<?php
set_time_limit(0); /////////////////////////////////////////////////
//
// md5(md5(salt) + md5(password)) bruteforcer
// coder: sp1r1t
// www.security-shell.com
// version: 1.0
// this script works only if hashing is done like this md5(md5(salt) + md5(password))
//
/////////////////////////////////////////////////
// INSERT YOUR HASH AND SALT HERE: $hash = ""; $salt = ""; // STEALTH MODE ON=1 OFF=0 (if stealth is ON, cpu usage will be low and normal, but bruteforcer will be slower, if stealth mode is OFF, cpu usage will be 100% but bruteforcer will be faster) $stealth = 0; //
// ARRAYS WITH CHARACTERS TO USE IN BRUTEFORCING PROCESS | IF YOU ADD YOUR ARRAY MAKE SURE YOU PUT IT IN ARRAY_MERGE FUNCTION TO JOIN THE OTHER ARRAYS $lower = array('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z'); $numeric = array('0','1','2','3','4','5','6','7','8','9'); $upper = array('A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z'); $GTFO = array_merge($lower, $numeric, $upper); //
// KEEP AWAY FROM THIS PIECE OF CODE IF YOU DON'T KNOW WHAT YOU'RE DOING $found = 0; $count = count($GTFO); $hash = strtolower($hash);
if(strlen($hash) == 32) { //----------------------------------------------1-------------------------------------------------- for($i1=0;$i1<$count;$i1++) {
if(md5(md5($salt).md5($GTFO[$i1])) == $hash) {
writetofile("$hash : ".$GTFO[$i1],$salt);
$found = 1;
break;
}
if($stealth == 1) usleep(1);
} //----------------------------------------------2-------------------------------------------------- if($found != 1)
for($i20=0;$i20<$count;$i20++)
for($i21=0;$i21<$count;$i21++) {
if(md5(md5($salt).md5($GTFO[$i20].$GTFO[$i21])) == $hash) {
writetofile("$hash : ".$GTFO[$i20].$GTFO[$i21],$salt);
$found = 1;
break;
}
if($stealth == 1) usleep(1);
} //----------------------------------------------3-------------------------------------------------- if($found != 1)
for($i30=0;$i30<$count;$i30++)
for($i31=0;$i31<$count;$i31++)
for($i32=0;$i32<$count;$i32++) {
if(md5(md5($salt).md5($GTFO[$i30].$GTFO[$i31].$GTFO[$i32])) == $hash) {
writetofile("$hash : ".$GTFO[$i30].$GTFO[$i31].$GTFO[$i32],$salt);
$found = 1;
break;
}
if($stealth == 1) usleep(1);
} //----------------------------------------------4-------------------------------------------------- if($found != 1)
for($i40=0;$i40<$count;$i40++)
for($i41=0;$i41<$count;$i41++)
for($i42=0;$i42<$count;$i42++)
for($i43=0;$i43<$count;$i43++) {
if(md5(md5($salt).md5($GTFO[$i40].$GTFO[$i41].$GTFO[$i42].$GTFO[$i43])) == $hash) {
writetofile("$hash : ".$GTFO[$i40].$GTFO[$i41].$GTFO[$i42].$GTFO[$i43],$salt);
$found = 1;
break;
}
if($stealth == 1) usleep(1);
} //----------------------------------------------5-------------------------------------------------- if($found != 1)
for($i50=0;$i50<$count;$i50++)
for($i51=0;$i51<$count;$i51++)
for($i52=0;$i52<$count;$i52++)
for($i53=0;$i53<$count;$i53++)
for($i54=0;$i54<$count;$i54++) {
if(md5(md5($salt).md5($GTFO[$i50].$GTFO[$i51].$GTFO[$i52].$GTFO[$i53].$GTFO[$i54])) == $hash) {
writetofile("$hash : ".$GTFO[$i50].$GTFO[$i51].$GTFO[$i52].$GTFO[$i53].$GTFO[$i54],$salt);
$found = 1;
break;
}
if($stealth == 1) usleep(1);
} //----------------------------------------------6-------------------------------------------------- if($found != 1)
for($i60=0;$i60<$count;$i60++)
for($i61=0;$i61<$count;$i61++)
for($i62=0;$i62<$count;$i62++)
for($i63=0;$i63<$count;$i63++)
for($i64=0;$i64<$count;$i64++)
for($i65=0;$i65<$count;$i65++) {
if(md5(md5($salt).md5($GTFO[$i60].$GTFO[$i61].$GTFO[$i62].$GTFO[$i63].$GTFO[$i64].$GTFO[$i65])) == $hash) {
