Tag Archive: password cracking


MD5 Password Cracking

Password hashes can take a long time to crack, depending on the hash and the complexity of the password. Why spend all that time cracking a password, when someone else has already done the work? Introducing BozoCrack. BozoCrack is a ruby script that will search google for a MD5 hash and if google has it, bozocrack will return the plain text password.

Description from Bozocrack

“BozoCrack is a depressingly effective MD5 password hash cracker with almost zero CPU/GPU load. Instead of rainbow tables, dictionaries, or brute force, BozoCrack simply finds the plaintext password. Specifically, it googles the MD5 hash and hopes the plaintext appears somewhere on the first page of results.”

Usage:


root@bt:~# ruby /pentest/passwords/bozocrack/bozocrack.rb md5.txt
Loaded 6 unique hashes
fcf1eed8596699624167416a1e7e122e:octopus
bed128365216c019988915ed3add75fb:passw0rd
d0763edaa9d9bd2a9516280e9044d885:monkey
ede6b50e7b5826fe48fc1f0fe772c48f:1q2w3e4r5t6y
7cf2db5ec261a0fa27a502d3196a6f60:pizza

ncrack Password cracker

“Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.

Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and many more. Protocols supported include RDP, SSH, http(s), SMB, pop3(s), VNC, FTP, and telnet.”

Download the latest version here