HashSmash is a script that utilizes a wordlist containing a the possible combinations of lowercase alphabets of length 1 to 10, which is created by the code below .
import itertools
x=open("wordlist.txt","w")
charset="abcdefghijklmnopqrstuvwxyz" #charset to use
#main loop creates combinations charsets from length 1-10
for i in range(1,11):
words=itertools.combinations_with_replacement(charset,i)
print "print %d" %(i)
try:
while True:
cword=list(words.next())
cword="".join(cword)+"\n"
x.write(cword)
except:
print "Moving on"
x.close()
print "Wordlist Done" #Creates a file of about 2.7Gb
It then permutes each word,hashes them and compares them to the input hash. The large wordlist makes it less memory intensive(a problem i had with many of the other crackers i wrote). It can also store sessions by pressing Ctrl-C and resume them by typing 'S' at the prompt.
import itertools
import hashlib
import pickle
found=False
#holds the sessions
sessions=[]
def loadsessions():
global sessions
try:
#load sessions from session file
with open("session","rb") as session:
sessions=pickle.load(session)
if sessions!=[]:
print "Sessions Found-Type S below"
except:
pass
def savesession(position,xhash):
print "Saving Session"
global sessions
#save position and input hash
sessions.append([position,xhash])
try:
with open("session","wb") as session:
pickle.dump(sessions,session)
except:
print "Error Saving"
exit()
def smash(xhash,offset=0):
global found
global sessions
#open the wordlist file
with open("wordlist.txt","r") as wordlist:
if offset!=0:
wordlist.seek(offset)
print "Resuming at %s" %(wordlist.readline())
wordlist.seek(offset)
while True:
position=wordlist.tell()
line=wordlist.readline()
if len(line)==0:
break
charset=line.strip()
#produce all words possible from the combination
words=itertools.permutations(charset,len(charset))
try:
#go through and compare the hashed words to the input hash
while True:
clist=list(words.next())
cword="".join(clist)
if xhash==hashlib.md5(cword).hexdigest():
print "Found-%s" %(cword)
found=True
break
except KeyboardInterrupt:
savesession(position,xhash)
except:
pass
if found==True:
break
#Input Md5 hash
loadsessions()
xhash=raw_input("Enter hash:")
if len(xhash)==32:
print "Press Ctrl-C to quit and save session"
print "Working-%s" %(xhash)
#cracking function
smash(xhash)
if found==False:
print "Not Found"
elif xhash=="S":
if sessions!=[]:
#print sessions
print "==============SESSIONS=================="
for i in sessions:
print "%d %s" %(sessions.index(i),i[1])
print "========================================"
choice=input("Enter session number:")
try:
#load session position and hash
offset,xhash=sessions[int(choice)]
sessions.remove([offset,xhash])
smash(xhash,offset)
except SystemExit:
pass
except:
print "Error.Cannot resume"
else:
print "No sessions"
else:
print "Unknown Command/Hash"
I have an IntelĀ® Celeron(R) CPU B710 @ 1.60GHz and i was able to crack a six letter password in under 30 minutes(dunno if that's much of a benchmark) but it should run better on faster processors
