Hash Brute Forcer MD5 , MD2 , MD4 , SHA1 etc ..
©2011, copyright BLACK BURN
<?php/* Cracker page * PHP cracker.. hmmm.. * * author: Revres Tanur ©2010 */ @error_reporting(0); @set_time_limit(60); function sendpost($url, $data, $optional_headers = null){ $params = array('http' => array( 'method' => 'POST', 'content' => $data )); if ($optional_headers!== null) { $params['http']['header'] = $optional_headers; } $ctx = @stream_context_create($params); $fp = @fopen($url, 'rb', false, $ctx); $response = @stream_get_contents($fp); return $response; } function getkerinci($hash){ $data = "hash=".$hash."&search=Search"; $result = sendpost("http://tools.kerinci.net/?x=md5", $data); if(preg_match("/<td>result:<\/td><td>(.*)<\/td><\/tr>/",$result,$h)){ if(!preg_match("/not\s?found/i",$h[1])) return $h[1]; } else return ""; } function gethashkiller($hash){ $data = "oc_check_md5=".$hash."&oc_submit=Search MD5"; $result = sendpost("http://opencrack.hashkiller.com/", $data); if(preg_match("/<div class=\"result\">([0-9a-fA-F]{32}) ;) .*)<br\/>/",$result,$h)){ return $h[2]; } else return ""; } function getmd5crack($hash){ $data = "term=".$hash."&crackbtn=Crack that hash baby!"; $result = sendpost("http://www.md5crack.com/crackmd5.php", $data); if(preg_match("/md5\(\"(.*)\"\).*[a-fA-F0-9]/",$result,$h)){ return $h[1]; } else return ""; } function gethashcrack($hash){ $data = "hash=".$hash."&submit=Submit"; $result = sendpost("http://hashcrack.com/index.php", $data); if(preg_match("/<span class=hervorheb2>(.*)<\/span><\/div><\/TD>/",$result,$h)){ return $h[1]; } else return ""; } function kataberikutnya($kata,$karakter){ $x = strlen($kata) - 1; $pjkar = strlen($karakter); for($i=0;$i<strlen($kata);$i++){ $bantu[] = strpos($karakter, $kata[$i]); } do{ $n = (int) $bantu[$x]; $bantu[$x] = ($n+1) % $pjkar; $kata[$x] = $karakter[$bantu[$x]]; $n = (int) $bantu[$x]; if($n==0){ $nambah = true; $x--; if($x<0){ $nambah = false; array_unshift($bantu,0); $kata = $karakter[0].$kata; } } else $nambah = false; }while($nambah); return $kata; } // get this on http://www.openwall.com/phpass/ class PasswordHash { var $itoa64; var $iteration_count_log2; var $portable_hashes; var $random_state; var $temphash; function PasswordHash($iteration_count_log2, $portable_hashes) { $this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31) $iteration_count_log2 = 8; $this->iteration_count_log2 = $iteration_count_log2; $this->portable_hashes = $portable_hashes; $this->random_state = microtime() . getmypid(); } function get_random_bytes($count) { $output = ''; if (is_readable('/dev/urandom') && ($fh = @fopen('/dev/urandom', 'rb'))) { $output = fread($fh, $count); fclose($fh); } if (strlen($output) < $count) { $output = ''; for ($i = 0; $i < $count; $i += 16) { $this->random_state = md5(microtime() . $this->random_state); $output .= pack('H*', md5($this->random_state)); } $output = substr($output, 0, $count); } return $output; } function encode64($input, $count) { $output = ''; $i = 0; do { $value = ord($input[$i++]); $output .= $this->itoa64[$value & 0x3f]; if ($i < $count) $value |= ord($input[$i]) << 8; $output .= $this->itoa64[($value >> 6) & 0x3f]; if ($i++ >= $count) break; if ($i < $count) $value |= ord($input[$i]) << 16; $output .= $this->itoa64[($value >> 12) & 0x3f]; if ($i++ >= $count) break; $output .