writetofile("$hash : ".$GTFO[$i60].$GTFO[$i61].$GTFO[$i62].$GTFO[$i63].$GTFO[$i64].$GTFO[$i65],$salt);
$found = 1;
break;
}
if($stealth == 1) usleep(1);
} //----------------------------------------------7-------------------------------------------------- if($found != 1)
for($i70=0;$i70<$count;$i70++)
for($i71=0;$i71<$count;$i71++)
for($i72=0;$i72<$count;$i72++)
for($i73=0;$i73<$count;$i73++)
for($i74=0;$i74<$count;$i74++)
for($i75=0;$i75<$count;$i75++)
for($i76=0;$i76<$count;$i76++) {
if(md5(md5($salt).md5($GTFO[$i70].$GTFO[$i71].$GTFO[$i72].$GTFO[$i73].$GTFO[$i74].$GTFO[$i75].$GTFO[$i76])) == $hash) {
writetofile("$hash : ".$GTFO[$i70].$GTFO[$i71].$GTFO[$i72].$GTFO[$i73].$GTFO[$i74].$GTFO[$i75].$GTFO[$i76],$salt);
$found = 1;
break;
}
if($stealth == 1) usleep(1);
} //----------------------------------------------8-------------------------------------------------- if($found != 1)
for($i80=0;$i80<$count;$i80++)
for($i81=0;$i81<$count;$i81++)
for($i82=0;$i82<$count;$i82++)
for($i83=0;$i83<$count;$i83++)
for($i84=0;$i84<$count;$i84++)
for($i85=0;$i85<$count;$i85++)
for($i86=0;$i86<$count;$i86++)
for($i87=0;$i87<$count;$i87++) {
if(md5(md5($salt).md5($GTFO[$i80].$GTFO[$i81].$GTFO[$i82].$GTFO[$i83].$GTFO[$i84].$GTFO[$i85].$GTFO[$i86].$GTFO[$i87])) == $hash) {
writetofile("$hash : ".$GTFO[$i80].$GTFO[$i81].$GTFO[$i82].$GTFO[$i83].$GTFO[$i84].$GTFO[$i85].$GTFO[$i86].$GTFO[$i87],$salt);
$found = 1;
break;
}
if($stealth == 1) usleep(1);
} //----------------------------------------------9-------------------------------------------------- if($found != 1)
for($i90=0;$i90<$count;$i90++)
for($i91=0;$i91<$count;$i91++)
for($i92=0;$i92<$count;$i92++)
for($i93=0;$i93<$count;$i93++)
for($i94=0;$i94<$count;$i94++)
for($i95=0;$i95<$count;$i95++)
for($i96=0;$i96<$count;$i96++)
for($i97=0;$i97<$count;$i97++)
for($i98=0;$i98<$count;$i98++) {
if(md5(md5($salt).md5($GTFO[$i90].$GTFO[$i91].$GTFO[$i92].$GTFO[$i93].$GTFO[$i94].$GTFO[$i95].$GTFO[$i96].$GTFO[$i97].$GTFO[$i98])) == $hash) {
writetofile("$hash : ".$GTFO[$i90].$GTFO[$i91].$GTFO[$i92].$GTFO[$i93].$GTFO[$i94].$GTFO[$i95].$GTFO[$i96].$GTFO[$i97].$GTFO[$i98],$salt);
$found = 1;
break;
}
if($stealth == 1) usleep(1);
} //----------------------------------------------10------------------------------------------------- if($found != 1)
for($i100=0;$i100<$count;$i100++)
for($i101=0;$i101<$count;$i101++)
for($i102=0;$i102<$count;$i102++)
for($i103=0;$i103<$count;$i103++)
for($i104=0;$i104<$count;$i104++)
for($i105=0;$i105<$count;$i105++)
for($i106=0;$i106<$count;$i106++)
for($i107=0;$i107<$count;$i107++)
for($i108=0;$i108<$count;$i108++)
for($i109=0;$i109<$count;$i109++) {
if(md5(md5($salt).md5($GTFO[$i100].$GTFO[$i101].$GTFO[$i102].$GTFO[$i103].$GTFO[$i104].$GTFO[$i105].$GTFO[$i106].$GTFO[$i107].$GTFO[$i108].$GTFO[$i109])) == $hash) {
writetofile("$hash : ".$GTFO[$i100].$GTFO[$i101].$GTFO[$i102].$GTFO[$i103].$GTFO[$i104].$GTFO[$i105].$GTFO[$i106].$GTFO[$i107].$GTFO[$i108].$GTFO[$i109],$salt);
$found = 1;
break;
}
if($stealth == 1) usleep(1);
} //----------------------------------------------END------------------------------------------------ if($found == 0) writetofile("$hash : hash not found");
}
function writetofile($string,$string2) {
$file = fopen("Cracked.txt", "a") or die("error");
fwrite($file, "salt : ".$string2."\n");
fwrite($file, $string."\n");
fclose($file);
} ?>
Thursday, November 25, 2010
Md5(md5(salt)+md5(password)) Bruteforcer
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment