Leaderboard

Aplicatia primeste o lista de hash-uri MD5 simple si le verifica pe situri care pastreaza liste mari cu hash-uri decriptate. El acceseaza siturile folosind wget asa ca aveti mai jos link de download. Fisierul de intrare trebuie sa fie o simpla lista de hash-uri despartite de enter. Aplicatia considera ca primele 32 caractere din linie reprezinta un hash md5 si al 33-lea un separator. Daca hash-ul este urmat de o parola, pentru rapiditate acesta va salvat ca atare, fara verificare. Fisierul rezultat continand hash-uri md5 si parolele asociate poate fi folosit ca fisier de intrare pentru updatarea listei mai tarziu. Am folosit virgula ca separator deoarece salvat cu extensia CSV poate fi deschis si modificat usor folosind Excell Lista de situri o puteti actualiza simplu din sursa. Conteaza insa ca situl sa primeasca hash-ul in link (prin GET). Am comentat sursa detaliat, in engleza (moftu meu). Executie: hashlist primeste 2 parametri: fisier de intrare si de iesire hashlist example.txt updated.txt - va crea un fisier updated.txt hashlist example.txt - va crea un fisier output.txt (nume predefinit) Optimizari: - o variabila numerica scan e folosita pentru a alege situl. Daca un hash este gasit pe un site, acelasi site va fi folosit si pentru urmatorul hash. Daca nu, ea se va incrementa modulo 5 (nr de situri) selectandu-l pe urmatorul. Daca hash-ul respectiv nu exista pe niciun site scan se va decrementa pentru ca urmatorul hash sa fie testat pe ultimul site care a avut succes. In felul acesta siturile de succes au putin mai multa prioritate. Download: IMPORTANT (salvati in system32 sau in directorul curent): wget (1.11.4) hashlist.zip: exe compilat cu bcc32, sursa c si o lista de hash-uri md5: FileShare hashlist.zip /***** (c) loki *****/ #include <stdio.h> #include <string.h> #define MAX_DWNLOAD_SIZE 16384 #define SITE_COUNT 5 int strfrom(char*,char*,char*,char*); int searchsite(char*,char*,char); /* *sites is a 5 column table: 1) Site accepting hashes in GET form. %s replaces the hash 2) The string just before the password (should be the first occurence in the page source) 3) The string just after the password 4) Value found in page if the password was not found 5) A comment to be printed on screen when the hash was decrypted. I used the site name between brackets change SITE_COUNT value whenever you add a new md5 site. */ char *sites[SITE_COUNT][5]={ {"http://gdataonline.com/qkhash.php?mode=txt&hash=%s","</td><td width=\"35%\"><b>","</b></td></tr>","????","(gdataonline.com)"}, {"http://md5.gromweb.com/query/%s","","","","(md5.gromweb.com)"}, {"http://%s.haq4u.com","reverse MD5 is <a href=\"http://",".haq4u.com\">","","(haq4u,com)"}, {"http://decryptpassword.com/decrypt/%s","<a href=\"http://www.encryptpassword.com/encrypt/md5/","\" title=\"","","(decryptpassword.com)"}, {"http://md5.rednoize.com/?q=%s","<div id=\"result\" >","</div>","","(md5.rednoize.com)"}}; char buffer[MAX_DWNLOAD_SIZE],y,found,scan,hash[33],pass[256]; FILE *f,*o; long x=0; int main(int argc, char *argv[]) { if((argc<2)||(argc>3)) { printf("Usage: hashlist.exe input.txt [output.txt]\n"); return 1; } if(argc==3) if(!(o=fopen(argv[2],"wt"))) return 1; else; else if(!(o=fopen("output.txt","wt"))) return 1; else; if(!(f=fopen(argv[1],"rt"))) return 1; scan=0; // counts the current searching site for(;!feof(f);x++) { pass[0]=0; fscanf(f,"%s",pass); strncpy(hash, pass,32); strcpy( pass, pass+32+(pass[32]!='\0')); hash[32]='\0'; found=0; if(hash[0]) { if(!pass[0]) { for(y=0;(y<SITE_COUNT)&&(!found);y++) if(!searchsite(hash,pass,scan)) found=scan+1; else scan=(scan+1)%SITE_COUNT; if(!found) scan=(scan+SITE_COUNT-1)%SITE_COUNT; } printf("%d) %s,%s %s\r\n",x,hash,pass,(found)?sites[found-1][4]:""); fprintf(o,"%s,%s\n",hash,pass); } } fclose(f); fclose(o); return 0; } int strfrom(char *s1,char *s2,char *from,char *result) { char *p,*q; if(*s1) { p=strstr(from,s1); if(!p) { result[0]='\0'; return 1;} p+=+strlen(s1); } else p=from; if(*s2) { q=strstr(p,s2); if(!q) { result[0]='\0'; return 1;} } else q=p+strlen(p); strncpy(result,p,q-p); result[q-p]='\0'; return 0; } int searchsite(char *hash,char *pass, char id) { FILE *g; char comm[256], link[256]; int read; sprintf(link,sites[id][0],hash); sprintf(comm,"wget -U --user-agent=Mozilla -q -O page \"%s\"",link); system(comm); if(!(g=fopen("page","r"))) return 2; buffer[fread(buffer,1,MAX_DWNLOAD_SIZE,g)]='\0';fclose(g); strfrom(sites[id][1],sites[id][2],buffer,pass); if(!strcmp(pass,sites[id][3])) pass[0]='\0'; return !pass[0]; } Exemplu de lista de hash-uri acceptata: 47eb752bac1c08c75e30d9624b3e58b7,simone 1239fccd6f16f801b76199c1060d60d5 aab46b9f1bfa437814257faa4f45a06e,586666 5f532a3fc4f1ea403f37070f59a7a53a 8e15625d6c158ec48f374efb77bd2714,blank d1d2fd86103dca73ce95f717d2c7c624 a0454db87986842b646aed9e84a54eb8 ff0d813dd5d2f64dd372c6c4b6aed086 4297f44b13955235245b2497399d7a93,123123 85964989611934e09fd33690cd7aa279 f1a991821c018290bd4f2ab128f14eb7 147dcec41fe5fa5c462ec7e45dd42548