• Base64 Encoder & Decoder
• Multi-Digest (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
• Hash Password Cracker (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
• Secure Password Generator

• Net DoS Tester
• TCP port scanner
• Honeypot
• Fuzzer
• DNS and host gathering
• MAC address geolocation (samy.pl)

• HTTP directory bruteforce
• HTTP common files bruteforce

svn co https://pentbox.svn.sourceforge.net/svnroot/pentbox/trunk/ pentbox

cd pentbox

svn update

./pentbox.rb

Cryptography tool:-
web application penetration tests we often discover encoded Base64 strings. Such strings can contain important information that’s why we need to have a decoder in our tool repository.

If in some situation we obtain password in hash form , then pentbox has inbuilt module that can crack hash into plain text , it can also encrypt plain text in hash form. Supported hash are MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160.


Network tools:-
Available modules are Net DoS Tester TCP port scanner ,Honeypot,Fuzzer,DNS and host gathering,MAC address geolocation . For tcp port scan you should use NMAP , because it `s best tool for port scanning.
I like DNS and host gathering modules. It `s very fast & responsive.


Web tools:-
This section contain two tools for information gathering.
HTTP directory brute-force (You can find directory of website)
HTTP common files brute-force .

How to crack any hash with help of online services?

findmyhash.py try to crack different types of hashes using free online services.

(1)Download it from here .

(2)Open terminal & change directory where you download tool , if we download tool in download folder then type in following command in terminal

cd Downloads

(3)python findmyhash.py


Accepted algorithms are:

MD4, MD5, SHA1, SHA256, RMD160, LM, NTLM, MYSQL, CISCO7 & JUNIPER

NOTE: for LM / NTLM it is recommended to introduce both values with this format:

python findmyhash.py LM -h 9a5760252b7455deaad3b435b51404ee:0d7f1f2bdeac6e574d6e18ca85fb58a7

python findmyhash.py NTLM -h 9a5760252b7455deaad3b435b51404ee:0d7f1f2bdeac6e574d6e18ca85fb58a7


Valid OPTIONS are:

-h <hash_value> If you only want to crack one hash, specify its value with this option.

-f <file> If you have several hashes, you can specify a file with one hash per line.

NOTE: All of them have to be the same type.

-g If your hash cannot be cracked, search it in Google and show all the results.

NOTE: This option ONLY works with -h (one hash input) option.


Examples:

-> Try to crack only one hash.

python findmyhash.py MD5 -h 098f6bcd4621d373cade4e832627b4f6

-> If the hash cannot be cracked, it will be searched in Google.

python findmyhash.py SHA1 -h A94A8FE5CCB19BA61C4C0873D391E987982FBBD3 -g

-> Try to crack multiple hashes using a file (one hash per line).

python findmyhash.py MYSQL -f mysqlhashesfile.txt

If you have an password in md5 hash and you need password in plain text for this there is lot of tool and online websites too but they wont crack all md5 hash if your hash exist in thier database they will give u plain text password but if not than u have to use some tool like here.

We are using a perl script to crack an hash so we had encrypted an text "r2/." into a md5 hash which is "5d28a1f53e24a8b0a85d0a53348d49ad" so here we will try to decrypt it again with perl in a plain text.

So first of all here we already know the length of text is 4 and it is included with specail characters like ". /" etc so our job will be easy but if we dont know the length and what kind of character included in hash then what? no problem we have some solution for that too ok lets began with first step if u are using linux here we are using back track for this first of all you need perl script so donalod and follow the steps to crack a hash i will try to explain each part of this script

(1)Download perl script from here.

(2)Make it exexcutable.

(3)open terminal & change directory where you download script.

(4)now type following command in terminal

perl md5crack.pl

you can see information about script.
(5)type following in terminal & hit enter.

perl md5crack.pl ad 1 3 900150983cd24fb0d6963f7d28e17f72

our command will be like this > perl md5crack.pl ad 1 3 900150983cd24fb0d6963f7d28e17f72

ad is charset if we will use ad option that means it will try only lowercase alphabets and all digits 0-9 now 1 is minimum lenth of hash character like a b c etc and 3 is maximum lenth of hash so this command will try all lowercase alpha numerical from 1 to 3 lenth so if password is like abc or ab9 tc it will show us result now lets see next command line

  (6)type following in terminal & hit enter.

perl md5crack.pl aA 3 3 900150983cd24fb0d6963f7d28e17f72

see here aA charset if we will use this option than it will try

lower,uppercase alpha numerical word like "Jt3" and minimum length 3 and maximum is 3 it means it will try like this aaa,aab,aac ............aAc etc now lets move on last command line

(7)Type following command in terminal.

perl md5crack.pl aAdx 1 10 900150983cd24fb0d6963f7d28e17f72

here is charset is aAdx it will try lower,upperalpha numerical and specail charater ./*-+& etc. here minimum lenth is 1 and maximum is 10 to it will start from a to aaaaaaaaaa the first command will finish our tast fast but if hash included only lowercase alpha numerical word secound will try uppercase so it will took more than first command and thrid one will took more then first and second command so how to finish our job fast ok for cracking an hash i will say use more shell in one time like see normaly an pass length will be minimum 4 digits so we can start from 4 and maximum may be 10 or more so here what to do we can use 6 shell in one time for first command i will give u example here.

(8)it`s our last example.

perl md5crack.pl 4 4 900150983cd24fb0d6963f7d28e17f72

perl md5crack.pl ad 4 4 <hash here> this command will try only 4 charcter lenght word so in second shell we can try 5 5 so that will try only 5 charcter lengh word

perl md5crack.pl ad 5 5 <hash here> like this we can use 6 6, 7 7, 8 8 , etc so minimum and maximum length will be same so task will be finish fast and it depend on charset what kind of charset you are trying like ad,aA or aAdx now as i told here i have an example to make understand>>> text= "r2/." and encrypted md5 hash is "5d28a1f53e24a8b0a85d0a53348d49ad" we will try to crack it again in plain text here we will try command line > perl md5crack.pl aAdx 4 4 5d28a1f53e24a8b0a85d0a53348d49ad