Showing posts with label password crack. Show all posts
Showing posts with label password crack. Show all posts

Pentbox installation & use:-


PenTBox is a Security Suite that packs security and stability testing oriented tools for networks and systems.Programmed in Ruby and oriented to GNU/Linux systems, but compatible with Windows, MacOS and every systems where Ruby works.

Main Features:-
- Cryptography tools
  • Base64 Encoder & Decoder
  • Multi-Digest (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
  • Hash Password Cracker (MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160)
  • Secure Password Generator


- Network tools
  • Net DoS Tester
  • TCP port scanner
  • Honeypot
  • Fuzzer
  • DNS and host gathering
  • MAC address geolocation (samy.pl)


- Web
  • HTTP directory bruteforce
  • HTTP common files bruteforce


How to install pentbox?

As mention earlier this framework is compatible in any system where ruby works.
So you have to install ruby in your system to use this tool.

svn co https://pentbox.svn.sourceforge.net/svnroot/pentbox/trunk/ pentbox

cd pentbox

svn update

./pentbox.rb


pentbox-1

Cryptography tool:-
web application penetration tests we often discover encoded Base64 strings. Such strings can contain important information that’s why we need to have a decoder in our tool repository.

If in some situation we obtain password in hash form , then pentbox has inbuilt module that can crack hash into plain text , it can also encrypt plain text in hash form. Supported hash are MD5, SHA1, SHA256, SHA384, SHA512, RIPEMD-160.

pentbox-2

Network tools:-
Available modules are Net DoS Tester TCP port scanner ,Honeypot,Fuzzer,DNS and host gathering,MAC address geolocation . For tcp port scan you should use NMAP , because it `s best tool for port scanning.
I like DNS and host gathering modules. It `s very fast & responsive.

pentbox-3

Web tools:-
This section contain two tools for information gathering.
HTTP directory brute-force (You can find directory of website)
HTTP common files brute-force .

How to crack any hash with help of online services?

How to crack any hash with help of online services?

findmyhash.py try to crack different types of hashes using free online services.

(1)Download it from here .

(2)Open terminal & change directory where you download tool , if we download tool in download folder then type in following command in terminal

cd Downloads

(3)python findmyhash.py


Accepted algorithms are:

MD4, MD5, SHA1, SHA256, RMD160, LM, NTLM, MYSQL, CISCO7 & JUNIPER

NOTE: for LM / NTLM it is recommended to introduce both values with this format:

python findmyhash.py LM -h 9a5760252b7455deaad3b435b51404ee:0d7f1f2bdeac6e574d6e18ca85fb58a7

python findmyhash.py NTLM -h 9a5760252b7455deaad3b435b51404ee:0d7f1f2bdeac6e574d6e18ca85fb58a7


Valid OPTIONS are:

-h <hash_value> If you only want to crack one hash, specify its value with this option.

-f <file> If you have several hashes, you can specify a file with one hash per line.

NOTE: All of them have to be the same type.

-g If your hash cannot be cracked, search it in Google and show all the results.

NOTE: This option ONLY works with -h (one hash input) option.


Examples:

-> Try to crack only one hash.

python findmyhash.py MD5 -h 098f6bcd4621d373cade4e832627b4f6

-> If the hash cannot be cracked, it will be searched in Google.

python findmyhash.py SHA1 -h A94A8FE5CCB19BA61C4C0873D391E987982FBBD3 -g

-> Try to crack multiple hashes using a file (one hash per line).

python findmyhash.py MYSQL -f mysqlhashesfile.txt

how to crack md5 hash in ubuntu?


If you have an password in md5 hash and you need password in plain text for this there is lot of tool and online websites too but they wont crack all md5 hash if your hash exist in thier database they will give u plain text password but if not than u have to use some tool like here.

We are using a perl script to crack an hash so we had encrypted an text "r2/." into a md5 hash which is "5d28a1f53e24a8b0a85d0a53348d49ad" so here we will try to decrypt it again with perl in a plain text.

So first of all here we already know the length of text is 4 and it is included with specail characters like ". /" etc so our job will be easy but if we dont know the length and what kind of character included in hash then what? no problem we have some solution for that too ok lets began with first step if u are using linux here we are using back track for this first of all you need perl script so donalod and follow the steps to crack a hash i will try to explain each part of this script

(1)Download perl script from here.

(2)Make it exexcutable.

(3)open terminal & change directory where you download script.

(4)now type following command in terminal

perl md5crack.pl

you can see information about script.
 

(5)type following in terminal & hit enter.

perl md5crack.pl ad 1 3 900150983cd24fb0d6963f7d28e17f72

our command will be like this > perl md5crack.pl ad 1 3 900150983cd24fb0d6963f7d28e17f72

ad is charset if we will use ad option that means it will try only lowercase alphabets and all digits 0-9 now 1 is minimum lenth of hash character like a b c etc and 3 is maximum lenth of hash so this command will try all lowercase alpha numerical from 1 to 3 lenth so if password is like abc or ab9 tc it will show us result now lets see next command line

 
crack-md5-hash-in-ubuntu


(6)type following in terminal & hit enter.

perl md5crack.pl aA 3 3 900150983cd24fb0d6963f7d28e17f72

see here aA charset if we will use this option than it will try

lower,uppercase alpha numerical word like "Jt3" and minimum length 3 and maximum is 3 it means it will try like this aaa,aab,aac ............aAc etc now lets move on last command line

(7)Type following command in terminal.

perl md5crack.pl aAdx 1 10 900150983cd24fb0d6963f7d28e17f72

here is charset is aAdx it will try lower,upperalpha numerical and specail charater ./*-+& etc. here minimum lenth is 1 and maximum is 10 to it will start from a to aaaaaaaaaa the first command will finish our tast fast but if hash included only lowercase alpha numerical word secound will try uppercase so it will took more than first command and thrid one will took more then first and second command so how to finish our job fast ok for cracking an hash i will say use more shell in one time like see normaly an pass length will be minimum 4 digits so we can start from 4 and maximum may be 10 or more so here what to do we can use 6 shell in one time for first command i will give u example here.

