I use the word decrypter loosely, but it is what the site's
advertising it to be.
So I wrote a PHP script that takes hashes from a database
(columns are as such: id, hash, unhashed)
and checks them against md5-decrypter.com and md5decryption.com
these sites have no captcha protection (and over 4.7mil stored hashes)
?php
set_time_limit(0);
$db_host = localhost; //if your port is different then default, add
a colon : and the port number (ex localhost:1337)
$db_user = user;
$db_password = pass;
$db_name = db;
$db_table =table;
$table_id_field = id; //change this if the unique ID field is called
something else. (ie Id, ID)
$table_hash = hash; //change this if the hash field is called something else
$table_plaintext = dehashed; //change this for where the plain text
version of the password will be updated to
//dont change anything below here unless you know what you are doing
mysql_connect($db_host, $db_user, $db_password);
mysql_select_db($db_name) or die(mysql_error());
$query = SELECT * FROM . $db_table . limit 1;
$result = mysql_query($query) or die(mysql_error());
function get_string_between($string, $start, $end){
$string = .$string;
$ini = strpos($string,$start);
if ($ini == 0) return ;
$ini += strlen($start);
$len = strpos($string,$end,$ini) - $ini;
return mysql_real_escape_string(substr($string,$ini,$len));
}
function give_back($url, $post, $text){
$posted_vars = $post . = . $text;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_REFERER, $url);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $posted_vars);
curl_exec($ch);
curl_close($ch);
unset($ch);
}
function do_except($num, $plaintext){
if($num !=1){
give_back(http://md5-encryption.com/;, data[Row][clear],
$plaintext);
}
if($num !=2){
give_back(http://md5encryption.com/;,
submit=Encrypt%20It!word,
$plaintext);
}
}
function fetch_md5($url, $post, $start, $end, $trim, $hash){
$posted_vars = $post . = . $hash;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_REFERER, $url);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $posted_vars);
$fetched_page = curl_exec($ch);
curl_close($ch);
unset($ch);
$password = get_string_between($fetched_page, $start, $end);
if(isset($trim) !empty($trim)){
$password = substr($password, $trim);
}
return $password;
}
function update_plaintext($table_name, $id_field, $row_id, $plaintext,
$dehashed){ //table name, table id field, row id value, the table
plaintext field, the dehashed password
$sql = update $table_name set $plaintext = '$dehashed' where
$id_field = '$row_id';
mysql_query($sql);
}
while($row = mysql_fetch_array($result)){
$password1 = fetch_md5(http://md5-decrypter.com/;,
data[Row][cripted], Decrypted text:/b, /b, 21,
$row[$table_hash]);
if(!empty($password1)){
update_plaintext($db_table, $table_id_field,
$row[$table_id_field],
$table_plaintext, $password1);
if($giveback == 1){
do_except(1, $password1);
}
continue;
}
$password2 = fetch_md5(http://md5decryption.com/;,
submit=Decrypt%20It!hash, Decrypted Text: /b, /fontbr/,
, $row[$table_hash]);
if(!empty($password2)){
update_plaintext($db_table, $table_id_field,
$row[$table_id_field],
$table_plaintext, $password2);
if($giveback == 1){
do_except(2, $password2);
}
continue;
}
}
?
http://pastebin.com/idGqmqAg
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
