Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import time, hashlib
- from jinja2.sandbox import SandboxedEnvironment
- print"""
- ____ ____ ____ ____ ____ ____ ____ ____
- ||D |||B |||2 |||B |||O |||O |||B |||Y ||
- ||__|||__|||__|||__|||__|||__|||__|||__||
- |/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|.py\n"""
- results = []
- def md5(s):
- return hashlib.md5(s).hexdigest()
- def cracking():
- print '\nEnter the encryption algorithm below.'
- print 'Encryption Algorithm Format:\n\nUse \'md5()\' for md5.\nUse \'+\' for joining strings.\nUse \'salt\' for the salt.\nUse \'password\' for the plaintext password.\nExample: md5(md5(salt)+md5(password))\n'
- algorithm = str(raw_input('Enter Encryption Algorithm => '))
- pwdlist = open(str(raw_input('Password List Path=> ')), 'r').readlines()
- hashlist = open(str(raw_input('Hash List Path=> ')), 'r').readlines()
- env = SandboxedEnvironment()
- template = env.from_string('{{' + algorithm + '}}')
- try:
- print 'Staring cracking...\nPress Ctrl + C to Stop.\n'
- fstart = time.time()
- for hsh in hashlist:
- parse = hsh.split('||')
- username = parse[0].strip()
- hsh = parse[1].strip()
- salt = parse[2].strip()
- start = time.time()
- print 'Attempting to crack ' + username
- time.sleep(2)
- for pwd in pwdlist:
- pwd = pwd.strip()
- xhash = template.render(md5=md5, salt=salt, password=pwd)
- if xhash == hsh:
- elapsed = time.time() - start
- print 'CRACKED ' + username + ' WITH PASSWORD: ' + pwd + ' in ' + str(elapsed) + ' seconds.'
- results.append(username + '||' + pwd)
- time.sleep(2)
- break
- else:
- print pwd + ' - Failed'
- except KeyboardInterrupt:
- pass
- felapsed = time.time() - fstart
- print '\nCracked ' + str(len(results)) + ' in ' + str(felapsed) + ' seconds:'
- for x in results:
- print x
- if results:
- save()
- def save():
- opt = str(raw_input("Do you want to save results to file? (Y/N) => ")).lower()
- if opt == 'y':
- f = str(raw_input("Output File => "))
- f = open(f, 'a')
- for x in results:
- f.write(x + '\n')
- f.close()
- print 'Results written to file.'
- elif opt == 'n':
- print 'Save to file - Skipped.'
- else:
- save()
- def manual(db_name):
- db = open(db_name, 'r')
- table = str(raw_input('Table name => '))
- nof = int(raw_input('Number of fields to parse => '))
- fields = []
- for x in range(nof):
- fields.append(str(raw_input("Field " + str(x) + ' => ')))
- print ''
- pattern = ''
- x = ''
- string = ''
- for line in db.readlines():
- if 'INSERT INTO' in line and table in line:
- pattern = (line.split('VALUES')[0].strip()).split(',')
- pattern = map(lambda s: s.strip('()`\';'), pattern)
- pattern[0] = (pattern[0].split('(')[1]).strip('`')
- x = (line.split('VALUES')[1].strip()).split(',')
- x = map(lambda s: s.strip('()`\';'), x)
- string = ''
- for field in fields:
- string += x[pattern.index(field)] + '||'
- string = string[:-2]
- results.append(string)
- print string
- print '\n' + table + ' has these fields: \n'
- print pattern
- print '\nSave the hashes if you plan on cracking them.'
- save()
- def typecheck(db_name):
- db = open(db_name, 'r')
- for line in db.readlines():
- if 'mybb' in line.lower():
- return 'MyBB'
- break
- def mybb(db_name):
- pattern = ''
- string = ''
- db = open(db_name, 'r')
- for line in db.readlines():
- if 'INSERT INTO' in line and 'mybb_users' in line:
- #set pattern
- pattern = (line.split('VALUES')[0].strip()).split(',')
- pattern = map(lambda s: s.strip('()`\';'), pattern)
- pattern = pattern[1] + '||' + pattern[2] + '||' + pattern[3] #these indexes can be altered
- #set string
- x = (line.split('VALUES')[1].strip()).split(',')
- x = map(lambda s: s.strip('()`\';'), x)
- string = x[1] + '||' + x[2] + '||' + x[3] #these indexes can be altered
- results.append(string)
- print string
- print pattern
- print '\nSave the hashes if you plan on cracking them.'
- save()
- def main():
- try:
- print 'Automatic parsing is supported for the following database types:'
- print '[*] MyBB\n'
- print '1 - Automatic Database Parsing'
- print '2 - Manual Database Parsing (Just Username, Password and Salt for Hash Cracking)'
- print '3 - Hash Cracking (Consider Parsing and Saving Hashes First.)\n'
- man = str(raw_input('Option Value => ')).lower()
- if man == '2':
- db_name = str(raw_input("db path => "))
- manual(db_name)
- elif man == '1':
- db_name = str(raw_input("db path => "))
- version = typecheck(db_name)
- if version == 'MyBB':
- print 'Database: MyBB'
- print 'Parsing ' + db_name + '\'s user-table.\n'
- time.sleep(2)
- mybb(db_name)
- else:
- print 'Database unknown.\nAttempting manual parsing.\n'
- manual(db_name)
- elif man == '3':
- cracking()
- else:
- print 'Invalid Option.'
- main()
- except Exception,e: print str(e)
- main()
- raw_input("\nPress anything to exit.")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement