[TuT] Decrypting MD5 Hashes

TheEpicDax

Onyx user!
Joined
Oct 5, 2011
Posts
579
Reacts
0
Reputation
0
Credits
0
Demondax's Tutorial to Cracking MD5 Hashes​

If you post this anywhere else without my permission, I will see to your punishment kk. I don't like leechers.

Requirements
A Good Processor on your computer.

To start, you must first download Hashcat.
Unfortunately, there is a problem with Hashcat. It must be ran in CMD, or with a batch file. I have made a batch file specifically so you can run this.
Hashcat [Download]
Hashcat Official Site
Hashcat [Download][ZIP]
32 Bit Version
Code: 
color e
TITLE HASHCAT COMMAND
:S
@echo off
cls
:start
@echo off
echo  --
echo  HASHCAT COMMAND HELP by LEGION
echo  --
echo  Updated By Brack
echo  --
echo.
echo.
echo.
echo  0 = MD5    
echo  1 = md5($pass.$salt)  
echo  2 = md5($salt.$pass)  
echo  3 = md5(md5($pass))    
echo  4 = md5(md5(md5($pass)))  
echo  5 = md5(md5($pass).$salt)  
echo  6 = md5(md5($salt).$pass)  
echo  7 = md5($salt.md5($pass))  
echo  8 = md5($salt.$pass.$salt)  
echo  9 = md5(md5($salt).md5($pass))  ipb  
echo    10 = md5(md5($pass).md5($salt))  
echo    11 = md5($salt.md5($salt.$pass))  
echo    12 = md5($salt.md5($pass.$salt))
echo    15 = vBulletin v3.8.5
echo    30 = md5($username.0.$pass)
echo    31 = md5(strtoupper(md5($pass)))
echo  100 = SHA1
echo  101 = sha1($pass.$salt)
echo  102 = sha1($salt.$pass)
echo  103 = sha1(sha1($pass))
echo  104 = sha1(sha1(sha1($pass)))
echo  105 = sha1(strtolower($username).$pass)
echo  200 = MySQL  
echo  300 = MySQL4.1/MySQL5  
echo  400 = MD5(Wordpress)    
echo  400 = MD5(phpBB3)  
echo  500 = MD5(Unix)  
echo  600 = SHA-1(Base64)  
echo  700 = SSHA-1(Base64)    
echo  800 = SHA-1(Django)  
echo  900 = MD4  
echo    1000 = NTLM    
echo    1100 = Domain Cached Credentials  
echo    1200 = MD5(Chap)  
echo    1300 = MSSQL  
echo    1400 = SHA256  
echo    1600 = MD5(APR)  
echo    1700 = SHA512  
echo.  1800 = SHA-512(Unix)
echo.
echo.  
echo.
ECHO  --
echo.
echo.
echo.
:choice
set /P C= [TYPE NUMBER OF HASH TYPE TO TEST (eg 0 = MD5]?
if "%C%"=="0" goto rs

:rs
echo.
echo.
set /p list= name of hash list (eg hash.txt) :
if "%list%"=="0" goto prt
goto prt

:prt

echo.
echo.
set /p words= Give me name of wordlist or path to multiple lists (eg c:\wordlists :
if "%words%"=="0" goto cpu

:cpu
echo.
echo.
set /p cpu= How many cores (cpu) do you want to use 1,2,3..8 ?:
if "%cpu%"=="0" goto mode

:mode
echo.
echo.
echo    ATTACK MODES
echo  0 = Straight-Words Attack *
echo  1 = Hybrid-Attack (rules)
echo.
echo.
set /p attack= ATTACK MODE TO USE 0,1 ?:
if "%attack%"=="0" goto md5

:md5
If "%list%" =="" GoTo END
if "%attack%"=="0" goto md51
if "%attack%"=="1" goto md55

:md51
echo.
echo.
echo hashcat-cli32.exe -n %cpu% --remove -o cracked.txt -a %attack% -m %C% %list% %words%
echo.
echo.
hashcat-cli32.exe -n %cpu% --remove -o cracked.txt -a %attack% -m %C% %list% %words%
echo.
echo.
goto :END

:md55
echo.
echo.
echo  MAKE SURE YOU COPY RULE FILES FROM RULE FOLDER TO HASHCAT FOLDER :)
echo.
echo.
set /p rules= NAME OF HYBRID RULES FILE (EG best64.rule) ?:
if "%rules%"=="0" goto hybrid

:hybrid
echo.
echo.
echo hashcat-cli32.exe -n %cpu% --remove -o cracked.txt -r %rules% -m %C% %list% %words%
echo.
echo.
hashcat-cli32.exe -n %cpu% --remove -o cracked.txt -r %rules% -m %C% %list% %words%
echo.
echo.
goto :END

