Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed2.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.005 X-Spam-Evidence: '*H*': 0.99; '*S*': 0.00; 'subject:Python': 0.06; 'error:': 0.07; 'great.': 0.07; 'part,': 0.09; 'sys,': 0.09; 'cc:addr:python-list': 0.11; 'python': 0.11; '"2":': 0.16; '>try:': 0.16; 'hashes': 0.16; 'hashlib': 0.16; 'improper': 0.16; 'md5': 0.16; 'play.': 0.16; 'sys.exit(1)': 0.16; '\xa0print': 0.16; 'wrote:': 0.18; 'trying': 0.19; 'value.': 0.19; 'entered': 0.20; 'thanks.': 0.20; '8bit%:5': 0.22; 'input': 0.22; 'email addr:gmail.com>': 0.22; 'cc:addr:python.org': 0.22; 'print': 0.22; 'lets': 0.24; 'skip:\xa0 20': 0.24; '\xa0if': 0.24; 'cc:2**0': 0.24; 'cc:no real name:2**0': 0.24; "i've": 0.25; '>': 0.26; 'second': 0.26; 'pass': 0.26; 'skip:" 20': 0.27; 'values': 0.27; 'header:In-Reply-To:1': 0.27; 'chris': 0.29; 'am,': 0.29; 'words': 0.29; "doesn't": 0.30; 'errors': 0.30; 'nature': 0.30; 'message-id:@mail.gmail.com': 0.30; "i'm": 0.30; 'url:mailman': 0.30; 'that.': 0.31; 'keys': 0.31; 'anyone': 0.31; 'allows': 0.31; 'file': 0.32; 'there.': 0.32; 'selection': 0.32; 'option': 0.32; 'run': 0.32; 'url:python': 0.33; 'skip:& 30': 0.33; 'screen': 0.34; "i'd": 0.34; 'could': 0.34; 'subject:with': 0.35; "can't": 0.35; 'created': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'passwords': 0.36; 'skip:> 10': 0.36; 'url:listinfo': 0.36; 'hi,': 0.36; 'url:org': 0.36; 'being': 0.38; 'skip:o 20': 0.38; 'skip:& 10': 0.38; 'nov': 0.38; 'pm,': 0.38; 'skip:& 20': 0.39; 'structure': 0.39; 'skip:p 20': 0.39; '8bit%:6': 0.40; 'url:mail': 0.40; 'how': 0.40; 'tell': 0.60; 'length': 0.61; "you're": 0.61; 'back': 0.62; 'information': 0.63; 'more': 0.64; 'charset:windows-1252': 0.65; '26,': 0.68; 'subject': 0.69; 'online': 0.71; 'password;': 0.84; 'to:none': 0.92; '2013': 0.98 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=o6RYttaqhJ3/7KC0x1k55T8m7aIHn4DxsAQluRT1+us=; b=U2DuNi0xyAzcGIU3vAEOCSd3K887h5gNiwzBlTlLKdZ+ZzviCiaZTGunJf65UzNCsl kX+uacjXrmg0yBck5ma6ofOtGUNC76VuYz740jwS1mGzFJTgQuCmPjB0PxddQkzBlpOV VTskMEGRO8Ia3Pc51q2COCBufpgxcW7hfE/f4LqcDAWadT4ZUALt7Bsv946ePvd5cI0J 4Vm3GyVu4gzrS1DLrh48+hC7jMoWj5wot5LbiRJbs+RaJa8qUZYFAv6VUNw6547CvGvV y0nj/BdYXSWNl+vieKvVCOWRgaTR8LQzR7wToay7bIAH0wv/RiPdZw9VDXk1kofrv5T+ zFig== MIME-Version: 1.0 X-Received: by 10.180.208.4 with SMTP id ma4mr17533604wic.43.1385466378547; Tue, 26 Nov 2013 03:46:18 -0800 (PST) In-Reply-To: References: <0a4ae59b-fff8-40dd-b264-823ea596ad82@googlegroups.com> <52940dbe$0$11089$c3e8da3@news.astraweb.com> <2a8225b8-da33-4db4-b83b-dcbd8a619f6c@googlegroups.com> Date: Tue, 26 Nov 2013 11:46:18 +0000 Subject: Re: Cracking hashes with Python From: "TheRandomPast ." Cc: python-list@python.org Content-Type: multipart/alternative; boundary=001a11c387e0577e6d04ec13077b X-Mailman-Approved-At: Tue, 26 Nov 2013 13:29:48 +0100 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 155 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1385468990 news.xs4all.nl 15868 [2001:888:2000:d::a6]:54045 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:60508 --001a11c387e0577e6d04ec13077b Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Hi, Thanks. From what I've been able to find online I've created a dictionary file with words and the words I know the hash values to be and I'm trying to get it to use that however when I run this I get no errors but it doesn't do anything, like ask me to input my hash value. Am i just being stupid? >import sys, re, hashlib >def chklength(hashes): > if len(hashes) !=3D 32: > print '[-] Improper length for md5 hash.' > sys.exit(1) >def dict_check(): > md5hashes =3D raw_input('\nPlease enter the Hash value to be decrypted= : ') > chklength(md5hashes) >wordlist =3D open('C:\dictionary.txt', r) >try: > words =3D wordlist >except(IOError): > print "[-] Error: Check the path.\n" >sys.exit(1) >words =3D words.readlines() >print "\n",len(words),"words loading=85" >for word in words: > hash =3D hashlib.md5(word[:-1]) > value =3D hash.hexdigest() >if hashes =3D=3D value: > print "[+] Password is:"+word,"\n" >sys.exit(0) >print('\n1 =96 Dictionary Check') >print('2 =96 Exit') >selection =3D raw_input('\nSelect an option from above: ') >sys.stdout.flush() >if selection =3D=3D "1": > dict_attack() > pass >elif selection =3D=3D "2": > sys.exit(0 On Tue, Nov 26, 2013 at 10:39 AM, Chris Angelico wrote: > On Tue, Nov 26, 2013 at 9:30 PM, TheRandomPast > wrote: > > and I've started the second part, the part to crack them. If anyone > could tell me where I'd find more information on this subject and how to > crack them that would be great. As I print them on screen I was thinking = I > could write a program that allows the md5 to be entered and then cracked. > > Okay. This is where the irreversible nature of hash functions comes > into play. You can't actually take the hash and go back to the > password; what you have to do is try lots of passwords and find one > that has the right hash. > > Python has a data structure that lets you store keys and values, and > then see whether the key you're looking for is there. See if you can > use that. > > ChrisA > -- > https://mail.python.org/mailman/listinfo/python-list > --001a11c387e0577e6d04ec13077b Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: quoted-printable
Hi,=A0
<= br>
Thanks.= From what I've been able to find online I've created a dictionary = file with words and the words I know the hash values to be and I'm tryi= ng to get it to use that however when I run this I get no errors but it doe= sn't do anything, like ask me to input my hash value. Am i just being s= tupid?

