Multiple CMS Hash Cracker

BinusHacker 19 Agustus 2011 Coding 12 Comments 587 Views

Good Day BinusHacker Family & Happy Ramadhan!

Berikut ini adalah source untuk MD5/SHA-1 Cracker yang dibuat untuk Crack Content Management System Hash seperti Joomla, WordPress, Drupal, Dsb. Jadi bisa mempermudah pencarian hash, langsung aja deh 🙂

#!usr/bin/perl
use Digest::MD5 qw(md5_hex);
use Digest::SHA1 qw(sha1_hex);

# Author: localh0t
# Date: 09/06/11
# Contact: [email protected]
# Follow: @mattdch

# Help

if(!$ARGV[7])
{
print “\n\n###########################################”;
print “\n# Multi CMS Hash Cracker v0.1 by localh0t #”;
print “\n###########################################”;
print “\n\nUse: perl $0 -d [WORLDLIST FOLDER] -h [MD5 | SHA-1 HASH] -s [SALT | USERNAME] -c [CMS]\n”;
print “Example: perl $0 -d /home/localh0t/wordlists/ -h caef8544a8e65e23f67ab844d4866e8d -s uZ*qX -c IPB\n”;
print “Example: perl $0 -d /home/localh0t/wordlists/ -h dc4a27b25e3f780b89c165f931d6f85d5bd6e33e -s Administrator -c SMF\n\n”;
print “Note: Worlists must end with .txt or .lst (or any extension)\n\n”;
print “Support:\n========\n”;
print “VB : md5_hex(md5_hex(password).salt) | (vBulletin)\n”;
print “SMF : sha1_hex(user.password) | (Simple Machines Forum)\n”;
print “IPB : md5_hex(md5_hex(salt).md5_hex(password)) | (Invision Power Board)\n”;
print “JOOMLA : md5_hex(password.salt) | (Joomla 1.x)\n\n”;
exit(0);
}

# Functions

sub ipb_cracker{
my $hash = shift;
my $salt = shift;
my $dir = shift;
foreach $file (@FILES) {
open(DICT,” print “[!] Using $file…\n”;
foreach $password() {
$password=~s/\s|\n//;
chomp($password);
$cracked = md5_hex(md5_hex($salt).md5_hex($password));
if ($cracked eq $hash) {
return “[+] Hash cracked !: $password\n\n”;
}
}
print “[!] Nothing found with $file…\n\n”;
}
return “\n[-] Password not found\n\n”;
}

sub vb_cracker{
my $hash = shift;
my $salt = shift;
my $dir = shift;
foreach $file (@FILES) {
open(DICT,” print “[!] Using $file…\n”;
foreach $password() {
$password=~s/\s|\n//;
chomp($password);
$cracked = md5_hex(md5_hex($password).$salt);
if ($cracked eq $hash) {
return “[+] Hash cracked !: $password\n\n”;
}
}
print “[!] Nothing found with $file…\n\n”;
}
return “\n[-] Password not found\n\n”;
}

sub smf_cracker{
my $hash = shift;
my $user = shift;
my $dir = shift;
foreach $file (@FILES) {
open(DICT,” print “[!] Using $file…\n”;
foreach $password() {
$password=~s/\s|\n//;
chomp($password);
$cracked = sha1_hex($user.$password);
if ($cracked eq $hash) {
return “[+] Hash cracked !: $password\n\n”;
}
}
print “[!] Nothing found with $file…\n\n”;
}
return “\n[-] Password not found\n\n”;
}

sub joomla_cracker{
my $hash = shift;
my $salt = shift;
my $dir = shift;
foreach $file (@FILES) {
open(DICT,” print “[!] Using $file…\n”;
foreach $password() {
$password=~s/\s|\n//;
chomp($password);
$cracked = md5_hex($password.$salt);
if ($cracked eq $hash) {
return “[+] Hash cracked !: $password\n\n”;
}
}
print “[!] Nothing found with $file…\n\n”;
}
return “\n[-] Password not found\n\n”;
}

my ($dir, $hash, $salt, $cms, $arg);

foreach $loop (@ARGV) {
for ($loop) {
/^-d$/ and do { $dir = $ARGV[($arg+1)]; last; };
/^-h$/ and do { $hash = $ARGV[($arg+1)]; last; };
/^-s$/ and do { $salt = $ARGV[($arg+1)]; last; };
/^-c$/ and do { $cms = $ARGV[($arg+1)]; last; };
}
$arg++;
}

# Main

print “\n[!] Cracking $hash with $salt as username/salt…\n\n”;

opendir(DIR, $dir) || die “\n[-] Folder not found\n\n”;

while($file = readdir(DIR)) {
if ($file ne ‘.’ and $file ne ‘..’) {
$FILES[$clean] = $file;
$clean++;
}
}

for ($cms) {
/^IPB$/ and do { $result = &ipb_cracker($hash,$salt,$dir); last; };
/^VB$/ and do { $result = &vb_cracker($hash,$salt,$dir); last; };
/^SMF$/ and do { $result = &smf_cracker($hash,$salt,$dir); last; };
/^JOOMLA$/ and do { $result = &joomla_cracker($hash,$salt,$dir); last; };
/^.$/ and do { print “[-] CMS not available\n”; exit(0); last; };
}

print $result;

# Exit

close(DICT);
closedir(DIR);
exit(0);

__END__

Bagaimana Penggunaannya? Berikut Petunjuknya:

Install Perl Di Komputer Anda, Dengan Mendownload Perl. Untuk Linux Biasanya Sudah Terinstall, Di Windows Silakan Download Disini: http://www.activestate.com/activeperl/downloads
Simpan File Tersebut “cmsdir.pl“
Ikuti Langkah Berikut:

Silakan Download Tools / Source Code:

Jangan Lupa Untuk Berkunjung Ke Forum Untuk Diskusi Lebih Lanjut: FORUM.BINUSHACKER.NET

12 comments

frodo
21 Agustus 2011 at 22:08

udah nyoba, tapi kok password not found y? ada solusi kawan?

Balas
ranggi
22 Agustus 2011 at 22:57

wongsinting989.blogspot.com

cara pake perl gimana bang???

Balas
idul
23 Agustus 2011 at 23:10

kasih aku pb donk major ada beret nya

Balas
ANAR373CT
26 Agustus 2011 at 23:37

mantab gan artikelnya
mampir juga ya di http://tiangsakingbali.wordpress.com/
thx

Balas
Michael
30 Agustus 2011 at 09:34

Waduh Musti ada List wordnya ini yah pake sistem bruteforce Y.Y

Balas
fujiwara
10 Oktober 2011 at 02:44

masih butuh wordlist donk!!! klo cocok kalo ga cocok gimana?

Balas
file education
10 Februari 2012 at 08:37

wah rumit yah, bikin blog di blgger saja aku kesulitan, maklum anak mesin.
salam dari saya buat anak mesin di binus ITENAS BANDUNG

Balas
yuga
13 Februari 2012 at 08:43

mantap…
mamr juga k t4 ane

Balas
herdy
14 Agustus 2014 at 07:06

[email protected]:/media/dimetrix/B2EC7427EC73E3CF/hash_identifier# perl cmsdir.pl -d ./wordlist -h $P$BF.WSFeMWhP8vPRs0i.e3ub792D6bz. -c JOOMLA
Can’t locate Digest/SHA1.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl .) at cmsdir.pl line 3.
BEGIN failed–compilation aborted at cmsdir.pl line 3.

error gitu gan, apanya?

Balas