MD5BruteForce python

1. #!/usr/bin/python
2. # This was written for educational purpose and pentest only. Use it at your own risk.
3. # Author will be not responsible for any damage!
4. # !!! Special greetz for my friend sinner_01 !!!
5. # Toolname : md5db.py
6. # Coder : baltazar a.k.a b4ltazar < b4ltazar@gmail.com>
7. # Version : 0.1
8. # Greetz for rsauron and low1z, great python coders
9. # greetz for d3hydr8, r45c4l, fx0, Soul, MikiSoft, c0ax, b0ne and all members of ex darkc0de.com, ljuska.org
10. # Based on low1z (ex. darkc0de member) python script, md5db11.py
11. # Thanks bro for inspiring me :)
12.  
13. import sys, subprocess, hashlib
14.  
15. try:
16. import MySQLdb
17. except:
18. print "\n[-] MySQLdb not installed on system!"
19. choo = raw_input("\nWould you like to install it (if want press yes or y)?")
20. if choo == "yes" or choo == "y":
21. subprocess.call("sudo apt-get install python-mysqldb", shell=True) # Works with me, tested on Kubuntu 12.04
22. print "\n[!] MySQLdb installed!"
23. print "[!] Now exiting, please try script again!"
24. sys.exit(1)
25. else:
26. print "\n[+] If you using Ubuntu based system, try: sudo apt-get install python-mysqldb"
27. print "[!] Thanks for using script, please visit b4ltazar.wordpress.com & ljuska.org"
28. print "[!] Now exiting ..."
29. sys.exit(1)
30.  
31.  
32.  
33. def logo():
34. print "\n|---------------------------------------------------------------|"
35. print "| b4ltazar[@]gmail[dot]com |"
36. print "| 05/2012 md5db.py v.0.1 (based on low1z script) |"
37. print "| b4ltazar.wordpress.com & ljuska.org |"
38. print "| |"
39. print "|---------------------------------------------------------------|\n"
40.  
41.  
42. if sys.platform == 'linux' or sys.platform == 'linux2':
43. subprocess.call("clear", shell=True)
44. logo()
45. else:
46. subprocess.call("cls", shell=True)
47. logo()
48.  
49. dbname = 'md5db'
50. #####################################################################
51. DB = MySQLdb.connect(host='127.0.0.1', user='root', passwd='toor') # You should change this line with your login details
52. #####################################################################
53.  
54. def DBconnect():
55. consrv = DB.cursor()
56. return consrv
57.  
58. def setupDB():
59. consrv = DBconnect()
60. try:
61. consrv.execute("CREATE DATABASE "+dbname)
62. print "[+] Database:", dbname
63. print "[+] Status : created"
64. except MySQLdb.Error, e:
65. print "[-] Error %s" % (e.args[1])
66. sys.exit(1)
67. try:
68. consrv.execute("CREATE TABLE "+dbname+".data (id INT( 255 ) NOT NULL AUTO_INCREMENT ,plain TEXT NOT NULL ,md5 VARCHAR( 255 ) NOT NULL ,PRIMARY KEY ( id ) , UNIQUE ( md5 )) ENGINE = MYISAM;")
69. print "[+] Tables in db:", dbname, "created, Database ready to use!"
70. except MySQLdb.Error, e:
71. print "[-] Error %s" % (e.args[1])
72. sys.exit(1)
73.  
74. def importword():
75. counter = 0
76. try:
77. words = open(wordlist, "r")
78. except(IOError):
79. print "[-] Error: check", wordlist
80. sys.exit(1)
81. duplicates = 0
82. print "[+] Inserting wordlist, skipping duplicates ... may take some time"
83. for word in words.read().split('\n'):
84. hash = hashlib.md5(word).hexdigest()
85. counter = counter + 1
86. try:
87. consrv = DBconnect()
88. consrv.execute("INSERT INTO "+dbname+".data (plain, md5)VALUES ('"+str(word)+"', '"+str(hash)+"');")
89. except MySQLdb.Error, e:
90. duplicates = duplicates + 1
91. print "\n[+] Duplicates:", duplicates
92.  
93. def single(shash):
94. consrv = DBconnect()
95. consrv.execute("SELECT plain FROM "+dbname+".data WHERE md5 = '"+shash+"'")
96. dset = consrv.fetchone()
97. if dset == None:
98. print "[!]",shash, ":", "not in DB"
99. else:
100. print "[!]",shash, ":", dset[0]
101. consrv.close()
102.  
103. def dropDB():
104. consrv = DBconnect()
105. try:
106. consrv.execute("DROP DATABASE "+dbname)
107. print "[+] Database:", dbname
108. print "[+] Status : deleted"
109. except MySQLdb.Error, e:
110. print "[-] Error %s" % (e.args[1])
111. sys.exit(1)
112.  
113. def statusDB():
114. try:
115. consrv = DBconnect()
116. consrv.execute("SELECT COUNT(id) AS num FROM "+dbname+".data")
117. DBcount = consrv.fetchone()
118. return DBcount[0]
119. consrv.close()
120. except MySQLdb.Error, e:
121. print "[-] Error %s" % (e.args[1])
122. sys.exit(1)
123.  
124. if len(sys.argv) <= 1:
125. print "Usage: "
126. print "-s initial DB installation"
127. print "-w insert wordlist into DB"
128. print "-d delete DB"
129. print "-sh search DB for given hash"
130. print "-c count DB entries\n"
131. print "[!] Thanks for using script, please visit b4ltazar.wordpress.com & ljuska.org"
132. sys.exit(1)
133.  
134.  
135.  
136.  
137. for arg in sys.argv[1:]:
138. if arg.lower() == "-s":
139. setupDB()
140.  
141. if arg.lower() == "-sh":
142. try:
143. shash = sys.argv[2]
144. if len(shash) != 32:
145. print "[-] Invalid md5 supplied, check your input!"
146. sys.exit(1)
147. single(shash)
148. except(IndexError):
149. print "[-] Error: check hash!"
150.  
151. if arg.lower() == "-w":
152. try:
153. wordlist = sys.argv[2]
154. importword()
155. except(IndexError):
156. print "[-] Error, check your wordlist path!"
157.  
158. if arg.lower() == "-d":
159. dropDB()
160.  
161. if arg.lower() == "-c":
162. print "[+] Checking for number of entries in DB!"
163. print "[!]", statusDB(), " entries in DB"