Last active
January 20, 2020 17:46
-
-
Save carlosernestolopez/608c4430f6d8544a2570cfa61120a4d8 to your computer and use it in GitHub Desktop.
Wordpress Hash PHPass Cracker using Word Lists... | Por Carlos E. Lopez :: @leon, Nicaragua
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.IO; | |
using System.Linq; | |
using System.Security.Cryptography; | |
using System.Text; | |
using System.Threading.Tasks; | |
namespace WpHashCrack | |
{ | |
class Program | |
{ | |
static void Main(string[] args) | |
{ | |
object _locker = new object () ; | |
if( args.Length < 3 ) | |
{ | |
w("\n\t[WpHashCrack] Por Carlos E. Lopez :: @Leon, Nicaragua\n"); | |
w("\t\tUsage: WpHashCrack.exe compare password hash"); | |
w("\t\tUsage: WpHashCrack.exe crack hash wordlist.txt [from_line] [number_of_lines]"); | |
Environment.Exit(-1); | |
} | |
WPCracker wpCracker = new WPCracker(); | |
if( args[0].Equals("compare") ) | |
Console.Write(wpCracker.checkPassword(args[1], args[2]).ToString()); | |
else if( args[0].Equals("crack") ) | |
{ | |
if( !File.Exists(args[2]) ) | |
{ | |
w("\tERROR: Wordlist file doesn't exists"); | |
Environment.Exit(-1); | |
} | |
int lineCount = File.ReadLines(args[2]).Count(); | |
int from_line = 0; | |
int number_of_lines = lineCount; | |
try { | |
from_line = int.Parse(args[3]); | |
} | |
catch { | |
from_line = 0; | |
} | |
try { | |
number_of_lines = int.Parse(args[4]); | |
} | |
catch { | |
number_of_lines = lineCount - from_line; | |
} | |
if (from_line < 0 || number_of_lines <= 0) | |
{ | |
w("\tERROR: Please verify starting line number and number of lines to query"); | |
Environment.Exit(-1); | |
} | |
int counter = from_line; | |
int total = from_line + number_of_lines; | |
try { | |
Parallel.ForEach(File.ReadLines(args[2]).Skip(from_line).Take(number_of_lines), new ParallelOptions { MaxDegreeOfParallelism = Environment.ProcessorCount }, (line, state) => | |
{ | |
if(wpCracker.checkPassword(line, args[1])) | |
{ | |
wpCracker.found = true; | |
wpCracker.found_password = line; | |
} | |
if (wpCracker.found) | |
{ | |
state.Break(); | |
} | |
else | |
{ | |
if (!wpCracker.found) | |
{ | |
lock (_locker) | |
{ | |
if (!wpCracker.found) { | |
counter++; | |
if( counter % 100 == 0) | |
{ | |
w(counter + " / " + total + " - " + line); | |
GC.Collect(); | |
GC.WaitForPendingFinalizers(); | |
} | |
} | |
} | |
} | |
} | |
}); | |
} | |
catch (Exception ex) | |
{ | |
Console.WriteLine("ERROR: " + ex.Message); | |
GC.Collect(); | |
GC.WaitForPendingFinalizers(); | |
} | |
GC.Collect(); | |
GC.WaitForPendingFinalizers(); | |
if ( wpCracker.found ) | |
w("\n\t[PASSWORD FOUND]: " + wpCracker.found_password); | |
else | |
w("\n\tSorry the password was not found..."); | |
} | |
} | |
static void w(string str) | |
{ | |
Console.WriteLine(str); | |
} | |
} | |
class WPCracker | |
{ | |
string itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; | |
Encoding iso = Encoding.GetEncoding("ISO-8859-1"); | |
public bool found = false; | |
public string found_password = ""; | |
string encode64(byte[] input, int count) | |
{ | |
string output = ""; | |
int i = 0; | |
do | |
{ | |
int value = (char)input[i++]; | |
output += itoa64[value & 0x3f]; | |
if (i < count) | |
value |= (char)input[i] << 8; | |
output += itoa64[(value >> 6) & 0x3f]; | |
if (i++ >= count) | |
break; | |
if (i < count) | |
value |= (char)input[i] << 16; | |
output += itoa64[(value >> 12) & 0x3f]; | |
if (i++ >= count) | |
break; | |
output += itoa64[(value >> 18) & 0x3f]; | |
} while (i < count); | |
return output; | |
} | |
string crypt_private(string password, string setting) | |
{ | |
string output = "*0"; | |
if (setting.Substring(0, 2).Equals(output)) | |
output = "*1"; | |
string id = setting.Substring(0, 3); | |
if (!id.Equals("$P$") && !id.Equals("$H$")) | |
return output; | |
int count_log2 = itoa64.IndexOf(setting[3]); | |
if (count_log2 < 7 || count_log2 > 30) | |
return output; | |
int count = 1 << count_log2; | |
string salt = setting.Substring(4, 8); | |
if (salt.Length != 8) | |
return output; | |
byte[] hash = md5(salt + password); | |
do | |
{ | |
hash = md5(iso.GetString(hash) + password); | |
} while (--count > 0); | |
output = setting.Substring(0, 12); | |
output += encode64(hash, 16); | |
return output; | |
} | |
byte[] md5(string input) | |
{ | |
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider(); | |
byte[] inputBytes = iso.GetBytes(input); | |
return md5.ComputeHash(inputBytes); | |
} | |
public bool checkPassword(string password, string stored_hash) | |
{ | |
return crypt_private(password, stored_hash).Equals(stored_hash); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment