python
It has been about a month since I have posted, that does not mean I have stopped coding. Lately I’ve been back on my “security” kick. Although for me it’s more of an obsession rather than just a kick. When it comes to security, a programming language like Python can make many common task a breeze to accomplish. Here I have a basic Linux password cracker that can crack the current SHA-512 shadowed hashes from a user supplied dictionary and detect whether a hash is the lesser used MD5 or SHA-256 format. Enjoy.
import crypt
def testPass(cryptPass):
hashType = cryptPass.split("$")[1]
if hashType == '1':
print "[+] Hash Type is MD5"
elif hashType == '5':
print "[+] Hash Type is SHA-256"
elif hashType == '6':
print "[+] Hash Type is SHA-512"
else:
"[+] Hash Type is Unknown"
salt = cryptPass.split("$")[2]
dictFile = open('dictionary.txt', 'r')
for word in dictFile.readlines():
word = word.strip('\n')
pepper = "$" + hashType + "$" + salt
cryptWord = crypt.crypt(word, pepper)
if cryptWord == cryptPass:
print '[+] Found Password: ' + word + '\n'
return
print '[-] Password Not Found.\n'
return
def main():
passFile = open('passwords.txt')
for line in passFile.readlines():
if ':' in line:
user = line.split(':')[0]
cryptPass = line.split(':')[1].strip(' ')
print '[*] Cracking Password For: ' + user
testPass(cryptPass)
if __name__ == '__main__':
main()
Demux 