miércoles, 29 de junio de 2011

Online Mult MD5 Hash Cracker [PHP]

Publicado por OverNet en miércoles, junio 29, 2011 ,
MD5 Hash Cracker (Online)

¿Que es MD5 Hash?
Es un algoritmo de reducción criptográfico de 128 bits ampliamente usado.
(Segun Wikipedia)

MD5 Hash Logo (md5() function)

Muchos de los problemas que tienen los defacers, es que al encontrarse con una cadena enciptada en MD5 Hash (Contraseña), es muy casí imposible que el atacante pueda desifrarla sin herramientas o alguna clase de herramienta de fuerza bruta.
Lo cuál muchos programadores de sitios web, utilizan una base de datos o diccionarios que implementan un crackeo de contraseñas lo cuál hace más eficaz y más rapido encontrar que concida el hash con la contraseña real del diccionario.

MD5 ONLINE MD5 HASH CRACKER

Por ahora, les dejare una herramienta en PHP codeado por gunslinger_  y el objetivo de esta tool, es buscar el hash introducido en diferentes webs de crackeo online. En sí esta herramienta no contendra ningun diccionario (Excepto por los dominios de MD5 Hash Cracking Online).

Codigo Fuente en PHP:

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Online Md5 Cracker</title>
<style type="text/css">
<!--
body,td,th {
        font-family: Geneva, Arial, Helvetica, sans-serif;
        color: #00FF00;
        font-weight: bold;
}
body {
        background-color: #000000;
}
a:link {
        color: #FF0000;
        text-decoration: none;
}
a:visited {
        text-decoration: none;
        color: #00FF00;
}
a:hover {
        text-decoration: none;
        color: #99FFFF;
}
a:active {
        text-decoration: none;
        color: #9900FF;
}
.style3 {
        color: #00FF00
        }
a {
        font-weight: bold;
}
-->
</style>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252"></head>
<body>
<style type='text/css'>
body {
    background-color: #000000;
    color: green;
    font-family:courier new;
    font-size:12px;
}
text,input,table,tr,td,th {
    border-color: green;
    border-style: solid;
    border-width: 1px;
    color: green;
    background:#0f0f0f;
    font-family:courier new;
    font-size:12px;
}
</style>
<form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="POST">
  <center><br>
Please Enter md5 hash to the textbox below <br>
<br>
<input name="hash" type="text" class="style3" size="32"><br><br>
<input type="submit" class="style3" value="Crack Me..."></center>
</form>
<?php

/***
* Online Md5 cracker by gunslinger_
* Version : 1.0
* Visit : http://www.devilzc0de.com
*/

$city = strtolower(trim($_POST["hash"]));

if(ereg("([0-9a-f]{32})", $city)) {
    $urls = array(
                 0 => ("http://md5.rednoize.com/?p&s=md5&q=" . $city),
                 1 => ("http://gdataonline.com/qkhash.php?mode=txt&hash=" . $city),
                 2 => ("http://milw0rm.com/cracker/search.php"),
                 3 => ("http://md5decryption.com/"),
                 4 => ("http://alimamed.pp.ru/md5/?md5e=&md5d=" . $city),
                 5 => ("http://ice.breaker.free.fr/md5.php?hachage=" . $city),
                 6 => ("http://passcracking.com/"),
                 7 => ("http://md5.hashcracking.com/search.php?md5=" . $city),
                 8 => ("http://www.hashchecker.com/index.php?_sls=search_hash"),
                 9 => ("http://md5crack.it-helpnet.de/index.php?op=search"),
                 10 => ("http://blacklight.gotdns.org/cracker/crack.php"),
                 11 => ("http://md5.ip-domain.com.cn/"),
                 12 => ("http://www.bigtrapeze.com/md5/"),
                 13 => ("http://opencrack.hashkiller.com/"),
                 14 => ("http://www.md5oogle.com/decrypt.php?input=" . $city),
                 15 => ("http://www.tydal.nu/php/sakerhet/md5.php?q=" . $city)
                 );

    $params = array(
                    0 => (null),
                    1 => (null),
                    2 => ("hash=" . $city . "&submit=Submit"),
                    3 => ("hash=" . $city . "&submit=Decrypt It!"),
                    4 => (null),
                    5 => (null),
                    6 => ("datafromuser=" . $city . "&submit=DoIT"),
                    7 => (null),
                    8 => ("search_field=" . $city . "&Submit=search"),
                    9 => ("md5=" . $city . "&submit=Search now"),
                    10 => ("hash=" . $city . "&algos=MD5&crack=Crack"),
                    11 => ("text=" . $city . "&submit=submit"),
                    12 => ("query=" . $city . "&submit= Crack "),
                    13 => ("oc_check_md5=" . $city ."&oc_submit=Search MD5"),
                    14 => (null),
                    15 => (null)
                    );

