hashcat Forum Misc General Talk v
Hashes.org Script

Thread Closed 
Threaded Mode
Hashes.org Script
giveen Offline
Member
***
Posts: 57
Threads: 12
Joined: Jul 2013
#1
10-25-2013, 09:22 PM (This post was last modified: 10-31-2013, 01:19 PM by giveen.)
This script was written by @tekwizz123 with a very extremely small contribute from me. So really the credit goes to him. Extremely useful to quickly test for a known hash.

It takes your hash list, compares to hashes.org and outputs a file if it was found on the site

Code:
#!/usr/bin/python

# Hashes.org list checking script for checking passwords
# against hashes.org's list of cracked passwords.

# Created by tekwizz123
# @tekwizz123

# Shoutout to @giveen for bug testing and pointing me in the right direction :)

import urllib, sys, threading, time
import httplib
from httplib import HTTPConnection, HTTPS_PORT
import ssl, socket

class HTTPSConnection(HTTPConnection):
    "This class allows communication via SSL."
    default_port = HTTPS_PORT

    def __init__(self, host, port=None, key_file=None, cert_file=None,
            strict=None, timeout=socket._GLOBAL_DEFAULT_TIMEOUT,
            source_address=None):
        HTTPConnection.__init__(self, host, port, strict, timeout,
                source_address)
        self.key_file = key_file
        self.cert_file = cert_file

    def connect(self):
        "Connect to a host on a given (SSL) port."
        sock = socket.create_connection((self.host, self.port),
                self.timeout, self.source_address)
        if self._tunnel_host:
            self.sock = sock
            self._tunnel()
        # this is the only line we modified from the httplib.py file
        # we added the ssl_version variable
        self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file, ssl_version=ssl.PROTOCOL_TLSv1)

#now we override the one in httplib
httplib.HTTPSConnection = HTTPSConnection
# ssl_version corrections are done

result = open(sys.argv[1] + "__cracked", "wb")
password = ''

class lookup(threading.Thread):
        # Override Thread's __init__ method to accept the parameters needed:
        def __init__ ( self, password ):
                self.password = password
                threading.Thread.__init__ ( self )
        
        def run ( self ):
                response = urllib.urlopen("https://www.hashes.org/api.php?do=check&hash1=" + self.password.strip("\n"))
                text = response.readline()
                if "<plain>" in text:
                        if "</plain>" in text:
                                #Get the password
                                text = text.split("<plain>")[1]
                                password = text.split("</plain>")[0]
                              
                                text = text.split("</plain>")[1]
                              
                                #Get the hash
                                text = text.split("<hash>")[1]
                                hash = text.split("</hash>")[0]
                              
                                text = text.split("</hash>")[1]
                              
                                # Grab the hash type
                                text = text.split("<type>")[1]
                                type = text.split("</type>")[0]
                              
                                text = text.split("</type>")[1]
                              
                                # Generate the resulting output, neatly formatted :)
                                result.write(hash + ":" + password + " Type=(" + type + ") \n")
                              
                response.close()

count = 0
with open(sys.argv[1], "r", 200) as file:
        for password in file:
                lookup(password).start()
                count = count + 1
                if (count >= 20):
                        time.sleep(.8)
                        count = 0

# Poor man's thread handling
time.sleep(5)
file.close()
result.close()
Find
giveen Offline
Member
***
Posts: 57
Threads: 12
Joined: Jul 2013
#2
10-25-2013, 09:23 PM (This post was last modified: 10-25-2013, 09:24 PM by giveen.)
Example output

Quote:1a19a606b2272ab2d2e1310e95b4d609:SoogerBooger12345 Type=(MD5)
06b717fbfab7019dd041f44efe3a468c:Saljack3232 Type=(MD5)
05ec6431b638d070182f387816f80638:anc243.cs Type=(MD5)
0b97df9184f584495e324c69dbf67f85:RangoDog12 Type=(MD5)
13ec1f67334c1631ec2214f1e2a95f0f:RoyalRiver84 Type=(MD5)
15299ec9eadd6963dddf730883e92fdbSadb0ld87) Type=(MD5)
19e2377bf4d0db4fd30794a67f882d44:CatieJAAEP Type=(MD5)
241d76e5e9d9f6ca5b2aa80dc59423e5:Amcs1014! Type=(MD5)
Find
giveen Offline
Member
***
Posts: 57
Threads: 12
Joined: Jul 2013
#3
10-31-2013, 01:19 PM
Small changes to write-out.
Find
alizah Offline
Junior Member
**
Posts: 1
Threads: 0
Joined: Nov 2013
#4
11-16-2013, 08:33 AM (This post was last modified: 11-16-2013, 08:35 AM by alizah.)
thanks for sharing the post
A
Find
Algreen Offline
Junior Member
**
Posts: 12
Threads: 5
Joined: Nov 2013
#5
11-16-2013, 11:27 PM
Appreciated! Wink
Find
Exclusive Offline
Junior Member
**
Posts: 8
Threads: 1
Joined: Nov 2013
#6
11-20-2013, 02:17 PM
I get this error Sad
"Traceback (most recent call last):
File "C:\Python34\N.py", line 43, in <module>
result = open(sys.argv[1] + "__cracked", "wb")
IndexError: list index out of range"
where "C:\python34\N.py" is the file with script .


????
Find
giveen Offline
Member
***
Posts: 57
Threads: 12
Joined: Jul 2013
#7
11-20-2013, 02:25 PM
(11-20-2013, 02:17 PM)Exclusive Wrote: I get this error Sad
"Traceback (most recent call last):
File "C:\Python34\N.py", line 43, in <module>
result = open(sys.argv[1] + "__cracked", "wb")
IndexError: list index out of range"
where "C:\python34\N.py" is the file with script .


????

Try switching to Python2.7 instead of 3.4

Does it still complete? Usually when I get errors, it still works.
Find
Exclusive Offline
Junior Member
**
Posts: 8
Threads: 1
Joined: Nov 2013
#8
11-20-2013, 03:09 PM
No Sad its still same Sad.
Find
Exclusive Offline
Junior Member
**
Posts: 8
Threads: 1
Joined: Nov 2013
#9
11-20-2013, 03:11 PM
Ok. Now i tried to execute online http://www.compileonline.com/execute_python_online.php and i get this
$python2.7 main.py

Traceback (most recent call last):
File "main.py", line 14, in
import ssl, socket
File "/usr/local/lib/python2.7/ssl.py", line 60, in
import _ssl # if we can't import it, let the error propagate
ImportError: No module named _ssl
Find
giveen Offline
Member
***
Posts: 57
Threads: 12
Joined: Jul 2013
#10
11-20-2013, 06:20 PM
Are you using this version of the script? Also it looks like you are missing the module ssl, local problem.

Code:
#!/usr/bin/python

# Hashes.org list checking script for checking passwords
# against hashes.org's list of cracked passwords.

# Created by tekwizz123
# @tekwizz123

# Shoutout to @giveen for bug testing and pointing me in the right direction :)

import urllib, sys, threading, time
import httplib
from httplib import HTTPConnection, HTTPS_PORT
import ssl, socket

class HTTPSConnection(HTTPConnection):
    "This class allows communication via SSL."
    default_port = HTTPS_PORT

    def __init__(self, host, port=None, key_file=None, cert_file=None,
            strict=None, timeout=socket._GLOBAL_DEFAULT_TIMEOUT,
            source_address=None):
        HTTPConnection.__init__(self, host, port, strict, timeout,
                source_address)
        self.key_file = key_file
        self.cert_file = cert_file

    def connect(self):
        "Connect to a host on a given (SSL) port."
        sock = socket.create_connection((self.host, self.port),
                self.timeout, self.source_address)
        if self._tunnel_host:
            self.sock = sock
            self._tunnel()
        # this is the only line we modified from the httplib.py file
        # we added the ssl_version variable
        self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file, ssl_version=ssl.PROTOCOL_TLSv1)

#now we override the one in httplib
httplib.HTTPSConnection = HTTPSConnection
# ssl_version corrections are done

result = open(sys.argv[1] + "__cracked", "wb")
password = ''

class lookup(threading.Thread):
        # Override Thread's __init__ method to accept the parameters needed:
        def __init__ ( self, password ):
                self.password = password
                threading.Thread.__init__ ( self )
        
        def run ( self ):
                response = urllib.urlopen("https://www.hashes.org/api.php?do=check&hash1=" + self.password.strip("\n"))
                text = response.readline()
                if "<plain>" in text:
                        if "</plain>" in text:
                                #Get the password
                                text = text.split("<plain>")[1]
                                password = text.split("</plain>")[0]
                              
                                text = text.split("</plain>")[1]
                              
                                #Get the hash
                                text = text.split("<hash>")[1]
                                hash = text.split("</hash>")[0]
                              
                                text = text.split("</hash>")[1]
                              
                                # Grab the hash type
                                text = text.split("<type>")[1]
                                type = text.split("</type>")[0]
                              
                                text = text.split("</type>")[1]
                              
                                # Generate the resulting output, neatly formatted :)
                                result.write(hash + ":" + password + " Type=(" + type + ") \n")
                              
                response.close()

count = 0
with open(sys.argv[1], "r", 200) as file:
        for password in file:
                lookup(password).start()
                count = count + 1
                if (count >= 20):
                        time.sleep(.8)
                        count = 0

# Poor man's thread handling
time.sleep(5)
file.close()
result.close()
Find
Thread Closed