(01-30-2023, 09:49 PM)hash Wrote: Well, today I bring a #post about how to decrypt a #hash in a not so common way that is always known to use the same Brute Force methodology. But in this case it does it byte by byte…..Well, let's analyze the tool that develop which is based on python3.
Well, as we can see, we can decrypt several types of symmetric algorithms such as #md5#sha1#sha256#sha384 and #sha512….well now I am going to decrypt the following hash to see how it works and then I will briefly explain how it was done.
Hash:2346ad27d7568ba9896f1b7da6b5991251debdf2
As we can see, it is a symmetric hash of type #sha1… let's proceed to see how the tool works.
Well, it asks us for the type of hash and we insert it why this is done so that the user who uses it becomes familiar with the tool and understands the Algorithm that is decrypting in more depth... Then it tells us to press Enter and see what happens.
f we look closely, the Algorithm verifies us and shows us an approximate number of hours and Words processed per second...we wait a moment and eureka!
The hash the plain text hash….Now we are going to analyze its source a bit…I will be brief so that the #post is not so long….
As we can see, it is based on python exactly python3, and we have the sector for importing libraries such as sys, math etc... that refer to the system, hash libraries, line reading, character string comparison for hash identification... in End. And we see the rest of the time-type libraries to determine an estimated time delay counter and number of words or data processed per second ……and we see the specification of the #hashlib library of the symmetric algorithms to be used for decryption.
And a few lines of the declarator or conditional #if to do cleaning in windows and linux…..well, let's go where it says BASIC CONFIGURATION….the variable logintud (Here the number of bytes or characters to show after decryption)…ALPHABET(The bytes or characters to use to decrypt the hash after it has been identified). I clarify that if we use this logic approximately 3,611,342,280 possible combinations will be used to decrypt the #hash, because the value 6 in #logintud because most of the passwords in plain text are 6 equal characters is only an approximation I clarify.
Well now we will analyze a few more lines and the rest is specified with wildcards #
Well here we allocate what we want to activate and I think it is very clear what is activated and what is not ....and we have the symmetric hash type identification sector with the variable (eval(type)) so as not to do it directly in the code if not from the run script and HASH_BUSCADO = (HASH_BUCADO) that is, hash or hash chain to decrypt….we see the variable LLAMAR_EVENTO and this false, this variable is to see all the events that are generated within the generated file passdic.txt which They are the bytes or characters used and used with their combinations for the decryption of the Algorithm... for that reason I left it false. As we see below
In this part of the code I declare the identification of the hash Algorithm according to the number of characters…where it performs a check using the #if and #len conditionals According to the Algorithm Inserted in the variable HASH_BUSCADO.
![[Image: 0.1-1.png?w=396]](https://teamwhoami.files.wordpress.com/2021/03/0.1-1.png?w=396)
It should be remembered that the larger the encryption size of the ALgorithm, use machines with a good Processor, RAM memory and Hard Disk Storage.
DOWNLOAD SCRIPT:
![[Image: QwbOAt.png]](https://imagizer.imageshack.com/img922/783/QwbOAt.png)
![[Image: F6PEMz.png]](https://imagizer.imageshack.com/img922/9964/F6PEMz.png)
![[Image: pEgAFk.png]](https://imagizer.imageshack.com/img923/3558/pEgAFk.png)
![[Image: uxSYwP.png]](https://imagizer.imageshack.com/img923/2595/uxSYwP.png)
![[Image: 3ktSd8.png]](https://imagizer.imageshack.com/img922/3690/3ktSd8.png)
![[Image: m7fPFJ.png]](https://imagizer.imageshack.com/img924/6357/m7fPFJ.png)
![[Image: TBgUGK.png]](https://imagizer.imageshack.com/img922/7366/TBgUGK.png)