Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!C:\pentest\pl\bin\perl.exe
- #m-a_labz © s4e
- use CGI qw(:cgi);
- use LWP::UserAgent;
- use WWW::Mechanize;
- use Digest::MD5 qw(md5_hex);
- $uag = LWP::UserAgent->new;
- $uag->agent('Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.4');
- $uag->timeout(30);
- $| = 1;
- print <<END_of_HTML;
- Content-type: text/html
- <HTML>
- <HEAD>
- <TITLE>[+] Hash Lookuper</TITLE>
- <meta name="keywords" content="Zone,mawlare,anti-virus,anti,virus,security,python,pentest,pentesting,hacking,0day,exploit,zone-t,zone t,t,zone-t.net,whitehat,redhat">
- <meta name="description" content="zone-t.net is a usfule site for pentesters, it contain many tools for scanning, bruteforcing, hash cracking ...">
- </HEAD>
- <STYLE>
- body{ background:#000000; font-size:14px; font-family:Courier New; color:#fff; text-decoration:none;}
- textarea{background-color:#105700;color:lime;font-weight:bold;font-size: 10px;font-family: Courier New; border: 1px solid #000000;}
- input{FONT-WEIGHT:normal;background-color: #105700;font-size: 14px;font-weight:bold;color: lime; font-family: Courier New; border: 1px solid #666666;height:20}
- body {
- font-family: Courier New
- }
- tr {
- BORDER: dashed 1px #333;
- color: #FFF;
- }
- td {
- BORDER: dashed 1px #333;
- color: #FFF;
- }
- .table1 {
- BORDER: 0px Black;
- BACKGROUND-COLOR: Black;
- color: #FFF;
- }
- .td1 {
- BORDER: 0px;
- BORDER-COLOR: #333333;
- font: 7pt Verdana;
- color: Green;
- }
- .tr1 {
- BORDER: 0px;
- BORDER-COLOR: #333333;
- color: #FFF;
- }
- table {
- BORDER: dashed 1px #333;
- BORDER-COLOR: #333333;
- BACKGROUND-COLOR: Black;
- color: #FFF;
- }
- input {
- border : dashed 1px;
- border-color : #333;
- BACKGROUND-COLOR: Black;
- font: 8pt Verdana;
- color: Red;
- }
- select {
- BORDER-RIGHT: Black 1px solid;
- BORDER-TOP: #DF0000 1px solid;
- BORDER-LEFT: #DF0000 1px solid;
- BORDER-BOTTOM: Black 1px solid;
- BORDER-color: #FFF;
- BACKGROUND-COLOR: Black;
- font: 8pt Verdana;
- color: Red;
- }
- submit {
- BORDER: buttonhighlight 2px outset;
- BACKGROUND-COLOR: Black;
- width: 30%;
- color: #FFF;
- }
- textarea {
- border : dashed 1px #333;
- BACKGROUND-COLOR: Black;
- font: Fixedsys bold;
- color: #999;
- }
- BODY {
- SCROLLBAR-FACE-COLOR: Black; SCROLLBAR-HIGHLIGHT-color: #FFF; SCROLLBAR-SHADOW-color: #FFF; SCROLLBAR-3DLIGHT-color: #FFF; SCROLLBAR-ARROW-COLOR: Black; SCROLLBAR-TRACK-color: #FFF; SCROLLBAR-DARKSHADOW-color: #FFF
- margin: 1px;
- color: Red;
- background-color: Black;
- }
- .main {
- margin : -287px 0px 0px -490px;
- BORDER: dashed 1px #333;
- BORDER-COLOR: #333333;
- }
- .tt {
- background-color: Black;
- }
- A:link {
- COLOR: White; TEXT-DECORATION: none
- }
- A:visited {
- COLOR: White; TEXT-DECORATION: none
- }
- A:hover {
- color: Red; TEXT-DECORATION: none
- }
- A:active {
- color: Red; TEXT-DECORATION: none
- }
- </STYLE>
- <meta http-equiv="Content-Type" content="text/html; charset=utf8">
- <LINK REL="SHORTCUT ICON" HREF="http://zone-t.net/files/favicon.ico" />
- END_of_HTML
- print qq {
- <center>
- [+] Hash Lookuper<br>Total Sites : 28<br><br>
- </center>
- };
- if ($ENV{QUERY_STRING} !~ /hash=/)
- {
- print qq {
- <center>
- <FORM METHOD=POST ACTION="$0">
- + Hash(s) <br><br><textarea name="hash" cols="30" rows="20" >e10adc3949ba59abbe56e057f20f883e</textarea><br><br>
- <INPUT TYPE=submit VALUE="crack it"><br>
- </FORM>
- </center>
- };
- $hc = param(hash);
- @h = split(/<br>/,$hc);
- }else{
- @get = split(/=/, $ENV{QUERY_STRING});
- @h = (@get[1]);
- }
- foreach $hash (@h)
- {
- chomp($hash);
- $hash =~ s/\s//g;
- print qq {<br> [+] Looking for $hash <br>};
