Forums: Saltcracker - Forums

Some day i tryed to learn perl, this was my second perl code, after some tryes...
So, please someone _Code it better_

Actualy it works but it's a bit slow :\

The folowing code loads all md5 hashes from the txt file and try to find for each hash the correct md5 word, the salt is used too.
This kind of passwords are used for exemple by a program named serv-u from Rhino Software.
Actualy they use a random 2 alphanumeric chars plus the md5 of that same 2 chars+word
Exemple:

satl=me
password=crack

The result would be:
medc4779c4c383c77eac29d76f00112c54

salt=me
md5hash=dc4779c4c383c77eac29d76f00112c54
md5hash plaintext is mecrack

#!/usr/bin/perl -w
use Digest::MD5 'md5_hex';
open( PASSWORD, "words00.txt");
open( HASHES, "hashes.txt");
$a="";
$count=0;
$numHashes=0;
while(defined($a=<HASHES>)) {
	$hashes.=$a;
	$numHashes++;
}
print "Num Hashes: ", $numHashes . "\n";
close(HASHES);
@hashes=split(/\n/, $hashes);
while($input = <PASSWORD>) {
	chomp($words = $input);
	$hashpos=0;
	foreach $saltedHash (@hashes) {
		if ($saltedHash ne NULL) {
		$myhash = substr($saltedHash, 2, 32);
		$mysalt = substr($saltedHash, 0, 2);
		my ($m) = md5_hex("$mysalt$words");
		if ($m =~ /$myhash/i) {
			print "Hash: $myhash salt:$mysalt passwd:$words\n";
			$hashes[$hashpos]=NULL;
			$count++;
		}
		 }
		$hashpos++;
		if ($numHashes == $count) {exit;}
	 }
}
#EOF

Hi, here's my implementation of your script:

#!/usr/bin/perl

use warnings;
use strict;

use Digest::MD5 'md5_hex';

my ($count,%hashes,@salts) = (0);

open( HASHES, "hashes.txt")	or die "Can't open hashes file: $!";
while(<HASHES>) {
	chomp; # remove the newline character
	my $myhash = substr($_,2,32);
	my $salt   = substr($_,0,2);
	$hashes{$myhash} = 1;
	push @salts, $salt;
}
close(HASHES);

print "Num Hashes: ", scalar keys %hashes, "\n";

open( PASSWORD, "words00.txt") or die "Can't open words file: $!";
PASS: while(<PASSWORD>)
{
		chomp; # remove \n char
		for my $salt (@salts)
		{
				my ($m) = md5_hex("$salt$_");
				if (exists $hashes{$m})
				{
						print "Hash:$m salt:$salt passwd:$_\n";
						++$count;
						last PASS if $count == keys %hashes;
				}
		}
}
close PASSWORD;

Here's what I changed:

• Instead of loading the entire file into an array then iterating many times over it using substr on each iteration I loaded the $myhash as a key of the hash, and pushed all the salts into an array
  
• Instead of iterating over each hash and extracting the salt, I just iterate over the salts, digesting the word for every salt
  
• Now I have an easy way to check if the salt exists in the file ( by using exists() on the %hashes )
  
• I added use stricts, and changed -w to use warnings ( I just prefer use warnings; over -w ;) )
  
• Added failure checks when opening files
  
• Using last PASS instead of exit to stop after we have all passwords
  
• Removed not needed variables

That's about all. The code looks different but that's just coding style I think ;)

I timed both scripts on 1000 hashes + 1000 words, here are the results ( output of scripts not included )

# your's implementation
$ time perl saltcrack1.pl
real	0m38.035s
user	0m27.182s
sys	 0m0.079s

# my implementation
$ time perl saltcrack2.pl
real	 0m0.525s
user	0m0.217s
sys	 0m0.027s

Both tested on the same machine ( PIII 600 + 128 ram )

And last but not least :) thanks, it was fun to code it.

PS.
Some more info on the tests.
I generated 1000 hashes using 9 salts ( salt for each word chosen randomly ) from 1000 words from dictionary.
Then I randomized the order of the words. So there where no false hashes/words in the hashes/words files.
Both scripts were run on the _same_ input files ( words01.txt hashes.txt ).
I ommited the output of both scripts becouse it would be 2k lines :)

Nice work there!
Even thought in making it in C/C++?

RandomCode, on May 4 2006, 09:55 AM, said:

Thanks :)

RandomCode, on May 4 2006, 09:55 AM, said:

No, not really. Unfortunetly I am not a very good C/C++ coder, so probably I would create unefficient code :)

I know that Perl isn't designed for such tasks, I reimplemented your code just for fun :)
// ok :P not only for fun, I'm addicted to Perl :P

heheehe nice work anyway...
By the way, did you ever try to use perl2exe?
If yes, did you ever noticed problems with it?

RandomCode, on May 6 2006, 10:40 AM, said:

Yes I tried, once or two. But I do not recommend it.
The binary is large, it has to bundle all the modules that you use.
It works better then perlcc but in complex project it still can behave weird.
Perl is a scripting language so I wouldn't recommend any compilation of it.
There are modules that allow you to generate perl bytecode and that would probably work better.

perl6 will be able to compile into bytecode iself, as far as I know.
So we will have to wait and see ;)

P.S.
Of course bytecode still requires a perl installed, but perl is standard on almost any unix like platform.