PHStrawberrry
Forum Veteran
Coding a Password Cr(a)cker
When coding anything, the language you choose should also be chosen. Sometimes one language is easier to write something in that another. For the password cr(a)cker we are going to build here we are going to use a simple class that creates and tests password hashes for the purpose of decrypting a given password hash using collision detection.
Usage:
Using John the Ripper
Before you start I suggest running the benchmark with the following command:
You can install John the Ripper (jtr) on ubuntu with the following command:
2. Cr(a)cking passwords from a file
Credits
pbrcrew - pbrcrew@protonmail.com
When coding anything, the language you choose should also be chosen. Sometimes one language is easier to write something in that another. For the password cr(a)cker we are going to build here we are going to use a simple class that creates and tests password hashes for the purpose of decrypting a given password hash using collision detection.
PHP:
<?php
/* pbrcrew 2018 */
class Password
{
private $hash;
function __construct()
{
//
}
function makePassword($type, $word)
{
switch($type)
{
default: break;
case "md5": $this->hash = md5($word); break;
case "sha1": $this->hash = sha1($word); break;
}
}
function getHash()
{
return $this->hash;
}
function checkPassword($hash)
{
return ($this->hash == $hash ? true : false);
}
}
?>Usage:
PHP:
//make a new hash and get it
$pass = new Password();
$pass->makePassword("md5", "hello world");
echo $pass->hash;
//check a hash (collision detection)
$pass = new Password();
$pass->makePassword("md5", "hello world");
$cracked = $pass->checkPassword("5eb63bbbe01eeed093cb22bb8f5acdc3");Using John the Ripper
Before you start I suggest running the benchmark with the following command:
Code:
sudo john --testYou can install John the Ripper (jtr) on ubuntu with the following command:
Code:
sudo apt-get install john2. Cr(a)cking passwords from a file
Code:
sudo john --show {password file}Credits
pbrcrew - pbrcrew@protonmail.com