- 1) Zombi Bot V14 Scanner Pro 11) Viper 1337 private Scanner V2.0
- 2) Advance Mass Url Collector 12) Mass Shell Checker
- 3) Email Filter 13) Mass Shell Mail Function Checker
- 4) Hash Cracker V1.0 14) Mass Shell Upload Anything Bot
- 5) Grabber Ip From Domains List 15) Mass zone-h Grabber
- 6) Viper 1337 SMTP Cracker v2 16) Viper1337 Private Tools
- 7) cPanel Cracker V3.0 17) CMS Filter
- 8) Mass cPanel Checker 18) 0day Private Bot
- 9) Mass cPanel Reset By Shell 19) Remove Duplicated Lines
- 10) Mass cPanel Upload Anything 20) Check For Latest Update
DOWNLOAD LINK
Hi guys,i started writing this article because yesterday i was trying to crack the "Hash" for an admin password,the site which was vulnerable was obviously taken down by me and now,thanks to me they have fixed that problem.So one of the biggest difficulties while your hacking is "Cracking" a hash.While Cracking a hash is difficult,It is better to compare your has with a few existing decrypted hashes.In this article,I'll give you some such sites which does the job neatly.
What is a MD5 Hash ?
To put it in a nutshell,its just a string/integer (or Word/Number)which is encrypted using a particular computer algorithm.While some algorithms are easy to crack,Some take Ages to crack one single password ! To read more on hash tables : http://www.searchr.us/web-search.phtml?search=What+is+a+hash+rable
Why do we need to Crack ?
Chill out guys ! We are hackers ! That's what we do,find and crack staff so that we can make the world better ithout vulnerabilities.Seriously,MD5 hashes are used in all types of data encryption.
List of Online Services:
The given below are list of free services no nothing is paid service around here !
If this doesn't work out then you have to use a software to decrypt it but it could take a lot of time.
Cheers !
I've seen some requests for individuals to crack hashes, and a few individuals are not doing it right, simply giving a hash isn't enough to assist anyone in this matter,This tutorial will walk through the fundamentals and take a look at and assist you move into your way forward in hashing.
Introduction to Hashes
It is common to observe for many Internet programmers to secure words by storing the encrypted word of the password as a information, which is how they do not they risk a serious security flaw which might hurt their customers and themselves.Hashes also are called Cryptography, in a way.Some hashes will decrypt designedly, where as for others the only alternative is to brute force.An example of encoding that enables decryption isBase64.
Need-To-Know's concerning Hashes
Widely used Hash varieties include:
MD5
SHA-1
SHA-2
This means these three are those you wish to be wanting into once you grab a hash.
MD5: 32 words - Collision (Yes).
SHA-1: 32 words - Collision (Yes).
SHA-2: 64 words - Collision (No).
Hash Collisions
From the table that I created above, you'll be able to see MD5 and SHA-1 have Hash Collisions.This implies that more than one hash have have the same value.This is good judgment seeing as MD5 and SHA-1 ar each thirty two Characters long, and there's a limit of what number thirty two random characters you'll be able to build, I mean it isnt infinite. Therefore their cipher to be a Collision at some purpose.
H(a) = H(b)
H representing the hash perform.
Online Hash Decryption Sites
Many sites host services wherever you'll be able to md5 cypher no matter what you wish for. However at a similar time this service saves each values for later.
So remember once you use these services your md5 input and output are saved in their information as an "md5 decode" service.
A list of Hash rewrite Sites you'll be able to use. You can also look at these on line tools that I've collected for Free Online MD5 Decryption
http://www.cmd5.com/english.aspx (457,354,352,282)
http://www.md5crack.com
http://www.hashchecker.com
http://md5cracker.tk/ (MD5 programme by searching a complete of fourteen on-line balmy.)
http://www.md5decrypter.com (5,889,729)
http://www.md5oogle.com
http://md5-db.com (The information is roughly 70gb)
http://md5.rednoize.com (56,502,235)
http://www.tmto.org/?category=main&page=search_md5 (306.000.000.000)
http://passcracking.com/ (Register to extend your priority)
http://www.xmd5.org
Brute Forcing
Most secure CMS's (Content Management Systems) use Salts and totally different algorithms.An example is
Common: md5($password);
PHP-Fusion: md5(md5($password));
VBulliten: md5(md5($password).$salt);
MyBB: md5(md5($salt).$password);
Knowing the Hash + Hash rule is required once requesting assistance on cracking a hash.
