a faster hash cracker?
i built a hash cracker in vb.net and was very pleased with its speed and efficiency. I created brute force and word list attack modes, and got about 65,000 attempts/second.
My brute force mode simply looped through all combinations of an entered character set, hashed it, and checked it against the original hash. My word list attack mode read a line of a text file, hashed, compared, then moved on to the next line..
Then i though of an even better idea, that could take out the need to hash values at 65,000/second.
What if we looped through a word list, and created a seperate text file for each entry. The file would be named the hashed value of the word, and its contents would be the plaintext word. So lets say the first value was 'a', then it would create a text file named '0CC175B9C0F1B6A831C399E269772661' and would write the string 'a' to the text file.
You would only need to run this once.
Then, when you get a hash you want to crack just fire up notepad, go open then paste in your hash, add .txt to the end and viola!
So i was just wondering if anybody has tried/though of this before and whether it really is as good of an idea as i seem to be thinking it is. Please comment B)
I suppose a salted password would make this impossible tho.
and yeah about the time required to find the file:
i was thinking a directory tree. so there would be a directory for every letter a-z in lower and upper case and a directory for 0-9. Then if the hash started with v you would go into the folder 'v'. then inside there would be another directory tree. if the second character was 3, then you would go into the directory '3' and so on and so forth. yeah there would be a ton of directories (hd consuming) but it would be extremely fast.
VBNET is slower than c/c++ combine with assembly. I suggest you to download rainbow table., it is faster and success rate is very high.
example: http://plain-text.info/view/action/viewtables/
65,000 per second still slow, jtr is faster than that and it also try different things like the word admin = admin 4dm1n sf,om …..etc
i cant imagine how much hd space for required for your idea, it is not practical.
might be off topic, but these are the ones I use:
http://passcracking.ru/ http://plain-text.info/search/ http://gdataonline.com/seekhash.php http://www.securitystats.com/tools/hashcrack.php http://www.tydal.nu/php/sakerhet/md5.php
and of course, Jake's AIM bot, "MD5 library"
youre right the disk space would be monumental. im not saying full brute force tho just a dictionary.
each file would be, maybe, 7 bytes, * 5,000,000 words in my word list = 385 000 000 bytes = 0.358559191 gigabytes. but thats the actual 'size' property , the 'size on disk' property it quite a big higher. and wow
http://plain-text.info/view/action/viewallhashes
damn handy!!!!!
thanks for the links thats extremely handy
0.o i dont think i ever got around to installing ntfs on my comp after i reformatted! cuz i make a 7 byte file and it says 'size=7 bytes' and 'size on disk=4,096 bytes'
seems a little too high eh? :angry:
DigitalFire wrote: youre right the disk space would be monumental. im not saying full brute force tho just a dictionary.
Obviously. Brute force would take up no space, as you would not be using any lists.
Instead of doing multiple text files, why not use a database? Sure, it would take up a good amount of space, but you'd benefit from the speed of a SELECT / WHERE SQL statement. Hell, you could have 1000 hash tables, a text file with the table names in it, and run a loop and it should go reasonably fast.
Or, yeah, if you don't particularly want to "re-invent the wheel", then use the lists that people already have. :-) If they're not in a database, though, I'd probably put them in there before using them.
Wouldn't mind seeing your VB.Net code, tho. It's my language of choice atm.
Probably not very relevant but Cain can get 4mil MD5 per second for me and SHA1 can get 1mil… On a 2003 computer… And some programs I've tried such as MDCrack can get 6-7mil
So I'd advise you to just give up entirely on a usable cracker in VB and try C/C++
Edit: Not meant to be offensive or anything as you're probably just making it to get practise at VB, just a suggestion