How to crack password hashes (md5, lm...etc)

Researching, Proof of Concepts, Hacking, Console Modding and Hacking and more. No game hacking / modding here.
Post Reply
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

How to crack password hashes (md5, lm...etc)

Post by Sethioz »

Note - this is not a tutorial on how to use tools so i will not cover the step-by-step part on how to open and use tools. this simply explains what to use and where to get and which is the fastest and best way to sucessfully crack a password hash. Look at bottom of post for detailed tutorial on how to crack lm hashes (link to tutorial)

PasswordsPro - my favorite, but not the fastest. supports the following hash algorithms:

Code: Select all

– MySQL
– MySQL5
– DES(Unix)
– MD4
– MD4(HMAC)
– MD4(Base64)
– MD5
– MD5(APR)
– MD5(Unix)
– MD5(HMAC)
– MD5(Base64)
– MD5(phpBB3)
– MD5(Wordpress)
– MD5_HMAC($salt,MD5_HMAC($salt,$pass))
– SHA-1
– SHA-1(HMAC)
– SHA-1(Base64)
– SHA-256
– SHA-384
– SHA-512
– SHA-256(PasswordSafe)
– Haval-128
– Haval-160
– Haval-192
– Haval-224
– Haval-256
– Tiger-128
– Tiger-160
– Tiger-192
– Whirlpool
– RAdmin v2.x
– Domain Cached Credentials
– md5($pass.$salt)
– md5($salt.$pass)
– md5(md5($pass))
– md5(md5(md5($pass)))
– md5(md5($pass).$salt)
– md5(md5($salt).$pass)
– md5($salt.md5($pass))
– md5($salt.$pass.$salt)
– md5(md5($salt).md5($pass))
– md5(md5($pass).md5($salt))
– md5($salt.md5($salt.$pass))
– md5($salt.md5($pass.$salt))
– md5($salt.md5($pass).$salt)
– md5(sha1(md5(sha1($pass))))
– md5($hex_salt.$pass.$hex_salt)
– md5($username.md5($pass).$salt)
– md5(md5($username.$pass).$salt)
– sha1($salt.$pass)
– sha1($username.$pass)
– sha1($username.$pass.$salt)
– sha1($salt.sha1($salt.sha1($pass)))
it can also crack salted hashed, but the attack type will be limited (rainbow tables are not supported for example and cracking speed is a lot slower).

Cain & Abel - also quite good, but it does not support so many hash types, however it is faster than passwordspro, but the biggest downside is that it does not save the cracked hashes during crack process. so when your computer crashes in middle of cracking, then you will lose whole process, which can be very, very annoying if you crack tought password hashes (days or even weeks of process can be lost)

MD5 GPU crack - now this is not so known method, this tool uses your GPU (graphics processing unit), in other words your video card, to crack the password hash. This can only crack MD5 hashes, however the speed is 10 or even more times faster. this tool also only supports brute force option.

Rainbow Crack - tool for cracking if you want to use rainbow tables in your process of cracking. it should be only cmd based. i personally have never used this tool.

im sure there's more tools you can use, but i listed the ones i have came across myself.

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

To crack a password hash, you will first need to decide what type of attack you want to use, there's several methods:

1. rainbow tables - basically like brute force attack, only that you use big (even huge) rainbow tables to do the cracking faster. rainbow tables that covers over 9 character lenght passwords can be more than 500gb probably, depending what charset they use, however cracking speed is a lot faster than using bruteforce attack.
you can buy rainbow tables online for high price or you can get very good ones form FreeRainbowTables

2. Brute Force - this means that random passwords are converted to password hash to see if it's same. bruteforcing longer than 9 character passwords can take more than 10 years, depending on the charset used (symbols, numers, loweralpha, upperalpha, mixalpha..etc)
This attack is supported by all of the tools specified above (read the guide in tool you use)

3. Wordlists - very similiary to brute force, only that in this type of attack, the passwords are specified in the file (usually .txt, but can be any type of file if it can be read by the program used) for more info on how to create a good wordlist read this topic > How to make wordlist/s. you can even use your msn chatlogs to create a good wordlist, this type of attack have gave me the best results in cracking. my own custom wordlists can crack about 70% of password hashes.

4. Online cracking - well this is optional, you only need google.com for this. search for "hash cracker" or if you have speciic hash type, then "md5 cracker". just use your head on this one. theres really a lot of online crackers these days. you can also post the hashes on freerainbowtables forum. from my experience, those online crackers are very weak.

These are the base for all attacks. PasswordsPro allows you to combine those attacks. for example in brute force attack you can choose a specific word and then add bruteforce numbers behind it (like adminxxxx, where xxxx will be the brute forced part). it also allows you to combine wordlists, for example if you have one wordlist with simple, common words in it, then you can combine it with itself, as result you will get more complex words. if there is word "plane" and "pilot" in that wordlist, then as outcome you will get 4 passwords: "plane", "planepilot", "pilot" and "pilotplane". good part is that you can also add the brute force option for wordlists or well not so brute force. it will test each word in wordlist with your own rules, you can specify the random numbers at end of each word or you can make it try each word with Capital letter, or you can even make your own custom rules, to crack the 1337 style passwords (P255w0rd < like this).
so i suggest you to use PasswordsPro.

////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

Useful info:
How to crack LM hashes (detailed tutorial)
RainbowTables vs Wordlists
How to make wordlist/s
How to make wordlist out of any file
How to download all files from php site (downloadable)

Feel free to ask for help if you run into any problems. Like how to add password hash + salt into passwordspro.
Post Reply