API tools faq
paste
Guest User

Untitled

a guest
Dec 11th, 2017
369
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.29 KB | None | 0 0
raw download clone embed print report
  1. #!usr/bin/perl
  2. use Digest::MD5 qw(md5_hex);
  3. use Digest::SHA1 qw(sha1_hex);
  4.  
  5. # Author: localh0t
  6. # Date: 09/06/11
  7. # Contact: mattdch0@gmail.com
  8. # Follow: @mattdch
  9.  
  10. # Help
  11.  
  12. if(!$ARGV[7])
  13. {
  14. print "\n\n###########################################";
  15. print "\n# Multi CMS Hash Cracker v0.1 by localh0t #";
  16. print "\n###########################################";
  17. print "\n\nUse: perl $0 -d [WORLDLIST FOLDER] -h [MD5 | SHA-1 HASH] -s [SALT | USERNAME] -c [CMS]\n";
  18. print "Example: perl $0 -d /home/localh0t/wordlists/ -h caef8544a8e65e23f67ab844d4866e8d -s uZ*qX -c IPB\n";
  19. print "Example: perl $0 -d /home/localh0t/wordlists/ -h dc4a27b25e3f780b89c165f931d6f85d5bd6e33e -s Administrator -c SMF\n\n";
  20. print "Note: Worlists must end with .txt or .lst (or any extension)\n\n";
  21. print "Support:\n========\n";
  22. print "VB : md5_hex(md5_hex(password).salt) | (vBulletin)\n";
  23. print "SMF : sha1_hex(user.password) | (Simple Machines Forum)\n";
  24. print "IPB : md5_hex(md5_hex(salt).md5_hex(password)) | (Invision Power Board)\n";
  25. print "JOOMLA : md5_hex(password.salt) | (Joomla 1.x)\n\n";
  26. exit(0);
  27. }
  28.  
  29.  
  30. # Functions
  31.  
  32. sub ipb_cracker{
  33. my $hash = shift;
  34. my $salt = shift;
  35. my $dir = shift;
  36. foreach $file (@FILES) {
  37. open(DICT,"<".$dir.$file) || die "\n[-] Error opening $file\n\n";
  38. print "[!] Using $file...\n";
  39. foreach $password(<DICT>) {
  40. $password=~s/\s|\n//;
  41. chomp($password);
  42. $cracked = md5_hex(md5_hex($salt).md5_hex($password));
  43. if ($cracked eq $hash) {
  44. return "[+] Hash cracked !: $password\n\n";
  45. }
  46. }
  47. print "[!] Nothing found with $file...\n\n";
  48. }
  49. return "\n[-] Password not found\n\n";
  50. }
  51.  
  52. sub vb_cracker{
  53. my $hash = shift;
  54. my $salt = shift;
  55. my $dir = shift;
  56. foreach $file (@FILES) {
  57. open(DICT,"<".$dir.$file) || die "\n[-] Error opening $file\n\n";
  58. print "[!] Using $file...\n";
  59. foreach $password(<DICT>) {
  60. $password=~s/\s|\n//;
  61. chomp($password);
  62. $cracked = md5_hex(md5_hex($password).$salt);
  63. if ($cracked eq $hash) {
  64. return "[+] Hash cracked !: $password\n\n";
  65. }
  66. }
  67. print "[!] Nothing found with $file...\n\n";
  68. }
  69. return "\n[-] Password not found\n\n";
  70. }
  71.  
  72. sub smf_cracker{
  73. my $hash = shift;
  74. my $user = shift;
  75. my $dir = shift;
  76. foreach $file (@FILES) {
  77. open(DICT,"<".$dir.$file) || die "\n[-] Error opening $file\n\n";
  78. print "[!] Using $file...\n";
  79. foreach $password(<DICT>) {
  80. $password=~s/\s|\n//;
  81. chomp($password);
  82. $cracked = sha1_hex($user.$password);
  83. if ($cracked eq $hash) {
  84. return "[+] Hash cracked !: $password\n\n";
  85. }
  86. }
  87. print "[!] Nothing found with $file...\n\n";
  88. }
  89. return "\n[-] Password not found\n\n";
  90. }
  91.  
  92. sub joomla_cracker{
  93. my $hash = shift;
  94. my $salt = shift;
  95. my $dir = shift;
  96. foreach $file (@FILES) {
  97. open(DICT,"<".$dir.$file) || die "\n[-] Error opening $file\n\n";
  98. print "[!] Using $file...\n";
  99. foreach $password(<DICT>) {
  100. $password=~s/\s|\n//;
  101. chomp($password);
  102. $cracked = md5_hex($password.$salt);
  103. if ($cracked eq $hash) {
  104. return "[+] Hash cracked !: $password\n\n";
  105. }
  106. }
  107. print "[!] Nothing found with $file...\n\n";
  108. }
  109. return "\n[-] Password not found\n\n";
  110. }
  111.  
  112. my ($dir, $hash, $salt, $cms, $arg);
  113.  
  114. foreach $loop (@ARGV) {
  115. for ($loop) {
  116. /^-d$/ and do { $dir = $ARGV[($arg+1)]; last; };
  117. /^-h$/ and do { $hash = $ARGV[($arg+1)]; last; };
  118. /^-s$/ and do { $salt = $ARGV[($arg+1)]; last; };
  119. /^-c$/ and do { $cms = $ARGV[($arg+1)]; last; };
  120. }
  121. $arg++;
  122. }
  123.  
  124.  
  125. # Main
  126.  
  127. print "\n[!] Cracking $hash with $salt as username/salt...\n\n";
  128.  
  129. opendir(DIR, $dir) || die "\n[-] Folder not found\n\n";
  130.  
  131. while($file = readdir(DIR)) {
  132. if ($file ne '.' and $file ne '..') {
  133. $FILES[$clean] = $file;
  134. $clean++;
  135. }
  136. }
  137.  
  138. for ($cms) {
  139. /^IPB$/ and do { $result = &ipb_cracker($hash,$salt,$dir); last; };
  140. /^VB$/ and do { $result = &vb_cracker($hash,$salt,$dir); last; };
  141. /^SMF$/ and do { $result = &smf_cracker($hash,$salt,$dir); last; };
  142. /^JOOMLA$/ and do { $result = &joomla_cracker($hash,$salt,$dir); last; };
  143. /^.$/ and do { print "[-] CMS not available\n"; exit(0); last; };
  144. }
  145.  
  146. print $result;
  147.  
  148. # Exit
  149.  
  150. close(DICT);
  151. closedir(DIR);
  152. exit(0);
  153.  
  154. __END__
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!