monit
+ Reply to Thread
Results 1 to 7 of 7

Thread: Heres one for the noobs.

  1. #1
    Join Date
    Jun 2006
    Posts
    459

    Heres one for the noobs.

    Not really noobish but may save you some time. Don't go rainbowing an md5 until you try these sites. They match md5 hashes with their dictionary, doesnt work on most things but could be useful on noob passwords and such. Enjoy

    [url]http://gdataonline.com/seekhash.php[/url]

    [url]http://md5decrypter.com/[/url]
    7h* L**7*57 c4n7 h4ck m*!
    Proud to have quit playing ®µÑȧ©ÅÞË

    If you write like a semi-literate boob you will very likely be ignored.
    Writing like a l**t script kiddie hax0r is the absolute l**t*st way to write!
    L0L

  2. #2
    Join Date
    Sep 2006
    Posts
    1,649
    Those are nice sites, but you also forgot milw0rm, they have a nice MD5 cracker.
    "Workers of the world unite; you have nothing to lose but your chains." -Karl Marx

  3. #3
    Join Date
    Dec 2007
    Posts
    141
    Note: Few of them sites might get down due to load and/or various other reasons.

    MD5 + LM + SHA-* Hash Online Cracking Sites from ([url]http://digitalmafia.in/root/node/20[/url])


    [url]http://www.md5lookup.com/[/url]

    [url]http://md5.rednoize.com[/url]

    [url]http://nz.md5.crysm.net[/url]

    [url]http://us.md5.crysm.net[/url]

    [url]http://www.xmd5.org[/url]

    [url]http://gdataonline.com[/url]

    [url]http://www.hashchecker.com[/url]

    [url]http://passcracking.ru[/url]

    [url]http://www.milw0rm.com/md5[/url]

    [url]http://plain-text.info[/url]

    [url]http://www.securitystats.com/tools/hashcrack.php[/url]

    [url]http://www.schwett.com/md5/[/url]

    [url]http://passcrack.spb.ru/[/url]

    [url]http://shm.pl/md5/[/url]

    [url]http://www.und0it.com/[/url]

    [url]http://www.neeao.com/md5/[/url]

    [url]http://md5.benramsey.com/[/url]

    [url]http://www.md5decrypt.com/[/url]

    [url]http://md5.khrone.pl/[/url]

    [url]http://www.csthis.com/md5/index.php[/url]

    [url]http://www.md5decrypter.com/[/url]

    [url]http://www.md5database.net/[/url]

    [url]http://md5.xpzone.de/[/url]

    [url]http://www.milw0rm.com/md5/info.php[/url]

    [url]http://md5.geeks.li/[/url]

    [url]http://www.cmd5.com/english.aspx[/url]

    [url]http://www.md5.altervista.org/[/url]

    [url]http://md5.overclock.ch/biz/index.php?p=md5crack&l=en[/url]

    [url]http://alimamed.pp.ru/md5/[/url]

    [url]http://md5crack.it-helpnet.de/index.php?op=add[/url]

    [url]http://cijfer.hua.fi/[/url]

    [url]http://shm.hard-core.pl/md5/[/url]

    [url]http://www.mmkey.com/md5/HOME.ASP[/url]

    [url]http://www.thepanicroom.org/index.php?view=cracker[/url]

    [url]http://www.securitydb.org/cracker/[/url]

    [url]http://www.md5encryption.com/[/url]

    [url]http://www.hashreverse.com/[/url]

    [url]http://rainbowtables.net/services/results.php[/url]

    [url]http://0ptix.co.nr/md5[/url]

    [url]https://www.astalavista.net/?cmd=rainbowtables[/url]

    [url]http://ice.breaker.free.fr/[/url]

    [url]http://www.md5this.com[/url]

    LM-HASH Only:

    [url]http://sys*five.ath.cx:8080/hak5rtables/[/url]

    [url]http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/[/url]
    SHA*:

    [url]http://www.md5encryption.com/[/url]

    [url]http://rainbowcrack.com/[/url]

    [url]http://www.hashreverse.com/[/url]

    [url]http://rainbowtables.net/services/results.php[/url]

    [url]http://www.shalookup.com/[/url]

    [url]http://passcrack.spb.ru/[/url]

    [url]http://www.securitystats.com/tools/hashcrack.php[/url]

    You can also build your own lists and setup own cracker @ your computer, following sites may helpful in regarding that...
    [url]http://www.hashchecker.com/[/url]

    [url]http://www.tmto.org/[/url]

    [url]http://darkdevelopments.com/[/url]

    [url]http://www.rainbowcrack-online.com/[/url]

  4. #4
    Join Date
    Jan 2008
    Posts
    14

    where

    where do you find the hash files

  5. #5
    Join Date
    Dec 2007
    Posts
    141
    Most of the time when any password is needed for anything it will be encrypted (usually into a hash) and stored somewhere. If you can find where that place is that's where people get these hashes and since they can't be reversed into a password they must be bruteforced.

  6. #6
    Join Date
    Sep 2006
    Posts
    1,649
    Quote Originally Posted by Rifts View Post
    where do you find the hash files
    Usually in the site's database.
    "Workers of the world unite; you have nothing to lose but your chains." -Karl Marx

  7. #7
    Join Date
    Sep 2005
    Posts
    2,050
    Simplified explanation of hashing; geeks can ignore:

    Register for a forum, email account or anything that asks for a password, and [usually] your password is run through an algorithm and the result stored in a database. The algorithm produces a "hash" -- something that can be used in future to check if a given password matches the original, among other things. A hash doesn't have to be a string of characters; it can be anything (relatively) unique obtained from analysing the original that can't be reversed (in theory).

    The idea is to keep the ability to password-protect accounts, while never storing a plaintext copy of the password that can be read by the administrators, read by unauthorised users (i.e. hackers), etc.

    If you were to get hold of a hash, you'd first have to figure out what algorithm produced it. Not hard when you know how many characters come out of SHA-*, MD5 and other hashing functions.

    You then look at the parameters for user passwords. If they have to be between *-*2 characters long, you produce a list of all the combinations of characters possible in the *-*2 range (quite a long list...). Then you'd hash each potential password with the algorithm, and if one of the produced hashes matches your stolen hash, the potential password used is the actual password. That's pure brute-force.

    It's exponential, so depending on password length and so on, you could be waiting days, weeks, centuries, millennia or until past the end of the universe.

    A slightly smarter way (with the same *-*2 character length) would be to find a list of words [of suspected language] in that range, then hash them as before to see if you can get a match.

    The quickest way is to use rainbow tables, which are precomputed lists/databases of every string-to-hash combo from a certain function (e.g. MD5) within whatever range the author chose. You enter the password hash, and its match is found pretty quickly if it exists in the table (then obviously the rainbow table spits out the original string). Bigger rainbow tables (as in hundreds of gigs) mean more likelihood of matching the hash.
    Last edited by Ezekiel; 03-04-2008 at 02:17 PM.
    Who needs drugs when you have electrons?

+ Reply to Thread

Similar Threads

  1. sending keylogger via mail for noobs
    By lukas in forum Viruses and Trojans
    Replies: 1
    Last Post: 05-12-2007, 12:56 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts