Cool scripts written in python , iCrack is an Online/ofline md5 cracker script in Python. Currently containes about 14 db for online cracking.
Download Link:: https://code.google.com/p/lnxg33k/downloads/detail?name=icrack.py
Source: http://tools.thehackernews.com/2012/06/icrack-python-md5-online-offline.html
If you like my blog, Please Donate Me
One Dollar $1.00 Two Dollar $2.00
Showing posts with label Brute Force. Show all posts
Showing posts with label Brute Force. Show all posts
Sunday, 10 June 2012
Wednesday, 6 June 2012
Your LinkedIn password is in the news or not?
Last night, the password(SHA1) of LinkedIn was leaked and if you want to know your password is in the list or not, try this script(from Phobos Technology) for check it.
if you want to see full details of this news, please go to the Source.
1. Download Password from
http://wordpress.phobostechnology.com/wp-content/uploads/2012/06/combo_not.zip
2. Run this python script.
"""
Save this file as
if you want to see full details of this news, please go to the Source.
1. Download Password from
http://wordpress.phobostechnology.com/wp-content/uploads/2012/06/combo_not.zip
2. Run this python script.
"""
Save this file as
Sunday, 27 May 2012
THC-Hydra password bruteforcing with john the ripper - http://funoverip.net
#!/bin/shhydra="/usr/local/bin/hydra"john="/usr/bin/john"hydra_module="ssh2"hydra_host="127.0.0.1"hydra_port="22"hydra_nb_task="10"hydra_all_params="-f -s $hydra_port -t $hydra_nb_task -e ns "john_sessionfile="$1"john_all_params="--incremental:Alpha --stdout"john_time_step=20 # time (seconds) to run johntmp_passwd="/tmp/pwd1234.tmp"hydra_logfile="/tmp/hydralog"if [ "$1" = "" ];then echo "
Monday, 21 May 2012
วิธีการทดสอบเจาะระบบเว็บไซด์ที่ใช้ CMS ชื่อดัง
ดูตัวเต็มได้จาก link download ข้างล่างครับ
วิธีการทดสอบเจาะระบบเว็บไซด์ที่ใช้ CMS ชื่อดัง
โดยสุเมธ
จิตภักดีบดินทร์
ในปัจจุบัน, เว็บไซด์เกิดใหม่ทุกๆ
นาที เพราะเหตุผลที่ว่าไม่ว่าใครก็สามารถที่จะเป็นเจ้าของเว็บไซด์ได้อย่างง่ายดาย แต่สิ่งที่เราจะเห็นๆกันอยู่ก็คือ
website ส่วนใหญ่มักจะหน้าตาหรือโครงสร้างของเว็บคล้ายๆกัน
ต่างกันแค่สีสันหรือโลโก้ของเว็บเท่านั้น
วิธีการทดสอบเจาะระบบเว็บไซด์ที่ใช้ CMS ชื่อดัง
โดยสุเมธ
จิตภักดีบดินทร์
ในปัจจุบัน, เว็บไซด์เกิดใหม่ทุกๆ
นาที เพราะเหตุผลที่ว่าไม่ว่าใครก็สามารถที่จะเป็นเจ้าของเว็บไซด์ได้อย่างง่ายดาย แต่สิ่งที่เราจะเห็นๆกันอยู่ก็คือ
website ส่วนใหญ่มักจะหน้าตาหรือโครงสร้างของเว็บคล้ายๆกัน
ต่างกันแค่สีสันหรือโลโก้ของเว็บเท่านั้น
Wednesday, 28 March 2012
Johnny - GUI for John the Ripper
Johnny is a GUI for John the Ripper. It was proposed by Shinnok. You could look onto original version on John the Ripper GUI sketches page.
You could download and unpack tarball or use git: git clone https://github.com/AlekseyCherepanov/johnny.git -b release1Then build and run (no installation required): cd johnny qmake make && ./johnny
Source: http://openwall.info/wiki/john/johnny#
Friday, 27 January 2012
Hash Identifier Tool
Software to identify the different types of hashes used to encrypt data and especially passwords.
Encryption formats supported:
ADLER-32
CRC-32
CRC-32B
CRC-16
CRC-16-CCITT
DES(Unix)
FCS-16
GHash-32-3
GHash-32-5
GOST R 34.11-94
Haval-160
Haval-192 110080 ,Haval-224 114080 ,Haval-256
Lineage II C4
Domain Cached Credentials
XOR-32
MD5(Half)
MD5(Middle)
MySQL
MD5(phpBB3)
MD5(
Encryption formats supported:
ADLER-32
CRC-32
CRC-32B
CRC-16
CRC-16-CCITT
DES(Unix)
FCS-16
GHash-32-3
GHash-32-5
GOST R 34.11-94
Haval-160
Haval-192 110080 ,Haval-224 114080 ,Haval-256
Lineage II C4
Domain Cached Credentials
XOR-32
MD5(Half)
MD5(Middle)
MySQL
MD5(phpBB3)
MD5(
Tuesday, 24 January 2012
Bypass Captcha using Python and Tesseract OCR engine
A
CAPTCHA is a type of challenge-response test used in computing as an attempt to
ensure that the response is generated by a person. The process usually involves one computer (a server) asking
a user to complete a simple test which the computer is able to generate and
grade.The term "CAPTCHA" was coined in 2000 by Luis von Ahn, Manuel
Blum, Nicholas J. Hopper, and John Langford (all of Carnegie
Thursday, 19 January 2012
Howto: Crack WPS & WPA Wifi with reaver
1. Get the reaver
- wget https://reaver-wps.googlecode.com/files/reaver-1.3.tar.gz
2. Extract and compile it.
- tar xzvf reaver-1.3.tar.gz
- cd reaver-1.3/src
- ./configure
- make
- make install
3. Change your wireless card to monitor mode
- airmon-ng start wlan0
4. Use reaver
- reaver -i mon0 -b
5. Waiting beacon from Wireless Access Point and finally you
- wget https://reaver-wps.googlecode.com/files/reaver-1.3.tar.gz
2. Extract and compile it.
- tar xzvf reaver-1.3.tar.gz
- cd reaver-1.3/src
- ./configure
- make
- make install
3. Change your wireless card to monitor mode
- airmon-ng start wlan0
4. Use reaver
- reaver -i mon0 -b
5. Waiting beacon from Wireless Access Point and finally you
Thursday, 12 January 2012
ddosim v0.2 (Application Layer DDOS Simulator)
Hack websites by using ddosim v0.2 (Application Layer DDOS Simulator)
DDOSIM simulates several zombie
hosts (having random IP addresses) which create full TCP connections to
the target server. After completing the connection, DDOSIM starts the
conversation with the listening application (e.g. HTTP server). Can be
used only in a laboratory environment to test the capacity
Wednesday, 11 January 2012
Word List Generator
wlg: Word List Generator
version: 0.5
coded by white_sheep
site: http://www.marcorondini.eu - http://www.ihteam.net
twitter: http://www.twitter.com/white__sheep
Option
-h [ --help ] produce help message
-v [ --version ] show version
-r [ --credits ] show credits
-e [ --extract ] arg set string to extract
version: 0.5
coded by white_sheep
site: http://www.marcorondini.eu - http://www.ihteam.net
twitter: http://www.twitter.com/white__sheep
Option
-h [ --help ] produce help message
-v [ --version ] show version
-r [ --credits ] show credits
-e [ --extract ] arg set string to extract
Sunday, 8 January 2012
Howto: Hacking web authentication with Bursuite
1. Set the browser proxy to Burpsuite
2. In the Burpsuite, go to Proxy -> Intercept -> "Intercept is on"
3. Go to Proxy -> Option -> "generate CA-signed per-host certificates" for each time the user connects to a SSL protected website, Burpsuite will
generate a server certificate for that host, signed by a unique CA
certificate which is generated in Burpsuite during its installation. The
2. In the Burpsuite, go to Proxy -> Intercept -> "Intercept is on"
3. Go to Proxy -> Option -> "generate CA-signed per-host certificates" for each time the user connects to a SSL protected website, Burpsuite will
generate a server certificate for that host, signed by a unique CA
certificate which is generated in Burpsuite during its installation. The