Recommended Brute Forcing Programs
HashCat - Worlds fastest WPA cracker with dictionary mutation engine. The below are the algorithms that it can crack. Which is by far the most offered by any program!
HashCat = UNIX
HashCat interface = Windows.
MD5
md5($pass.$salt)
md5($salt.$pass)
md5(unicode($pass).$salt)
md5($salt.unicode($pass))
HMAC-MD5 (key = $pass)
HMAC-MD5 (key = $salt)
SHA1
sha1($pass.$salt)
sha1($salt.$pass)
sha1(unicode($pass).$salt)
sha1($salt.unicode($pass))
HMAC-SHA1 (key = $pass)
HMAC-SHA1 (key = $salt)
MySQL
MySQL4.1/MySQL5
phpass, MD5(Wordpress), MD5(phpBB3)
md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5
SHA-1(Django)
MD4
NTLM
Domain Cached Credentials, mscash
SHA256
sha256($pass.$salt)
sha256($salt.$pass)
sha256(unicode($pass).$salt)
sha256($salt.unicode($pass))
HMAC-SHA256 (key = $pass)
HMAC-SHA256 (key = $salt)
md5apr1, MD5(APR), Apache MD5
SHA512
sha512($pass.$salt)
sha512($salt.$pass)
sha512(unicode($pass).$salt)
sha512($salt.unicode($pass))
HMAC-SHA512 (key = $pass)
HMAC-SHA512 (key = $salt)
SHA-512(Unix)
Cisco-PIX MD5
WPA/WPA2
Double MD5
bcrypt, Blowfish(OpenBSD)
MD5(Sun)
md5(md5(md5($pass)))
md5(md5($salt).$pass)
md5($salt.md5($pass))
md5($pass.md5($salt))
md5($salt.$pass.$salt)
md5(md5($pass).md5($salt))
md5($salt.md5($salt.$pass))
md5($salt.md5($pass.$salt))
md5($username.0.$pass)
md5(strtoupper(md5($pass)))
md5(sha1($pass))
sha1(sha1($pass))
sha1(sha1(sha1($pass)))
sha1(md5($pass))
MD5(Chap)
SHA-3(Keccak)
Half MD5
Password Safe SHA-256
IKE-PSK MD5
IKE-PSK SHA1
NetNTLMv1-VANILLA / NetNTLMv1-ESS
NetNTLMv2
Cisco-IOS SHA256
Samsung Android Password/PIN
AIX {smd5}
AIX {ssha256}
AIX {ssha512}
AIX {ssha1}
GOST, GOST R 34.11-94
Fortigate (FortiOS)
OS X v10.8
GRUB 2
IPMI2 RAKP HMAC-SHA1
sha256crypt, SHA256(Unix)
Plaintext
Joomla
osCommerce, xt:Commerce
nsldap, SHA-1(Base64), Netscape LDAP SHA
nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
Oracle 11g
SMF > v1.1
OS X v10.4, v10.5, v10.6
EPi
MSSQL(2000)
MSSQL(2005)
EPiServer 6.x < v4 EPiServer 6.x > v4
SSHA-512(Base64), LDAP {SSHA512}
OS X v10.7
MSSQL(2012)
vBulletin < v3.8.5 vBulletin > v3.8.5
IPB2+, MyBB1.2+
WebEdition CMS
Redmine Project Management Web App
PasswordsPro - Is a professional password recovery quite. They also claim to be the world's strongest in recovering hashes.
Word lists for Brute-forcing
To brute force passwords,it would obviously be a good judgment you wish an inventory of words.Depending on the size of your CPU and your processor.You can scrutinize all the various word lists from word lists available on line or by using a word list generating software.
You can always get it from various sources, like forums, blogs etc. But my favourite is this list : http://www.infosecisland.com/blogview/11968-Brute-Forcing-Passwords-and-Word-List-Resources.html.It contains by far, the most compact but at the same time a vast list of combinations. Head over to that website and download any list of your choice.
Conclusion
With this tutorial, I hope to show you a few ways in which you can approach towards the problem of cracking MD5. This isn't a fail proof method but it will definitely enlighten you in the topic and lets you crack majority of hashes.
