Two changes to improve the successrate of BozoCrack #10

tecknicaltom · 2011-12-29T01:50:27Z

This commit adds two changes to improve the successrate of BozoCrack:

If the old method didn't find the hash, split the Google results on non-alphanumeric characters. This will find the hashes on pages which contain text such as:
- md5(password) = 5f4dcc3b5aa765d61d8327deb882cf99
- md5("password") = 5f4dcc3b5aa765d61d8327deb882cf99
- password:5f4dcc3b5aa765d61d8327deb882cf99
If that still didn't find the hash, do another Google search for the hash and the word md5. This helps for hashes that may by luck appear in their hashed form frequently on the web. For instance, compare:
http://www.google.com/search?q=0e97d6e7124d6cc9623650201236cd52
and
http://www.google.com/search?q=md5+0e97d6e7124d6cc9623650201236cd52
At the time of implementing this change, the first Google results did
not contain the plaintext for this hash.

This commit adds two changes to improve the successrate of BozoCrack: 1. If the old method didn't find the hash, split the Google results on non-alphanumeric characters. This will find the hashes on pages which contain text such as: md5(password) = 5f4dcc3b5aa765d61d8327deb882cf99 md5("password") = 5f4dcc3b5aa765d61d8327deb882cf99 password:5f4dcc3b5aa765d61d8327deb882cf99 2. If that still didn't find the hash, do another Google search for the hash and the word md5. This helps for hashes that may by luck appear in their hashed form frequently on the web. For instance, compare: http://www.google.com/search?q=0e97d6e7124d6cc9623650201236cd52 and http://www.google.com/search?q=md5+0e97d6e7124d6cc9623650201236cd52 At the time of implementing this change, the first Google results did not contain the plaintext for this hash.

cassiebeckley · 2011-12-30T19:39:37Z

At the time of me reading this change, both the first and second Google results contained this page.

ggizmo123

#!/usr/bin/env ruby

require 'digest/md5'
require 'net/http'

class BozoCrack

def initialize(filename)
@Hashes = Array.new
@cache = Hash.new

File.new(filename).each_line do |line|
  if m = line.chomp.match(/\b([a-fA-F0-9]{32})\b/)
    @hashes << m[1]
  end
end
@hashes.uniq!
puts "Loaded #{@hashes.count} unique hashes"

load_cache

end

def crack
@hashes.each do |hash|
if plaintext = @cache[hash]
puts "#{hash}:#{plaintext}"
next
end
if plaintext = crack_single_hash(hash)
puts "#{hash}:#{plaintext}"
append_to_cache(hash, plaintext)
end
sleep 1
end
end

private

def crack_single_hash(hash)
response = Net::HTTP.get URI("http://www.google.com/search?q=#{hash}")
wordlist = response.split(/\s+/)
if plaintext = dictionary_attack(hash, wordlist)
return plaintext
end
nil
end

def dictionary_attack(hash, wordlist)
wordlist.each do |word|
if Digest::MD5.hexdigest(word) == hash.downcase
return word
end
end
nil
end

def load_cache(filename = "cache")
if File.file? filename
File.new(filename).each_line do |line|
if m = line.chomp.match(/^([a-fA-F0-9]{32}):(.*)$/)
@cache[m[1]] = m[2]
end
end
end
end

def append_to_cache(hash, plaintext, filename = "cache")
File.open(filename, "a") do |file|
file.write "#{hash}:#{plaintext}\n"
end
end

end

if ARGV.size == 1
BozoCrack.new(ARGV[0]).crack
else
puts "Usage example: ruby bozocrack.rb file_with_md5_hashes.txt"
end

ggizmo123 approved these changes Jun 18, 2017

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Two changes to improve the successrate of BozoCrack #10

Two changes to improve the successrate of BozoCrack #10

tecknicaltom commented Dec 29, 2011

cassiebeckley commented Dec 30, 2011

ggizmo123 left a comment

Two changes to improve the successrate of BozoCrack #10

Are you sure you want to change the base?

Two changes to improve the successrate of BozoCrack #10

Conversation

tecknicaltom commented Dec 29, 2011

cassiebeckley commented Dec 30, 2011

ggizmo123 left a comment

Choose a reason for hiding this comment