?", "\>", "\<", "\;", "\:", "\{",
"\}", "\[", "\]", "\\", "\|", "a", "b", "c", "d", "e",
"f", "g", "h", "i", "j", "k", "l", "m", "n", "o",
"p", "q", "r", "s", "t", "u", "v", "w", "x", "y",
"z", "A", "B", "C", "D", "E", "F", "G", "H", "I",
"J", "K", "L", "M", "N", "O", "P", "Q", "R", "S",
"T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2",
"3", "4", "5", "6", "7", "8", "9"
);
}
elsif ( $alpnum eq 2 ) {
$alg = "Alpha numeric";
@letters = (
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l",
"m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x",
"y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J",
"K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V",
"W", "X", "Y", "Z", "1", "2", "3", "4", "5", "6", "7", "8",
"9", "0"
);
}
elsif ( $alpnum eq 3 ) {
$alg = "Alpha numeric Lowercase";
@letters = (
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l",
"m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x",
"y", "z", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"
);
}
elsif ( $alpnum eq 4 ) {
$alg = "Alpha numeric Uppercase";
@letters = (
"A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L",
"M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X",
"Y", "Z", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"
);
}
elsif ( $alpnum eq 5 ) {
$alg = "Alpha";
@letters = (
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l",
"m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x",
"y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J",
"K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V",
"W", "X", "Y", "Z"
);
}
elsif ( $alpnum eq 6 ) {
$alg = "Alpha Lowercase";
@letters = (
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j",
"k", "l", "m", "n", "o", "p", "q", "r", "s", "t",
"u", "v", "w", "x", "y", "z"
);
}
elsif ( $alpnum eq 7 ) {
$alg = "Alpha Uppercase";
@letters = (
"A", "B", "C", "D", "E", "F", "G", "H", "I", "J",
"K", "L", "M", "N", "O", "P", "Q", "R", "S", "T",
"U", "V", "W", "X", "Y", "Z"
);
}
else {
$alg = "Numeric";
@letters = ( "9", "8", "7", "6", "5", "4", "3", "2", "1", "0" );
}
if ($strings) {
@letters = reverse(@letters);
push( @letters, $strings );
@letters = reverse(@letters);
}
$cnt2 = @letters;
print "\nUsed Charset: $alg -> $cnt2 chars found in Charset\n";
print "\n";
for ( $a = 0 ; $a < $cnt2 ; $a++ ) {
for ( $b = 0 ; $b < $cnt2 ; $b++ ) {
for ( $c = 0 ; $c < $cnt2 ; $c++ ) {
for ( $d = 0 ; $d < $cnt2 ; $d++ ) {
for ( $e = 0 ; $e < $cnt2 ; $e++ ) {
for ( $f = 0 ; $f < $cnt2 ; $f++ ) {
for ( $g = 0 ; $g < $cnt2 ; $g++ ) {
for ( $h = 0 ; $h < $cnt2 ; $h++ ) {
for ( $i = 0 ; $i < $cnt2 ; $i++ ) {
for ( $j = 0 ; $j < $cnt2 ; $j++ ) {
for ( $k = 0 ; $k < $cnt2 ; $k++ ) {
$passtotest =
$begin . $one . $two . $three
. $four
. $five
. $six
. $seven
. $eight
. $nine
. $ten
. $eleven
. $end;
$hashpasstotest =
$passtotest . $salt;
$timea = time - $timeg;
if ( $timea != 0 ) {
$status = $done / $timea;
}
else {
$timea = "0";
}
if ( $timediff > 1000 ) {
$timediff = 0;
$reststring =
"....................";
$passtotest =
substr $passtotest
. $reststring, 0, 15;
"Trying : $passtotest -> $done Combies tried -> In "
. $timea
. " sec.\r";
}
if ( $timediff <= 1000 ) {
$timediff++;
}
if ( $type eq $md5 ) {
$computedhash =
md5_hex($hashpasstotest);
}
if ( $computedhash eq $hash ) {
if ($salt) {
$passtotest = substr
$hashpasstotest, 0,
-32;
}
"\n\n ------------------ Yes we\'ve got it!! ------------------\n";
"\nCracked password hash => $hash\n";
if ($salt) {
"\nUsed password salt [Joomla] => $salt\n";
}
"\n\n --------------------------------------------------------\n";
"\nThe Password is => $passtotest\n";
"\n\n --------------------------------------------------------\n";
print "\nStopt at => "
. localtime . "\n";
"\nTime used => $timea seconds \n";
if ( $timea > 0 ) {
$status =
$done / $timea;
}
else {
$status = "Undefined";
}
printf
"\nComputed => $done combinations in $timea sec. (%.1f combinations/second) \r",
$status;
$done = 0;
"\n\n ------------------ Yes we\'ve got it!! ------------------\n";
exit();
}
$done++;
if (
@letters[$k] eq $strings
&& ( $ten eq $strings
|| $nine eq $strings
|| $eight eq $strings
|| $seven eq $strings
|| $six eq $strings
|| $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$eleven = $letters[$k];
}
if (
@letters[$j] eq $strings
&& ( $nine eq $strings
|| $eight eq $strings
|| $seven eq $strings
|| $six eq $strings
|| $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$ten = $letters[$j];
}
if (
@letters[$i] eq $strings
&& ( $eight eq $strings
|| $seven eq $strings
|| $six eq $strings
|| $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$nine = $letters[$i];
}
if (
@letters[$h] eq $strings
&& ( $seven eq $strings
|| $six eq $strings
|| $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$eight = $letters[$h];
}
if (
@letters[$g] eq $strings
&& ( $six eq $strings
|| $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$seven = $letters[$g];
}
if (
@letters[$f] eq $strings
&& ( $five eq $strings
|| $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$six = $letters[$f];
}
if (
@letters[$e] eq $strings
&& ( $four eq $strings
|| $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$five = $letters[$e];
}
if (
@letters[$d] eq $strings
&& ( $three eq $strings
|| $two eq $strings
|| $one eq $strings )
)
{
next;
}
$four = $letters[$d];
}
if (
@letters[$c] eq $strings
&& ( $two eq $strings
|| $one eq $strings )
)
{
next;
}
$three = $letters[$c];
}
if ( @letters[$b] eq $strings && $one eq $strings ) {
next;
}
$two = $letters[$b];
}
$one = $letters[$a];
}
}
[/php]