= $this->itoa64[($value >> 18) & 0x3f]; } while ($i < $count); return $output; } function gensalt_private($input) { $output = '$P$'; $output .= $this->itoa64[min($this->iteration_count_log2 + ((PHP_VERSION >= '5') ? 5 : 3), 30)]; $output .= $this->encode64($input, 6); return $output; } function crypt_private($password, $setting) { $output = '*0'; if (substr($setting, 0, 2) == $output) $output = '*1'; if (substr($setting, 0, 3) != '$P$') return $output; $count_log2 = strpos($this->itoa64, $setting[3]); if ($count_log2 < 7 || $count_log2 > 30) return $output; $count = 1 << $count_log2; $salt = substr($setting, 4, 8); if (strlen($salt) != 8) return $output; if (PHP_VERSION >= '5') { $hash = md5($salt . $password, TRUE); do { $hash = md5($hash . $password, TRUE); } while (--$count); } else { $hash = pack('H*', md5($salt . $password)); do { $hash = pack('H*', md5($hash . $password)); } while (--$count); } $output = substr($setting, 0, 12); $output .= $this->encode64($hash, 16); return $output; } function gensalt_extended($input) { $count_log2 = min($this->iteration_count_log2 + 8, 24); $count = (1 << $count_log2) - 1; $output = '_'; $output .= $this->itoa64[$count & 0x3f]; $output .= $this->itoa64[($count >> 6) & 0x3f]; $output .= $this->itoa64[($count >> 12) & 0x3f]; $output .= $this->itoa64[($count >> 18) & 0x3f]; $output .= $this->encode64($input, 3); return $output; } function gensalt_blowfish($input) { $itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; $output = '$2a$'; $output .= chr(ord('0') + $this->iteration_count_log2 / 10); $output .= chr(ord('0') + $this->iteration_count_log2 % 10); $output .= '$'; $i = 0; do { $c1 = ord($input[$i++]); $output .= $itoa64[$c1 >> 2]; $c1 = ($c1 & 0x03) << 4; if ($i >= 16) { $output .= $itoa64[$c1]; break; } $c2 = ord($input[$i++]); $c1 |= $c2 >> 4; $output .= $itoa64[$c1]; $c1 = ($c2 & 0x0f) << 2; $c2 = ord($input[$i++]); $c1 |= $c2 >> 6; $output .= $itoa64[$c1]; $output .= $itoa64[$c2 & 0x3f]; } while (1); return $output; } function HashPassword($password) { $random = ''; if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) { $random = $this->get_random_bytes(16); $hash = crypt($password, $this->gensalt_blowfish($random)); if (strlen($hash) == 60) return $hash; } if (CRYPT_EXT_DES == 1 && !$this->portable_hashes) { if (strlen($random) < 3) $random = $this->get_random_bytes(3); $hash = crypt($password, $this->gensalt_extended($random)); if (strlen($hash) == 20) return $hash; } if (strlen($random) < 6) $random = $this->get_random_bytes(6); $hash = $this->crypt_private($password, $this->gensalt_private($random)); if (strlen($hash) == 34) return $hash; return '*'; } function CheckPassword($password, $stored_hash) { $hash = $this->crypt_private($password, $stored_hash); if ($hash[0] == '*') $hash = crypt($password, $stored_hash); $this->temphash = $hash; return $hash == $stored_hash; } } function md4($plain) { return hash('md4',$plain); } function md2($plain) { return hash('md2',$plain); } function ntlm($plain){ $plain=iconv('UTF-8','UTF-16LE',$plain); $md4=md4($plain);; return $md4; } function lm($plain) { $string = substr($plain,0,14); $p1 = LMhash_DESencrypt(substr($string, 0, 7)); $p2 = LMhash_DESencrypt(substr($string, 7, 7)); return $p1.