Hash cracker - Printable Version +- Python Forum (https://python-forum.io) +-- Forum: General (https://python-forum.io/forum-1.html) +--- Forum: Code sharing (https://python-forum.io/forum-5.html) +--- Thread: Hash cracker (/thread-39569.html) |
Hash cracker - Milan - Mar-09-2023 Hello team, I posted a question on General Coding Help, but eventually figured it out by myself. Tbh I tweaked the code from this link https://medium.com/@cyberdocks2019/password-cracking-using-python-9fd1b5e064d9. from urllib.request import urlopen import hashlib sha3_512hash = input("[+] Enter sha3-512 Hash value: ") password_list = str(urlopen('https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt').read(), 'utf-8') for password in password_list.split('\n'): guess = hashlib.sha3_512(bytes(password,'utf-8')).hexdigest() if guess == sha3_512hash: print("[+] The password is: "+str(password)) break elif guess != sha3_512hash: continue else: print("The password does not matched in the list…")It can be configured to other hash types by changing sha3_512 on line 8. I hope it can be of some help. RE: Hash cracker - rob101 - Apr-03-2023 If I may... Possibly, this should have been posted in Code Review before it was posted here. It would be better (IMHO) to d/load the 'dictionary' file (given that this is a so-called 'dictionary attack'), then load one word at a time, for the attempted 'crack'. That way the computer RAM is not filled with the entire file, which is 8.5MB in size; not huge, but it's very large (if one can define the difference). In fact password_list is not a Python list object, as the name would suggest; rather it's a instance of str: len=8529104So maybe your code should be in two parts: one to d/load and save the file (which may or may not be updated from time to time; I've not checked on that detail) and one to re-load the file, one word at a time, generate the hash digest and check that against the user input. I've not checked the actual operation (that is to say, I've not hashed a simple and easy-to-crack password, which is all this is good for) to see if it works, but I guess you have? |