:END

goto :start

64 Bit Version
Code: 
color e
TITLE HASHCAT COMMAND
:S
@echo off
cls
:start
@echo off
echo  --
echo  HASHCAT COMMAND HELP by LEGION
echo  --
echo  Updated By Brack
echo  --
echo.
echo.
echo.
echo  0 = MD5    
echo  1 = md5($pass.$salt)  
echo  2 = md5($salt.$pass)  
echo  3 = md5(md5($pass))    
echo  4 = md5(md5(md5($pass)))  
echo  5 = md5(md5($pass).$salt)  
echo  6 = md5(md5($salt).$pass)  
echo  7 = md5($salt.md5($pass))  
echo  8 = md5($salt.$pass.$salt)  
echo  9 = md5(md5($salt).md5($pass))  ipb  
echo    10 = md5(md5($pass).md5($salt))  
echo    11 = md5($salt.md5($salt.$pass))  
echo    12 = md5($salt.md5($pass.$salt))
echo    15 = vBulletin v3.8.5
echo    30 = md5($username.0.$pass)
echo    31 = md5(strtoupper(md5($pass)))
echo  100 = SHA1
echo  101 = sha1($pass.$salt)
echo  102 = sha1($salt.$pass)
echo  103 = sha1(sha1($pass))
echo  104 = sha1(sha1(sha1($pass)))
echo  105 = sha1(strtolower($username).$pass)
echo  200 = MySQL  
echo  300 = MySQL4.1/MySQL5  
echo  400 = MD5(Wordpress)    
echo  400 = MD5(phpBB3)  
echo  500 = MD5(Unix)  
echo  600 = SHA-1(Base64)  
echo  700 = SSHA-1(Base64)    
echo  800 = SHA-1(Django)  
echo  900 = MD4  
echo    1000 = NTLM    
echo    1100 = Domain Cached Credentials  
echo    1200 = MD5(Chap)  
echo    1300 = MSSQL  
echo    1400 = SHA256  
echo    1600 = MD5(APR)  
echo    1700 = SHA512  
echo.  1800 = SHA-512(Unix)
echo.
echo.  
echo.
ECHO  --
echo.
echo.
echo.
:choice
set /P C= [TYPE NUMBER OF HASH TYPE TO TEST (eg 0 = MD5]?
if "%C%"=="0" goto rs

:rs
echo.
echo.
set /p list= name of hash list (eg hash.txt) :
if "%list%"=="0" goto prt
goto prt

:prt

echo.
echo.
set /p words= Give me name of wordlist or path to multiple lists (eg c:\wordlists :
if "%words%"=="0" goto cpu

:cpu
echo.
echo.
set /p cpu= How many cores (cpu) do you want to use 1,2,3..8 ?:
if "%cpu%"=="0" goto mode

:mode
echo.
echo.
echo    ATTACK MODES
echo  0 = Straight-Words Attack *
echo  1 = Hybrid-Attack (rules)
echo.
echo.
set /p attack= ATTACK MODE TO USE 0,1 ?:
if "%attack%"=="0" goto md5

:md5
If "%list%" =="" GoTo END
if "%attack%"=="0" goto md51
if "%attack%"=="1" goto md55

:md51
echo.
echo.
echo hashcat-cli64.exe -n %cpu% --remove -o cracked.txt -a %attack% -m %C% %list% %words%
echo.
echo.
hashcat-cli64.exe -n %cpu% --remove -o cracked.txt -a %attack% -m %C% %list% %words%
echo.
echo.
goto :END

:md55
echo.
echo.
echo  MAKE SURE YOU COPY RULE FILES FROM RULE FOLDER TO HASHCAT FOLDER :)
echo.
echo.
set /p rules= NAME OF HYBRID RULES FILE (EG best64.rule) ?:
if "%rules%"=="0" goto hybrid

:hybrid
echo.
echo.
echo hashcat-cli64.exe -n %cpu% --remove -o cracked.txt -r %rules% -m %C% %list% %words%
echo.
echo.
hashcat-cli64.exe -n %cpu% --remove -o cracked.txt -r %rules% -m %C% %list% %words%
echo.
echo.
goto :END

:END

goto :start

Once you have created the .bat file to run Hashcat, run it.
__________________________________________________________________________________

If you did it right, you should arrive at a screen like this.
hashcat1.png

Now make a new .txt in the same directory as your .bat file. Name is md5hashes.txt . Inside it, paste every single hash you want you crack. (Note: They should all be the same kind of hash)

Now you are going to want to want to select they type of md5 hash you have. Find it, type in the number next to it, then press enter. It will ask you the name of your hash list. Type in md5hashes.txt .

Now, you will come to the part where it asks you for a wordlist. You can find these all over the internet. If you having trouble, follow this link.

Once you got the wordlist, place it in your hashcat directory, type it into the hashcat cmd, and press enter.
http://img191.imageshack.us/img191/7475/hashcat2.png

(I have a 1.5gb sized wordlist. If you are interested in getting it, pm me. It will cost you 6m.)

For the next part, just use 3 cores.

Then, it will ask you if you want to use a straight-word attack or hybrid-attack. Do a hybrid-attack.

Now go to the rules folder in your hashcat directory and copy base64 then paste it back in the main directory. Type in base64.rule into your cmd and press enter.

Finally, you the cracking begins. Just sit back and drink a beer while the hashes are being cracked. Do not try to do anything else while they are cracking on your computer. You will just lag like a bitch.

Play around with Hashcat. Who knows, maybe soon you will get better results than I have!
 
Make it a ZIP File, I can't download WinRAR
 
Was just posting the virus scan because it wasn't an official download link.
 
Kevin said:
Was just posting the virus scan because it wasn't an official download link.
Click to expand...

Like I said, crackers can sometimes be detected as viruses. Go ahead and scan the official download. You will get the same results.
 
I use sanboxie for all programs with malwares
 
Change the title to "Cracking MD5 hashes" hashcat is basically a bruteforce tool & you cannot decrypt hashes.
 
You must log in or register to reply here.

Featured

General Discussion
Inactive FK Username Requests

Share this page

Back
Top