$p2; } function LMhash_DESencrypt($string) { $key = array(); $tmp = array(); $len = strlen($string); for ($i=0; $i<7; ++$i) $tmp[] = $i < $len ? ord($string[$i]) : 0; $key[] = $tmp[0] & 254; $key[] = ($tmp[0] << 7) | ($tmp[1] >> 1); $key[] = ($tmp[1] << 6) | ($tmp[2] >> 2); $key[] = ($tmp[2] << 5) | ($tmp[3] >> 3); $key[] = ($tmp[3] << 4) | ($tmp[4] >> 4); $key[] = ($tmp[4] << 3) | ($tmp[5] >> 5); $key[] = ($tmp[5] << 2) | ($tmp[6] >> 6); $key[] = $tmp[6] << 1; $is = mcrypt_get_iv_size(MCRYPT_DES, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($is, MCRYPT_RAND); $key0 = ""; foreach ($key as $k) $key0 .= chr($k); $crypt = mcrypt_encrypt(MCRYPT_DES, $key0, "KGS!@#$%", MCRYPT_MODE_ECB, $iv); return bin2hex($crypt); } function checkhash($typ,$hash,$plain){ if($typ=="md5"){ $hash_ = strtolower(md5($plain)); $hash = strtolower($hash); if($hash != $hash_) return $hash_; } elseif($typ=="md4"){ $hash_ = strtolower(md4($plain)); $hash = strtolower($hash); if($hash != $hash_) return $hash_; } elseif($typ=="md2"){ $hash_ = strtolower(md2($plain)); $hash = strtolower($hash); if($hash != $hash_) return $hash_; } elseif($typ=="md5x2"){ $hash_ = strtolower(md5(md5($plain))); $hash = strtolower($hash); if($hash != $hash_) return $hash_; } elseif($typ=="ntlm"){ $hash_ = strtolower(ntlm($plain)); $hash = strtolower($hash); if($hash != $hash_) return $hash_; } elseif($typ=="lm"){ $hash_ = strtolower(lm($plain)); $hash = strtolower($hash); if($hash != $hash_) return $hash_; } elseif($typ=="sha1"){ $hash_ = strtolower(sha1($plain)); $hash = strtolower($hash); if($hash != $hash_) return $hash_; } elseif($typ=="wordpress"){ $hasher = new PasswordHash(8, FALSE); $check = $hasher->CheckPassword($plain, $hash); if(!$check) return $hasher->temphash; } return "ok"; } if(isset($_GET['hash'])&&($_GET['hash']!="")){ if(isset($_GET['type'])){ $batas = 1; $cinta = trim($_GET['cinta']); $karakter = trim($_GET['karakter']); $digit = trim($_GET['digit']); $hashtype = strtolower(trim($_GET['type'])); if(($karakter == "") || ($digit == "") || (!is_numeric($digit))){ echo "_finish_|input error"; die(); } $md = substr($hashtype,0,2); if(($md == "md") || ($hashtype=="ntlm") || ($hashtype=="lm")){ $batas = 111111; if($hashtype == "lm"){ $batas = 1111; $karakter = strtoupper($karakter); } $hash = trim($_GET['hash']); if($cinta == ""){ if(!preg_match("/^[0-9a-fA-F]{32}$/i",$hash)){ echo "_finish_|not a valid ".$hashtype." hash"; die(); } if($hashtype != "md5"){ echo "Status ".": bruteforcing..."; die(); } } } elseif($hashtype == "sha1"){ $batas = 111111; $hash = trim($_GET['hash']); $hash = str_replace("*","",$hash); if($cinta == ""){ if(!preg_match("/^[0-9a-fA-F]{40}$/i",$hash)){ echo "_finish_|not a valid ".$hashtype." hash"; die(); } } } elseif($hashtype == "wordpress"){ $batas = 222; $hash = trim($_GET['hash']); if($cinta == ""){ if(preg_match("/^\\\$P\\\$(.*)$/",$hash,$h)){ if(!preg_match("/^[\.\/0-9a-zA-Z]{31}$/i",$h[1])){ echo "_finish_|not a valid ".$hashtype." hash"; die(); } } else { echo "_finish_|not a valid ".$hashtype." hash"; die(); } echo "Status ".": bruteforcing..."; die(); } } else{ echo "_finish_|hash not supported"; die(); } if($cinta == ""){ $res = trim(getkerinci($hash)); if($res != ""){ echo "_finish_|".$hash.":".$res; die(); } $res = trim(gethashkiller($hash)); if($res != ""){ echo "_finish_|".$hash.":".$res; die(); } $res = trim(getmd5crack($hash)); if($res != ""){ echo "_finish_|".$hash.":".$res; die(); } $res = trim(gethashcrack($hash)); if($res != ""){ echo "_finish_|".$hash.":".