Cracking hashes with Python

MRAB python at mrabarnett.plus.com
Wed Nov 27 12:44:03 EST 2013 

On 27/11/2013 12:40, TheRandomPast . wrote:
> Hi,
>
> So apparently when I've been staring at code all day and tired my brain
> doesn't tell my hands to type half of what I want it to. I apologise for
> my last post.
>
> This is my code;
>
> import md5
> import sys
>
> characters=range(48,57)+range(65,90)+range(97,122)
>
> def chklength(hash):
>      if len(hash) != 32:
>          print '[-] Improper length for md5 hash.'
>          sys.exit(1)
>
> def checkPassword(password):
>      #print password
>      m = md5.new(password)
>      if (m.hexdigest() == hash):
>          print "match [" + password + "]"
>          sys.exit()
> def recurse(width, position, baseString):
>      for char in characters:
>          if (position < width - 1):
>              recurse(width, position + 1, baseString + "%c" % char)
>          checkPassword(baseString + "%c" % char)
>          print "Target Hash [" + hash+ " string: "+ baseString
>
> def brute_force():
>      maxChars = 32
>      for baseWidth in range(1, maxChars + 1):
>          print "checking passwords width [" + `baseWidth` + "]"
>          recurse(baseWidth, 0, "")
>
> def dictionary():
>      for line in File.readlines():
>          checkPassword(line.strip('\n'))
> hash =raw_input("Input MD5 hash:")
> option=raw_input("Choose method:1=Brute Force; 0=Dictionary")
> if(option==1):
>      chklength()
>      brute_force()
> else:
>      if(option==0):
>          File=open("C:\dictionary.txt")
>          chklength()
>          dictionary()
>      else:
>          print "Wrong method!"
>
> And dictionary is working, as is the brute force however the issue I
> have having is with my chklength() as no matter how many characters I
> input it skips the !=32 and goes straight to asking the user to chose
> either Brute Force or Dictionary. I want an error to be shown if the
> hash is less than or more than 32 characters but at present this
> chklength() doesn't work as I thought it would.
>
> Can anyone point out an obvious error that I am missing?
>
[snip]

You're asking for the hash, then you're asking for the method. You're
not checking the length of the hash between the two.

BTW, 'raw_input' returns a string and a string != a number, e.g. "1" !=
1.

More information about the Python-list mailing list