(8)it`s our last example.

perl md5crack.pl 4 4 900150983cd24fb0d6963f7d28e17f72

perl md5crack.pl ad 4 4 <hash here> this command will try only 4 charcter lenght word so in second shell we can try 5 5 so that will try only 5 charcter lengh word

perl md5crack.pl ad 5 5 <hash here> like this we can use 6 6, 7 7, 8 8 , etc so minimum and maximum length will be same so task will be finish fast and it depend on charset what kind of charset you are trying like ad,aA or aAdx now as i told here i have an example to make understand>>> text= "r2/." and encrypted md5 hash is "5d28a1f53e24a8b0a85d0a53348d49ad" we will try to crack it again in plain text here we will try command line > perl md5crack.pl aAdx 4 4 5d28a1f53e24a8b0a85d0a53348d49ad 

How to Recover Windows 7 password in ubuntu?


(1)First boot from Ubuntu O.S from live cd.

(2)Open Ubuntu Software Center . Search for CHNTPW . Install package. If you donot have internet  connection on password lost pc then download from  here.

(3)now open terminal. & type following command    
 cd /media/"drive name of windows 7 partion"/Windows /System32/config
please use your drive name of partion in which windows 7 is installed without quote.

(4)now type  sudo chntpw SAM . AND press ENTER. NOW press 1. & restart pc.


        

How To Recover Windows 7 password?


Here is the Tutorial how recover forgotten password of xp,vista, win 7?

(1)First you have to boot from another O.S like ubuntu, back track or any other which come in live cd format.Run O.S from cd.( you can also run O.S from pendrive ,it`s faster than cd)

(2)Copy "sam" & "system" file from this location C:/WINDOWS/SYSTEM 32/CONFIG (this files contain your password in NTML hash form) and save it in your pendrive.


(3)Now  We Want to get hashes from this file , there are different types of software available based on O.S. For windows i recommended  you "sam inside" .It`s easy to use. Download from here.

(4)Now you need other computer to run this file ,because it`s windows compatible program, so copy this "sam" & "system" file &this program in pendrive.

(5)Now open pendrive in your friend`s computer who has windows . Unzip sam inside & run the program.

(6)Now Import sam & system file in this software. it will show you username & passwords in hashes  form.

(7)now next step is to crack hashes. for this purpose you can use tools or online hash cracker.HERE is the   LIST OF ONLINE HASH CRACKER.(please view NTML HASH CRACKER).If you cannot crack online you should use tools like john the ripper , cain & able etc.

BUT IF YOU CANNOT DO THAT , THEN EASY WAY IS DOWNLOAD Ophacrack iso file form here. Burn into a cd and reboot pc. IT will do automatically for you.

still you cannot do this send me sam & system file , i will give you password. :)

Online Hash Crackers

Cracker Hashes
Tobtu50,529,455,839
TMTO36,436,233,567
MD5Decrypter(uk)8,700,000,000
OnlineHashCrack5,211,644,250
AuthSecu500,000,000



MD5th
400,000,000
NetMD5crack171,392,210
Kalkulators100,000,000
Rednoize76,834,449
Gromweb45,543,530
hash-cracker.com40,000,000
Crackfoo -NNC38,227,555
MD5Rainbow33,517,066
Digitalsun31,000,000
Sans20,264,963
Crackfor.me16,173,854
MD5-lookup8,796,772
MD5decrypter8,103,123
MD5-db5,500,000
MD5-decrypter3,400,000
HashCracking.ru3,585,150
Shalla2,218,319
Hash-Database1,635,062
MD5decryption1,300,000
Drasen568,064
MD5finder429,477
MD5pass327,497
Bokehman230,000
Shell-Storm154,994
AppspotMulti
NoisetteMulti
MD5crackMulti
KinginfetMulti
VHCTeam?
Longgie?
RAH-Labs?
Wordd?
Anqel?
CMD5?
web-security-services?
MD5online?
MD5.my-addr?
C0llision?
MD5hood?
Schwett?
TheKaine?
Fox21?



NTLM
Cracker Hashes
MD5decrypter(uk)8,700,000,000
OnlineHashCrack5,211,644,250
hash-cracker.com40,000,000
Fox21?
LMCrack?
CMD5?



LM
Cracker Hashes
OnlineHashCrack5,211,644,250
NiceNameCrew?
C0llision?
Fox21?



SHA1
Cracker Hashes
MD5Decrypter(uk)8,700,000,000
Rednoize76,838,852
hash-cracker.com40,000,000
Sans20,264,963
SHA1-Lookup18,949,380
HashCracking.ru3,585,150
Hash-Database1,635,065
CMD5?
StringFunction?
Web-Security-Services?



SHA256-512
Cracker Hashes
Hash-Database1,635,067
Shalla1,143,472



MySQL
Cracker Hashes
OnlineHashCrack5,211,644,250
Hashcrack30,654,899
HashCracking.ru3,585,150
CMD5?