Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Calling all Java/c++ Programmers

  1. Home
  2. Forum
  3. Programming
  4. Calling all Java/c++ Programmers

lukem_95's Avatar

lukem_95

Member
0 0

Ok, iv noticed a huge gap in the password cracking (open source) world… and as i have a need for this, im sure many others will do aswell.

I have spent around 5 hours pouring over google results and the c source of apache to try and figure out the algorythmn, and an easy way to write a program to dictionary crack the annoying Apache MD5 passwords found in many .htpasswd files.

There is only one program i can find that will crack this filetype, MDCrack, and although it appears to work, the bastard thing lags my computer so badly that it freezes up totally, and also it only BF's it, no dictionary!

The best way to solve it that i can see, is either to use Java and the apacheCrypt(java.lang.String password) function (http://tools.arlut.utexas.edu/gash2/doc/javadoc/md5/MD5Crypt.html#apacheCrypt(java.lang.String)) (note, i have no experience with java, or id attmept to write one myself) or to try and write a c/c++ program that uses the header files from the open source version of apache.

I started to do this, then realised that i wasn't nearly good enough, after figuring out how to validate the password to the hash, but not how to encrypt the thing in the first place.

this is what i got :$ :

#include <iostream>;

using namespace std;

int main(){
 bool valPass;
 char hash, pass, plaintext;
//Some code to encrypt the pass here
 valPass = ap_validate_password(const char *passwd, const char *hash);
 cin.get();   
}```

and thats probably bollocks too. (it is in the includes dir btw... im nt that dumb :p)

So now iv explained a whole load of crap about what i was trying to do to you, and i hope atleast one person will try and help (i can help with limited c/c++)

Oh and also theres the arse of the fact the md5 is salted too... so building that in would be quite key.

Lukem_95

ghost's Avatar

ghost

0 0

sorry for this ultra spam… do u play rs? since ur sig is from rs-gallery.com :D i play

im an owner on tht game gets boring tho! sorry il stop spamming now


ghost's Avatar

ghost

0 0

What the hell is Rs?


lukem_95's Avatar

lukem_95

Member
0 0

lol used to quite a while ago, my mate uses my char now. Erm… and its a game, but can no one help out at all??

i would have thought it was quite a simple thing to write in java :(


Uber0n's Avatar

Uber0n

Member
0 0

I've recently written one in GML but not in Java… :angry:


regret's Avatar

regret

Attack-Vector Perl
0 0

Brutus…John316…Cain…lots of different programs out there.


Uber0n's Avatar

Uber0n

Member
0 0

Yup ^^ Cain is my favourite of those :)


lukem_95's Avatar

lukem_95

Member
0 0

Brutus is a brute force engine is it not? and that takes forever, Cain and JTR can't do Apache MD5, this is not the same as regular MD5, im not a total nub.

normal MD5 = 16 bytes of 0-9 and A-Z, Apache MD5 = something like… $apr1$wQR.G…$P6kKgyTmEsxLME0EJRAme. that.

Ill look into brutus, as i may be wrong, and GML, i dont have a compiler, but if it works, then please could you send me the .exe or source and i will get one :p

thankyou