>import sys, r= e, hashlib

>def chklength(hashes):
= =A0 > =A0if len(hashes) !=3D 32:
=A0 > =A0 =A0 =A0print '[-] Improper length for md5 hash.'<= /div>
=A0 > =A0sys.exit(1)

>def dict_che= ck():
=A0 > =A0md5hashes =3D raw_input('\nPlease enter the= Hash value to be decrypted: ')
=A0 > =A0chklength(md5hashes)


>wordlist =3D open('C:\dictionary.txt', r)
>try:=
> =A0 =A0words =3D wordlist
>except(IOError):
> =A0print "[-] Error: Check the path.\n"
>sys.ex= it(1)

>words =3D words.readlines()
&g= t;print "\n",len(words),"words loading=85"
>for word in words:
> =A0 =A0hash =3D hashlib.md= 5(word[:-1])
> =A0 =A0value =3D hash.hexdigest()
>if hashes =3D=3D value:
> =A0 =A0print "[= +] Password is:"+word,"\n"
>sys.exit(0)


>print('= ;\n1 =96 Dictionary Check')
>print('2 =96 Exit')
>selection =3D raw_input('\nSelect an option from above: &#= 39;)
>sys.stdout.flush()

>if selection =3D= =3D "1":
> =A0 =A0dict_attack()
> =A0 = =A0pass
>elif selection =3D=3D "2":
> = =A0 =A0sys.exit(0


O= n Tue, Nov 26, 2013 at 10:39 AM, Chris Angelico <rosuav@gmail.com> wrote:
On Tue, Nov 26, 2013 at 9:= 30 PM, TheRandomPast <wishing= forsam@gmail.com> wrote:
> and I've started the second part, the part to crack them. If anyon= e could tell me where I'd find more information on this subject and how= to crack them that would be great. As I print them on screen I was thinkin= g I could write a program that allows the md5 to be entered and then cracke= d.

Okay. This is where the irreversible nature of hash functions comes into play. You can't actually take the hash and go back to the
password; what you have to do is try lots of passwords and find one
that has the right hash.

Python has a data structure that lets you store keys and values, and
then see whether the key you're looking for is there. See if you can use that.

ChrisA
--
https://mail.python.org/mailman/listinfo/python-list

--001a11c387e0577e6d04ec13077b--