- crack($hash);
- }
- print <<END_of_HTML;
- </BODY>
- </HTML>
- END_of_HTML
- close(IN);
- sub crack {
- chomp($_[0]);
- if($_[0] =~ /[a-f0-9]{32}/){
- spec2($_[0]);
- postcracked($_[0]);
- getcracked($_[0]);
- nafsiyeh($_[0]);
- }else{
- print "- ".$_[0]." Not a Valid Md5 <br>";
- }
- }
- sub postcracked{
- my @url = ("http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php","http://www.cloudcracker.net/index.php","http://md5decryption.com/","http://md5online.net/","http://www.freemd5.com/index.php","http://www.hashscan.com/","http://md5pass.info/");
- my @names = ("http://md5.my-addr.com/","http://www.cloudcracker.net/","http://md5decryption.com/","http://md5online.net/","http://www.freemd5.com/","http://www.hashscan.com/","http://md5pass.info/");
- my @posts = ("md5=".$_[0],"inputbox=".$_[0]."&submit=Crack+MD5+Hash%21","hash=".$_[0]."\&submit=Decrypt+It\%21","pass=".$_[0]."\&option=hash2text\&send=Submit","md5=".$_[0]."&crackencryption=decryption","hash=".$_[0],"hash=".$_[0]."&get_pass=Get+Pass");
- my @regexs = ("Hashed string<\/span>\: (.*?)<\/div>","value=\"(.*?)\" \/> ","Decrypted Text\: <\/b>(.*?)<\/font>","<br>pass : <b>(.*?)<\/b><\/p><\/table>","<h2>MD5 Decryption Result:<br>(.*?)<\/h2>","<td><font color=\"green\"><b>(.*?)<\/b><\/font><\/td><\/tr>","Password - <b>(.*?)<\/b>");
- my @pnotfound = ("not found in database<\/div>","Sorry\, password not found\.","Sorry\, this MD5 hash wasn\'t found in our database","not found in our database\.<\/p><\/center><\/table>","<h2>There is no data\.<\/h2>","<p><font color=\"orange\">MD5 hash not found in our wordlist\.<\/font><\/p>","\nNot found! ");
- my $counter;
- for ($counter=0; $counter<$#url + 1; $counter++){
- my $req = HTTP::Request->new(POST => $url[$counter]);
- $req->content_type('application/x-www-form-urlencoded');
- $req->content($posts[$counter]);
- my $res = $uag->request($req);
- if ($res->is_success) {
- if ($res->content !~ m/$pnotfound[$counter]/i)
- {
- if($res->content =~ m/$regexs[$counter]/i){
- print "+ ".$names[$counter] ." Password : ".$1."<br>";
- next;
- }
- elsif ($res->status_line =~ /404,501,301/) {
- print "- ".$names[$counter] ." Seem to be down <br>";
- }
- else{
- print "- ".$names[$counter] ." Error <br>";
- }
- }
- else{
- print "- ".$names[$counter] ." Password Not Found <br>";
- }
- }
- }
- }
- sub spec2 {
- my $site = "http://md5online.org/";
- $hash = $_[0];
- my $req = HTTP::Request->new(GET => $site);
- $req->header(Accept => 'text/xml,application/xml,application/xhtml+xml,text/html');
- my $res = $uag->request($req);
- if ($res->content =~ /<input type=\"hidden\" name=\"a\" value=\"(.*?)\">/){$a = $1;}else{print $res->content."<br>";}
- my $req = HTTP::Request->new(POST => $site);
- $req->content_type('application/x-www-form-urlencoded');
- my $post = "md5=".$hash."&search=1&action=decrypt&a=".$a;
- $req->content($post);
- my $res = $uag->request($req);
- if($res->content =~ m/Found : <b>(.*?)<\/b>/i){
- my $f = $1;
- chomp($f);
- if (md5_hex($f) =~ $_[0] )
- { print "+ ".$site." Password : ".$f."<br>";
- }else{
- print "- ".$site ." Password Not Found <br>";
- }
- }
- else{
- print "- ".$site ." Password Not Found <br>";
- }
- }
- sub getcracked{
- my @geturls = ("http://hashes.org/api.php?do=check&hash1=".$_[0],"http://md5.rednoize.com/?p&s=md5&q=".$_[0],"http://md5decoder.org/".$_[0],"http://netmd5crack.com/cgi-bin/Crack.py?InputHash=".$_[0],"http://www.md5rainbow.com/".$_[0],"http://md5decoder.com/".$_[0],"http://all-the-numbers.com/MD5-Message-Digest-5/".$_[0].".html","http://md5reverse.insdy.net/decrypt_md5/".$_[0],"http://".$_[0].".haq4u.com/","http://md5cracker.com/qkhash.php?option=plaintext&pass=".$_[0],"http://www.md5-hash.com/md5-hashing-decrypt/".$_[0],"http://md5geek.com/".$_[0],"http://hash-decrypt.pl/decrypt/".$_[0],"http://md5cracker.altervista.org/search.php?hash=".$_[0],"https://api.leakdb.net/?t=".$_[0],"http://hashdatabase.info/crack?hash=".$_[0],"http://www.stringfunction.com/md5-decrypter.html?st=".$_[0]);
