A versatile hash/passwd cracking tool that offers several functionalities. The script starts with the online word-list attack, then proceeds to the local word-list attack if unsuccessful, and finally resorts to the brute force attack if needed.
Clearing the Screen: The script starts by clearing the terminal screen using the 'os.system' function, providing a clean interface for user interaction.
Online Password Wordlist Download: The script downloads an online leaked password wordlist from a specified URL, such as "rockyou.txt". This list is filtered to contain valid passwords based on specific criteria, like password length and alphanumeric characters.
Valid Password Criteria: Users can define their criteria for valid passwords. By default, the script filters for passwords that are alphanumeric and no longer than 30 characters. Users can modify this function based on their requirements.
Cracking Methods: The script provides three methods for cracking hashed passwords:
a. Wordlist Attack: This method attempts to crack the hash by checking if it matches any entries in a wordlist, both downloaded from an online source or a local file. The script iterates through the list and performs hash calculations on each word to find a match.
b. Brute Force Attack: In the absence of a matching wordlist entry, the script employs a brute force approach. It generates combinations of characters, varying in length, to calculate hash values and match them with the provided hash.
c. Mixed Approach: The script starts with the online wordlist attack, then proceeds to the local wordlist attack if unsuccessful, and finally resorts to the brute force attack if needed.
User Interaction: The script engages users through interactive prompts. Users choose the hashing algorithm (md5, sha1, sha256, sha384, or sha512) and enter the hash value they want to crack.
Real-time Progress Updates: The script provides real-time progress updates, indicating the percentage of completion and the current password being checked during the cracking process.
Some of the notable features of this hash cracking script:
Algorithm Flexibility: Users can choose from five different hashing algorithms (md5, sha1, sha256, sha384, sha512), making it suitable for a variety of scenarios.
Combination of Attack Methods: The script offers a smart approach by employing wordlist attacks, both from online and local sources, and a brute force attack, ensuring a comprehensive search for the password.
User-Friendly Interface: The script interacts with users through clear prompts and real-time progress updates, enhancing the overall user experience.
Robust Error Handling: It provides robust error handling mechanisms, ensuring that the script continues functioning even in the event of errors, such as failed online wordlist downloads.
Online Wordlist Support: Users can take advantage of online leaked password wordlists by providing a URL. This can significantly increase the chances of cracking a password.
Conclusion: The Python hash cracking script S.S.A_HASH_CRACKER is a versatile tool that can help cybersecurity enthusiasts and professionals in testing their security systems or recovering forgotten passwords. By providing multiple cracking methods, user interaction, and error handling, it offers a comprehensive solution for hash cracking. However, it is crucial to use such tools responsibly and legally. It's an excellent addition to the toolbox of anyone interested in understanding and experimenting with password security.