HASH CRACKING USING PASSWORDS PRO

What you will need
PasswordsPro Cracked: http://uppit.com/ibgg0aavnwg4/PPro.zip
Nice word lists: http://packetstormsecurity.org/Crackers/wordlists/
Nice Word lists: http://www.insidepro.com/dictionaries.php
Hash Algorithms:http://pastebin.com/FDkAQ4W6

Tutorial
Ok now you have everything you need it's time to start cracking...

To start off you will want to extract your word lists into the dictionary directory which passwords pro have provided like so:


Once this is done you will need to import them into the simple dictionaries list in passwords pro... To do this you need to open passwords pro and in the menu bare you go toservice>settings, then you go to "dictionaries" in the list on the left hand side, once you have done this you will need to right click the big white area and click add... Now you need to find the word lists you want to import which has been extracted into your passwords pro dictionaries list so look for that and start importing each word list from each folder, it is also a good idea to import the default passwords pro lists as they're the very basic passwords which a lot of people use... It should look like this once done:


Press "Ok" and we're ready to start cracking!

Ok, there are a few different ways in which you can import hashes/salts etc, this can be done by adding them one by one which can be very time consuming or you can list each hash and salt in a word document, an example of this would be:


The above image is showing two hashes and salts from a vbulletin database, it has been set out with hash:salt the : in between each item is important as passwords pro picks this up as a break, now that You've done that save it as anything.txt. Now that You've saved it you want to import it into the interface to start cracking, to do this you need to click on the little white page next to the "Open" icon, this will allow you to select a file so look for the file you have saves the hashes in and open it, once done, you will be given a screen like this:


This is where the hash formats list comes in... Depending on where you got the hash from or what type of database it's from you will need to edit the "Select hash type" so you know which hash you're attempting to crack go to this: http://pastie.org/1314051 and look for the Hash Algorithm which links to where you got your database from and look for it in the hash type drop down box like so...


In this case we will be cracking a vbulletin hash meaning we will need to look for md5(md5($pass).$salt) as it says in the hash type list I given.

Note: Not all hashes have a salt such as MD5 which is just a hash on it's own which can be cracked. In this case I will be changing the "Line Format" to Hash:Salt as that is what I have in my hash list.

Press "Ok" and once done your passwords pro will look like this:


Ok now we need to change the way passwords pro would approach the hash and crack it, this can be done like this:


We will be using simple dictionary attack as this is how we use the word lists imported from the beginning of the tutorial.

Now we can crack! All you have to do is click on the button which looks like this:



We're done!

Just a quick note: To add a hash on it's own just right click on the form it's self and click "Add" and just follow the instructions given from the middle of this tutorial.

Sit back and wait for the hash to crack 

Durandal v0.5: CPU/GPU Hash Cracker

Durandal is a distributed GPU/CPU computing software that aims to crack passwords. Mostly written in C++ with the Boost library, it works on many systems, however it is only buit for Windows and GNU/Linux for the moment x64 platforms.

Durandal can be used for:

1. OS portability: It works and has been tested on Windows and GNU/Linux, but could work on *BSD, Solaris, or any other platforms that support C++ and the Boost library.
2. Architecture Pertability: hash functions aren't only developped in SSE2 assembly and Nvidia CUDA; there is also a C version that could be ran on any architecture.
3. Powerful: by using C++, Durandal has been designed in order to support a lot of computers.
4. Performance: has functions are optimized with SSE2 for CPUs and ported to Nvidia CUda for GPUs.

Features of Durandal

• Windows (XP, Vista, 7) and GNU/Linux support
• 64bits support
• Usual hash fuctions: MD5, SHA1, SHA256, SHA512, NTLMv1, MySQL (all versions)
• SSE2 optimized, Nvidia CUDA support
• Server, agent and administration console
• Network communication with XML over HTTP (proxy support)

Download Durandal v0.5 from here: Download

Hash Cracking tutorial with HashCat

HashCat is a tool for cracking various types of hash. This tool can do more than one Hash cracking, which means we can put some hashes into a file.txt and it crack the hashes simultaneously. we can do offline cracking hashes (it means we don`t need an Internet connection that uses the hash databases that have been cracked before).

the hash algorithm supported by this tool include:
* MD5
* Md5 ($ pass. $ Salt)
* Md5 ($ salt. $ Pass)
* Md5 (md5 ($ pass))
* Md5 (md5 (md5 ($ pass)))
* Md5 (md5 ($ pass). $ Salt)
* Md5 (md5 ($ salt). $ Pass)
* Md5 ($ salt.md5 ($ pass))
* Md5 ($ salt. $ Pass. $ Salt)
* Md5 (md5 ($ salt). Md5 ($ pass))
* Md5 (md5 ($ pass). Md5 ($ salt))
* Md5 ($ salt.md5 ($ salt. $ Pass))
* Md5 ($ salt.md5 ($ pass. $ Salt))
* Md5 ($ username.0. $ Pass)
* Md5 (strtoupper (md5 ($ pass)))
* SHA1
* Sha1 ($ pass. $ Salt)
* Sha1 ($ salt. $ Pass)
* Sha1 (sha1 ($ pass))
* Sha1 (sha1 (sha1 ($ pass)))
* Sha1 (strtolower ($ username). $ Pass)
* MySQL
* MySQL4.1/MySQL5
* MD5 (WordPress)
* MD5 (PHPbb3)
* MD5 (Unix)
* SHA-1 (Base64)
* SSHA-1 (Base64)
* SHA-1 (Django)
* MD4
* NTLM
* Domain Cached credentials
* MD5 (CHAP)
* MSSQL

Attack Mode supported in this tool:
* Straight *
* Combination *
* Toggle-Case *
* Brute-Force
* Permutation

First, create a file with notepad:
[1] C:\temp\hash.txt and
[2] C:\ temp\results.txt ago
open the C:\ temp\hash.txt and fill with Hash you want to crack. picture as below:

For C:\temp\results.txt , do nothing and let it blank because the cracked hashes will be saved in here.

Run Hashcrack. and follow the steps below:

In this tutorial, the author uses brute-force mode, cracking technique with a combination of characters. Notice the image below:


[-] In Hashfile column, click the folder icon (browse for hashfile) and open the C: \ temp \ hash.txt that you have previously made.
[-] In Brute force column, select mode and select the type of hash (we are trying to crack MD5 here)
[-] In the Password length, insert 1-14 (u may put about 20 oto 30) the longer the password length, the longer the cracking process.
[-] In bruteforce charset settings, you can fill with the desired character. eg abcdefghijklmnopqrstuvwxy z1234567890 or abcdefghijklmnopqrstuvwxy z1234567890 !@#$%^&*()_+
[-] In OUTFILE column, put a tick and specify the path in C:\temp\results.txt that you have previously made.
[-] Checklist OUTFILE Monitor and click I want to catch a Hash ..

Wait for the process of cracking (this tool directly run a CLI mode)


you will find the results of the hash that has been successful on crack.

download hashcat from here