$res; die(); } echo "Status ".": bruteforcing..."; die(); } elseif(trim($cinta) == "bruteforcing..."){ if($digit==1){ for($i=0;$i<strlen($karakter);$i++){ $check = checkhash($hashtype,$hash,$karakter[$i]); if($chech == "ok"){ echo "_finish_|".$hash.":".$karakter[$i]; die(); } } } $kata = ""; for($i=0;$i<$digit;$i++) $kata .= $karakter[0]; } else $kata = $cinta; if(strlen($kata) > 16){ echo "_finish_|max char length = 16".$kata; die(); } $check = ""; for($i=0;$i<$batas;$i++){ $check = checkhash($hashtype,$hash,$kata); if($check == "ok"){ echo "_finish_|".$hash.":".$kata; die(); } $kata = kataberikutnya($kata,$karakter); } echo $check.":".$kata; die(); } else{ echo "_finish_|hash type not specified"; die(); // gagal son... } die(); // gagal maning gagal maning } ?><html> <head><title>Hash Cracker</title> <link rel="shortcut icon" href="../favicon.ico"> <!-- <?php echo date("Y",time()); ?> Revan Aditya --> <script type="text/javascript"> jalan = false; cinta = ""; function ajax(vars, cnt, cbFunction){ var req = window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject("MSXML2.XMLHTTP.3.0"); var querystring = '?' + vars + '&cinta=' + cnt; req.open("GET", querystring , true); req.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); req.onreadystatechange = function(){ if (req.readyState == 4 && req.status == 200){ if (req.responseText){ cbFunction(req.responseText,vars,cnt); } } } req.send(null); } function showResult(str, vars, cnt){ var box = document.getElementById("status") if(str.match(/Warning|Fatal/gi)) box.innerHTML = '<span class=\"red\">*** </span> error...<br />'; else box.innerHTML = str; var pos = str.indexOf(":") + 1; cinta = str.substring(pos); if(!jalan){ box.innerHTML = '<span class=\"red\">*** </span> paused...<br />'; document.getElementById("loading").style.visibility = 'hidden'; document.getElementById("btnOk").value = "Resume"; } else { if(!str.match(/.*finish.*/gi)){ brute(vars); } else{ jalan = false; var pesan = str.substring(str.indexOf("|") + 1); box.innerHTML = '<span class=\"red\">*** </span> finish ( ' + pesan + ' )<br />'; document.getElementById("loading").style.visibility = 'hidden'; document.getElementById("btnOk").value = "Start"; document.getElementById("hash").readOnly = false; document.getElementById("karakter").readOnly = false; document.getElementById("digit").readOnly = false; document.getElementById("hashtype").disabled = false; cinta = ""; } } } function keyHandler(ev){ if (!ev){ ev = window.event; } if (ev.which){ keycode = ev.which; } else if (ev.keyCode){ keycode = ev.keyCode; } if (keycode == 13){ sikat(); } } String.prototype.trim = function() { return this.replace(/^\s*|\s*$/g, ""); } function brute(xdata){ if(jalan){ ajax(xdata, cinta, showResult); } } function sikat(){ var btext = document.getElementById("btnOk"); if((btext.value == 'Start') || (btext.value == 'Resume')){ if(btext.value == 'Start') cinta = ""; if(!jalan){ var target = document.getElementById('hash'); target.value = target.value.trim(); var karakter = document.getElementById('karakter'); karakter.value = embatsikembar(karakter.value); var digit = document.getElementById('digit'); var hashtype = document.getElementById("hashtype"); if(target.value.trim().length>0) { var boxres = document.getElementById("result") var status = document.getElementById("status"); status.innerHTML = 'Please wait... preparing...'; boxres.innerHTML = 'Hash : ' + entity(target.value) + '<br />'; boxres.innerHTML += 'Char : ' + entity(karakter.value) + '<br />'; boxres.innerHTML += 'Length : ' + digit.value + '<br />'; boxres.innerHTML += 'Type : ' + hashtype.value; document.getElementById("loading").style.visibility = 'visible'; document.getElementById("btnOk").value = "Pause"; target.readOnly = true; karakter.readOnly = true; digit.readOnly = true; hashtype.disabled = true; jalan = true; brute('hash=' + encodeURIComponent(target.value) + '&karakter=' + encodeURIComponent(karakter.value) + '&digit=' + encodeURIComponent(digit.value) + '&type=' + encodeURIComponent(hashtype.value)); } } else alert("Please stop first..."); } else { berhenti(); } } function initpg(){ document.onkeypress = keyHandler; } function entity(txt){ return txt.replace(/</g, "<").replace(/>/g, ">"); } function berhenti(){ jalan = false; } function bersih(){ var tanya = confirm("Clear results and restart?"); if(tanya == true) location.href = 'index.php'; } function embatsikembar(str){ var hasil = ''; for(i = 0; i<str.length ; i++){ if(hasil.indexOf(str[i]) < 0) hasil += str[i]; } return hasil; } </script> <style type="text/css"> *{ background:url('../images/bg.gif') #111; font-family: Lucida Console,Tahoma; color:#bbb; font-size:11px; text-align:left; } input,select,textarea{ border:0; border:1px solid #900; color:#fff; background:#000; margin:0; padding:2px 4px; } input:hover,textarea:hover,select:hover{ background:#200; border:1px solid #f00; } option{ background:#000; } .red{ color:#f00; } .white{ color:#fff; } a{ text-decoration:none; } a:hover{ border-bottom:1px solid #900; border-top:1px solid #900; } #status{ width:100%; height:auto; padding:4px 0; border-bottom:1px solid #300; } #result a{ color:#777; } .sign{ color:#222; } #box{ margin:10px 0 0 0; } </style> </head> <body onload="initpg();"> <div id="result"></div> <div id="status"></div> <div id="box"> <input type="text" name="hash" id="hash" value="" style="width:400px;" title="Give a keyword to search..." /> <select name="hashtype" id="hashtype"> <option value="MD5" />MD5</option> <option value="MD5x2" />MD5(MD5)</option> <option value="MD4" />MD4</option> <option value="MD2" />MD2</option> <option value="SHA1" />SHA1</option> <option value="NTLM" />NTLM</option> <option value="LM" />LM</option> <option value="Wordpress" />Wordpress</option> </select> <input type="submit" id="btnOk" name="btnOk" value="Start" onclick="sikat();" style="width:70px;text-align:center;" /> <input type="submit" name="btnClear" value="Restart" onclick="bersih();" style="width:70px;text-align:center;" /> <span class="sign">revres</span><span class="red">.</span><span class="sign">tanur</span> <img src="../images/loading.gif" alt="" style="margin:0;padding:0;vertical-align:middle;visibility:hidden;" id="loading" title="loading..." /> <table> <tr><td style="width:50px;">Char</td><td><input style="width:280px;" type="text" name="karakter" id="karakter" value="abcdefghijklmnopqrstuvwxyz" /></td></tr> <tr><td>Length</td><td><input style="width:30px;" type="text" name="digit" id="digit" value="4" maxlength="2" /></td></tr> </table> </div> <!-- aku suka kamu suka sudah jangan bilang syapaa syapaaa... --> </body> </html>
©2011, copyright BLACK BURN
Are you trying to make cash from your visitors with popunder ads?
ReplyDeleteIn case you are, have you tried using Clickadu?