- my @getnames = ("http://hashes.org/","http://md5.rednoize.com/","http://md5decoder.org/","http://netmd5crack.com/","http://www.md5rainbow.com/","http://md5decoder.com/","http://all-the-numbers.com/","http://md5reverse.insdy.net/","http://haq4u.com/","http://md5cracker.com/","http://www.md5-hash.com/","http://md5geek.com/","http://hash-decrypt.pl/","http://md5cracker.altervista.org/","http://leakdb.net/","http://hashdatabase.info/","http://www.stringfunction.com/");
- my @getregexs = ("<found>true<\/found><plain>(.*?)<\/plain>","\"(.*?)\"\n","Phrase\: \"(.*?)\" hashed","<\/td><td class=\"border\">(.*?)<\/td><\/tr><\/table>\n<i>","</h1>\n(.*?)<br/>","<center>(.*?)<\/center><\/h1>","This is MD5 hash for word \"(.*?)\"\."," <title>MD5 Reverse \: ".$_[0]." - (.*?)<\/title>","\.haq4u.com\">(.*?)<\/a><\/br>","Plain Text\: (.*?)\n","<strong class=\"result\">(.*?)<\/strong><\/p>","\">(.*?)\n<\/span","Found a match\: (.*?)\n<\/p>","<tr><td width=200>".$_[0]."<\/td><td width=200>(.*?)<\/td>","plaintext=(.*?)\n","<td><strong>(.*?)<\/strong><\/td>","textarea_md5_decrypter\">(.*?)<\/textarea>");
- my @gnotfound = ("<found>false<\/found>","bool\(false\)","\:\~\:no\:\~\:","Sorry\, we don\'t have that hash in our database\.","<p>Sorry\, no reverse string was found\.<\/p>","No match found\. Please try another one\:","<nobr>".$_[0]."<\/nobr><\/h1>Hash string stat\:<p>","MD5 sum not found\.<\/em>","\:\~\:no\:\~\:","Not Found","<\/strong> not found in our database\.<\/h3>","<div class=\"not\-found\">","We\'re sorry but the hash you gave","<font color=\#FF0000>Hash Not Found<\/font>","\:\~\:no\:\~\:","Sorry this string is not in our database <br \/>","Sorry\, we were unable to find the original");
- my $counter;
- for ($counter=0; $counter<$#geturls + 1; $counter++)
- {
- my $req = HTTP::Request->new(GET => $geturls[$counter]);
- $req->header(Accept => 'text/xml,application/xml,application/xhtml+xml,text/html');
- my $res = $uag->request($req);
- if ($res->is_success) {
- if ($res->content !~ m/$gnotfound[$counter]/i)
- {
- if($res->content =~ m/$getregexs[$counter]/i){
- print "+ ".$getnames[$counter] ." Password : ".$1."<br>";
- next;
- }
- elsif ($res->status_line =~ /404,501,301/) {
- print "- ".$getnames[$counter] ." Seem to be down <br>";
- }
- else{
- print "- ".$getnames[$counter] ." Error <br>";
- }
- }
- else{
- print "- ".$getnames[$counter] ." Password Not Found <br>";
- }
- }
- }
- }
- sub nafsiyeh{
- my @nurl = ("http://md5.gromweb.com/query/".$_[0],"http://md5.darkbyte.ru/api.php?q=".$_[0],"http://reversemd5.com/get?md5=".$_[0]);
- my @nnames = ("http://md5.gromweb.com/","http://md5.darkbyte.ru/","http://reversemd5.com/");
- my $counter;
- for ($counter=0; $counter<$#nurl + 1; $counter++){
- my $req = HTTP::Request->new(GET => $nurl[$counter]);
- $req->header(Accept => 'text/xml,application/xml,application/xhtml+xml,text/html');
- my $res = $uag->request($req);
- if ($res->is_success) {
- if(length($res->content) > 1){
- print "+ ".$nnames[$counter] ." Password : ".$res->content."<br>";
- next;
- }
- else{
- print "- ".$nnames[$counter] ." Password Not Found <br>";
- }
- }else{
- print "- ".$nnames[$counter] ." Password Not Found <br>";
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement