I'm working on an assignment where I have to write a password cracker, to crack a password of which I have found the hashed value while compromising a system (.htpasswd) file on a web server.
I've written the program and it works fine with simple and basic MD5 hashes, but the one I will be using is Salted MD5 hash.
I've asked for assistance from my lecturer and he provided this:
Import module from passlib.hash import apr_md5_crypt use this function apr_md5_ crypt.encrypt(password, salt=salt) where the password is the word from RockYou and salt is the value from the developer's hash value. This should help you out.
I've added this in my program but it's still not picking the password from a wordlist that contains the password.
The aim is to make my code work, not to find the password (I managed to get it in a previous stage using John The Ripper).
#!/usr/bin/env python#Importing algorithmimport md5import hashlibimport passlib.hash#Importing the algorithm for the hashed SALTfrom passlib.hash import apr_md5_crypt#The password is 1qa2ws3ed#The SALT value is Wv63/0xMcounter = 1pass_in = raw_input("Please enter MD5 Hash: ")pwfile = raw_input("please enter the wordlist file name: ")#Opening the file to make sure the path is correct prior commencing to crack the passwordtry: pwfile = open(pwfile, "r")except: print "\nFile Not found." quit()for password in pwfile: filemd5 = apr_md5_crypt.encrypt('1qa2ws3ed', salt='Wv63/0xM') md5.new(password.strip()).hexdigest() print "Trying password number %d: %s " % (counter, password.strip()) counter += 1 if pass_in == filemd5: print "\nMatch Found. \nPassword is: %s" % password breakelse: print "\nPassword Not Found."I am looking to use Java to get the MD5 checksum of a file. I was really surprised but I haven't been able to find anything that shows how to get the MD5 checksum of a file.
How is it done?
This question already has an answer here:
Am trying to setup a site locally, and in my xampp/htdocs, I have my site in a folder called hailataxi, which is the same name that I used for my database.Inside that folder I have my admin folder, and there I see the index.php, which is for admin login.
This is the code I have, before the html tag starts:
<?php session_start(); require_once('config.php'); include("inc/class.DB.php"); include("inc/class.functions.php"); $myfunctions = new Myfunctions(); if(!empty($_SESSION['id'])) { echo "<script> window.location = 'dashboard.php'; </script>"; } if(isset($_POST['submit'])){ $email = $_POST['email']; $password = md5($_POST['password']); $resultQuery = $myfunctions->fun_checkadmin($email,$password); if(!empty($resultQuery) && $resultQuery['name']!='') { $_SESSION['login'] = "1"; $_SESSION['email'] = $resultQuery['email']; $_SESSION['user_name'] = $resultQuery['name']; $_SESSION['id'] = $resultQuery['id']; $_SESSION['type'] = $resultQuery['type']; echo "<script> window.location = 'dashboard.php'; </script>"; } else { $_SESSION['login'] = "0"; echo "<script> window.location = 'index.php?error=1'; </script>"; } } $msg=''; if ($_GET['error'] == 1){ $msg = '<span style=" margin-left: 41%; position: absolute; top: 6%; left:2%; background-color: red; padding: 5px; color: white; border-radius: 4px; ">Please Check Your Details !!</span>'; }?>I see that all the database connection in the config.php admin folder:
define("SITEURL", "http://localhost/hailataxi/admin/index.php"); define('DB_HOST', 'localhost');define('DB_USER', 'root');define('DB_PASSWD', '');define('DB_NAME', 'hailataxi');define("BASE_HTTP_BASE_URL" , SITEURL);define("BASE_HTTP_URL" , BASE_HTTP_BASE_URL);define("BASE_SERVER_URL" , dirname(dirname(__FILE__)));define("SITENAME" , 'Taxi');define("HELPMAIL" , 'support@Taxilive.com');define("DF_IMG", "images/user.svg"); $conn = @mysql_connect(DB_HOST, DB_USER, DB_PASSWD);$db_selected = mysql_select_db(DB_NAME, $conn);if (!$db_selected){ die ("Can\'t use db : " . mysql_error());}mysql_set_charset('utf8mb4');define("ADMIN" , "ub_admin");define("USER" , "ub_users"); define("EMP" , "ub_emp"); define("ADMIN_SETTING" , "ub_admin_setting"); define("USERAUTH" , "ub_user_auth"); define("EMPAUTH" , "ub_emp_auth"); define("SETTING" , "ub_admin_setting"); define("IMGPATH", "http://taxilive.dedicated.co.za/taxi/uploads/"); define("APPROVED" , "ub_approved_request"); define("REQUEST" , "ub_request");define("INVOICE" , "ub_invoice");define("REVIEW" , "ub_review");define("PARTNER" , "ub_partner");error_reporting(0);I am using xampp, so I never set a password for it, but when I try to access the login page, I see the following error:
http://localhost/hailataxi/admin/index.phpError:
Fatal error: Uncaught Error: Call to undefined function mysql_connect() in C:\xampp\htdocs\hailataxi\admin\config.php:15 Stack trace: #0 C:\xampp\htdocs\hailataxi\admin\index.php(2): require_once() #1 {main} thrown in C:\xampp\htdocs\hailataxi\admin\config.php on line 15If I remove all the code before the html tag, to cancel the db connection, I can see the admin login page in the front-end.
Is there anything wrong am doing to connect my database?
Note: I am not an expert PhP developer and unfortunately this code was given to me as it is. And am also aware that If I had to develop a php site I'd PDO's instead.
Hope that there can be an answer with the code I currently have.
EDITED:
So I changed the connection to this:
$con = mysqli_connect("localhost","root","","hailataxi");// Check connectionif (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error();}However, I see a blank page when I refresh my url.I tried to add a password in the parameters and I denied access. Theoretically that means that he can connect to the database, but I dont understand how I still see blank.
I want to create registration form. This is code:
<form action="handler.php" method="post" id="Login"> <div class="form-group"> <input type="email" name="email" class="form-control" id="inputEmail" placeholder="Email Address"> </div> <div class="form-group"> <input type="password" name="password" class="form-control" id="inputPassword" placeholder="Password"> </div> <div class="form-group"> <input type="password" name="confirm-password" class="form-control" id="inputPassword" placeholder="Confirm-password"> </div> <button type="submit" name="button" class="btn btn-primary">Registration</button> </form>and this is php code:
include "db.php";header('Content-type: text/plain; charset=utf-8');//registrationif(isset($_POST['button'])) { / $query = mysqli_num_rows($mysqli,"SELECT COUNT(email) FROM users_data WHERE email='".($_POST['email'])."'"); if($query > 0) { $error = "User with this email is exist!"; } //if not if(!isset($error) && $_POST['password'] != $_POST['confirm-password'] ) { $email = trim($_POST['email']); $password = md5(md5(trim($_POST['password']))); mysqli_query($mysqli,"INSERT INTO users_data SET email='".$email."', password='".$password."'"); echo 'You have registered with email - '.$email; exit(); } else echo 'The passwords are not equal!'; header "Location: login.html"; }So, I want to check forms on equal emails and user write the same email which is exist in mysql DB he/she need to receive message, but it doesn`t work. Can you help me?
I am trying to generate md5 hash from Powershell. I installed Powershell Community Extension (Pscx) to get command : Get-Hash
However when I generate md5 hash using Get-Hash, it doesn't seem to match the hash generated using md5sum on an Ubuntu machine.
PS U:\> "hello world" | get-hash -Algorithm MD5Path Algorithm HashString Hash---- --------- ---------- ---- MD5 E42B054623B3799CB71F0883900F2764 {228, 43, 5, 70...}root@LT-A03433:~# echo "hello world" | md5sum6f5902ac237024bdd0c176cb93063dc4 -I know that the one generated by Ubuntu is correct as a couple of online sites show the same result.
What am I going wrong with Powershell Get-Hash?
Domáce - Mapa stránok - Súkromie - Links - Copyright © 2018 Cortex IT Ltd : Kontakt : admin @ cortexit.co.uk
Please note that by viewing our site you agree to our use of cookies (see Súkromie for details). You will only see this message once.