Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Second Validation Method

So, for validation, here is my suggestion. Works for however people want to submit (separate hashes.txt, password.txt or combined "hash:pass" file).

  • grab a copy of mdxfind/mdsplit from http://hashes.org . Ensure you have the contest-orginal pcrack.master.hashed.txt file (it will be read-only).

  • If separate files:

     mdxfind -f pcrack.master.hashed.txt -h ^sha1$ plaintext.txt >result
     mdsplit -f result hashes.txt

You will be left with hashes.txt and hashes.SHA1x01. The hashes.SHA1x01 are the validated number of cracks (wc -l to get number), and any invalid hash submissions will be in hashes.txt. If this file is empty, all hashes validated.

  • If combined hash:pass format:
     cut -c 42- combined.txt | mdxfind -f pcrack.master.hashed.txt -h ^sha1$ stdin >result
     mdsplit -f result combined.txt
 As before, correct solutions will be in combined.SHA1x01, and invalid submissions will be in combined.txt

It will literally take seconds to do this, and will need a machine with 3g of memory. On my machine (rotating rust, no SSD), ~30 seconds to read hash list, and 120 seconds to run 57M passwords through. Because you have almost 1,000,000 duplicate hashes in your original list, it's important to use mdsplit (which will count the finds for you, too)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment