Tag Archive: password cracking

MD5 Password Cracking

Password hashes can take a long time to crack, depending on the hash and the complexity of the password. Why spend all that time cracking a password, when someone else has already done the work? Introducing BozoCrack. BozoCrack is a ruby script that will search google for a MD5 hash and if google has it, bozocrack will return the plain text password.

Description from Bozocrack

“BozoCrack is a depressingly effective MD5 password hash cracker with almost zero CPU/GPU load. Instead of rainbow tables, dictionaries, or brute force, BozoCrack simply finds the plaintext password. Specifically, it googles the MD5 hash and hopes the plaintext appears somewhere on the first page of results.”


root@bt:~# ruby /pentest/passwords/bozocrack/bozocrack.rb md5.txt
Loaded 6 unique hashes

ncrack Password cracker

“Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.

Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and many more. Protocols supported include RDP, SSH, http(s), SMB, pop3(s), VNC, FTP, and telnet.”

Download the latest version here