Welcome, guest | Sign In | My Account | Store | Cart

This script allows you to crack an MD5 hash. The script asks you for both the file where the hash resides (a .txt file normally, although a .dat will work just as well), as well as the wordlist (also a .txt or .dat) to be used. The program functions by hashing each line from the wordlist, and then comparing it to the hash specified. Very quick runtime!

Python, 41 lines
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#Begin Hash Cracker.py

import hashlib, sys
m = hashlib.md5()
hash = ""
hash_file = raw_input("What is the file name in which the hash resides?  ")
wordlist = raw_input("What is your wordlist?  (Enter the file name)  ")
try:
	hashdocument = open(hash_file,"r")
except IOError:
	print "Invalid file."
	raw_input()
	sys.exit()
else:
	hash = hashdocument.readline()
	hash = hash.replace("\n","")
	
try:
	wordlistfile = open(wordlist,"r")
except IOError:
	print "Invalid file."
	raw_input()
	sys.exit()
else:
	pass
for line in wordlistfile:
	m = hashlib.md5()  #flush the buffer (this caused a massive problem when placed at the beginning of the script, because the buffer kept getting overwritten, thus comparing incorrect hashes)
	line = line.replace("\n","")
	m.update(line)
	word_hash = m.hexdigest()
	if word_hash==hash:
		print "Collision!  The word corresponding to the given hash is", line,
		raw_input()
		sys.exit()

print "The hash given does not correspond to any supplied word in the wordlist."
raw_input()
sys.exit()

#EoF
#Written by Neil Shah, 9th grade

This is an alternative to hash cracking online. It allows the user to modify the wordlist being used, and is extremely quick (much faster alternative to Rainbow Tables and other tools such as John the Ripper or Cain and Abel). The reason I wrote this program is for others to be able to benefit from this utility, while also improving my programming skills in Python. The replace function is used so that the string to be hashed does not include the '\n' or newline character while hashing (therefore generating incorrect hashes, and rendering the program useless). Enjoy!

5 comments

Christopher Dunn 14 years, 8 months ago  # | flag

"Cracked"? At first, I thought you'd inverted the md5 hash. You would have gotten some money for that!

N S (author) 14 years, 8 months ago  # | flag

Reply... Hah! Yeah, nice try. Well I don't know much about algorithm inversion. I haven't even taken Calculus yet. Still taking Pre-Calc now... I'll continue to work on these things if you guys think that they're any good. (Even if you hate them, I'll still continue Python, I enjoy it). The number one thing i need now from you all is feedback. Tell me how my program is, what more do you want it to be able to do. Be realistic, though =) .

-N

Josiah Carlson 14 years, 7 months ago  # | flag

Please see the rainbow tables page for practical password cracking: http://en.wikipedia.org/wiki/Rainbow_table

Richard Harris 14 years, 7 months ago  # | flag

I might write it like this... I thought seeing someone else's version of the program might be instructive; so, here's my go at it.

Notes: optparse is really handy. strip() is preferable for removing whitespace readlines() is nice

import sys import md5 from optparse import OptionParser

def getOptionsAndArgs(): parser = OptionParser("%prog [options] ") parser.add_option('-d', '--dict', action="store", dest="pathToWordList", default="/usr/share/dict/words", help="Path to word list") parser.add_option('-v', '--verbose', action="store_true", dest="verbose", default=False, help="Show words as they are searched")

options, args = parser.parse_args()

if not args:
    parser.print_help()
    sys.exit(1)

return options, args

def searchForCollisions(targetHash, pathToWordList, verbose=False): for word in open(pathToWordList, "r").readlines(): word = word.strip() hash2Test = md5.md5(word).hexdigest() if verbose: print "Searching...", word, hash2Test if hash2Test == targetHash: print "Collision Detected: The word is ", word return True return False

if __name__ == "__main__": options, args = getOptionsAndArgs()

if not searchForCollisions(targetHash=args[0],
                           pathToWordList=options.pathToWordList,
                           verbose=options.verbose):
    print "No Collision Detected"

print "Done."
Richard Harris 14 years, 7 months ago  # | flag

**Oops, need the

s... anyway here's my go...**  optparse = cool

import sys
import md5
from optparse import OptionParser

def getOptionsAndArgs():
    parser = OptionParser("%prog [options] ")
    parser.add_option('-d', '--dict',
                      action="store",
                      dest="pathToWordList",
                      default="/usr/share/dict/words",
                      help="Path to word list")
    parser.add_option('-v', '--verbose',
                      action="store_true",
                      dest="verbose",
                      default=False,
                      help="Show words as they are searched")

    options, args = parser.parse_args()

    if not args:
        parser.print_help()
        sys.exit(1)

    return options, args

def searchForCollisions(targetHash, pathToWordList, verbose=False):
    for word in open(pathToWordList, "r").readlines():
        word = word.strip()
        hash2Test = md5.md5(word).hexdigest()
        if verbose:
            print "Searching...", word, hash2Test
        if hash2Test == targetHash:
            print "Collision Detected: The word is ", word
            return True
    return False

if __name__ == "__main__":
    options, args = getOptionsAndArgs()

    if not searchForCollisions(targetHash=args[0],
                               pathToWordList=options.pathToWordList,
                               verbose=options.verbose):
        print "No Collision Detected"

    print "Done."