    $patterns = array(
                     0 => (null),
                     1 => ("/<\/td><td width=\"35%\"><b>(.*)<\/b><\/td><\/tr>/"),
                     2 => ("/<\/TD><TD align=\"middle\" nowrap=\"nowrap\" width=90>(.*)<\/TD><TD align=\"middle\" nowrap=\"nowrap\" width=90>cracked<\/TD><\/TR>/"),
                     3 => ("/<h2>Results<\/h2><b>Md5 Hash:<\/b> " . $city . "<br\/><b class='red'>Normal Text: <\/b>(.*)<br\/>/"),
                     4 => ("/: <b>(.*)<\/b><br><form action=\"\">/"),
                     5 => ("/: <b><br \/><br \/> - (.*)<\/b>/"),
                     6 => ("/<\/td><td>md5 Database<\/td><td>" . $city . "<\/td><td bgcolor=#FF0000>(.*)<\/td><td>/"),
                     7 => ("/Cleartext of " . $city . " is (.*)/"),
                     8 => ("/<td><li>Your md5 hash is :<br><li>" . $city . " is <b>(.*)<\/b> used charl/"),
                     9 => ("/<\/td><td>" . $city . "<\/td><td>(.*)<\/td>/"),
                     10 => ("/" . $city . " -> <b>(.*)<\/b><br><br>/"),
                     11 => ("/<strong>result:<\/strong><font color=red>(.*)<\/font> /"),
                     12 => ("/The hash <strong>" . $city . "<\/strong> has been deciphered to: <strong>(.*)<\/strong>/"),
                     13 => ("/<\/div><div class=\"result\">" . $city . ":(.*)<br\/>/"),
                     14 => ("/<br\/><center><div style=\"background: lightblue;\"><b>Result: (.*)<\/b><br \/><\/div><\/center><br \/>/"),
                     15 => ("/(.*)<\/b><\/h5>/")
                     );

    if((count($urls) !== count($params)) || (count($urls) !== count($patterns)) || (count($params) !== count($patterns))) { die("Error"); }

    for($i = 0; $i < count($urls); $i++) {
        echo "\n<br>\n";

        $url = $urls[$i];
        $param = $params[$i];
        $pattern = $patterns[$i];

        $message = ereg_replace("(http|https)://", null, $url);
        $message = ereg_replace("/(.*)", null, $message);

        $ch = curl_init();
        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, "4");
        if(!empty($param)) {
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
        }
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)");
        curl_setopt($ch, CURLOPT_TIMEOUT, "4");
        $result = @curl_exec($ch);
        curl_close($ch);

        if(!empty($result)) {
            if(empty($pattern)) {
                $final = $result;
            } else {
                preg_match($pattern, $result, $final);
                $final = $final[1];
            }
        }

        echo (md5($final) === $city || md5(htmlentities($final)) === $city)?("[+]" . $message . ": <b>" . htmlentities($final) . "</b>"):("[-]" . $message . ": Not Found");
    }
}
?>
<br>
</div>
</body>

Descarga codigo fuente:
Download File/SC: PasteBin

Back Top

8 comentarios:

  1. buen show man, yo no se bien en php pero obviamente se puede alargar esto y usar mas paginas.. NO??

  2. Si, el problema de este código es que ya es muy viejo y algunas paginas que están allí ya no funcionan, pero puedes agregar más páginas mientras tenga una variable al final.

  3. Hostas come in a wide variety of colors, shapes and sizes and can be found
    in almost every home landscape. It has a very strong odor that will take your breath away.
    This same person spread several yards of the mulch around
    their house before they realized the problem, and it ruined many of their plants.


    Here is my website - mulching

  4. If there's give in the stakes or the form, neither of them are doing their jobs correctly. Blistering heat and bitter freezing cold can crack the toughest of concrete. Repairing larger cracks or holes in driveways takes a little more time and preparation.

  5. Generally speaking, there are several main techniques made
    use of by data mining software: clustering, distinction, regression and association approaches.
    As adults riding motorcycles, we usually don't even think about steering. This is still faster than dropping your entire inventory.

  6. So there are many virtual airlines that you can choose from and be
    their management. Even recommended system specs had difficulties coping with the games demands
    on first launch when flying over the more substantial town locations.
    The atmosphere parameters calculated are: temperature, dew point,
    pressure density, wind (three-dimensional) and visibility.
    Hardness is less then quartz, or ca 6 on Mohs scale.

    It features its own unique economy in which players can buy and sell things they make and so
    on, several real world companies are actually getting into the game to offer services, such as H&R
    Block.

    Feel free to visit my web page ... simulator

  7. I stubled onto your webpage in error yet I am glad
    I did! Thanks a bunch for the useful information.

    Here is my weblog zoloft withdrawal insomnia (insanejournal.com)

Publicar un comentario

Blaaa blaa y + blaa.. escribe las dudas que tengas :D

- No incluyas Correos electrónicos por seguridad propia.
- No SPAM/Flood.
- Se borrará cualquier comentario ofensivo, racista o vulgar.