exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

SHA-1 MySQL Bruteforcer

SHA-1 MySQL Bruteforcer
Posted Apr 30, 2012
Authored by baltazar

SHA-1 MySQL database brute forcing utility. Written in Python.

tags | cracker, python
SHA-256 | 0068129733662bae54b4b7a0b553891a45edd277617355e6aec8c7aae793b8ad

SHA-1 MySQL Bruteforcer

Change Mirror Download
#!/usr/bin/python
# This was written for educational purpose and pentest only. Use it at your own risk.
# Author will be not responsible for any damage!
# !!! Special greetz for my friend sinner_01 !!!
# Toolname : sha1db.py
# Coder : baltazar a.k.a b4ltazar < b4ltazar@gmail.com>
# Version : 0.1
# Greetz for rsauron and low1z, great python coders
# greetz for d3hydr8, r45c4l, fx0, Soul, MikiSoft, c0ax, b0ne and all members of ex darkc0de.com, ljuska.org
# Based on low1z (ex. darkc0de member) python script, md5db11.py
# Thanks bro for inspiring me :)

import sys, subprocess, hashlib

try:
import MySQLdb
except:
print "\n[-] MySQLdb not installed on system!"
choo = raw_input("\nWould you like to install it (if want press yes or y)?")
if choo == "yes" or choo == "y":
subprocess.call("sudo apt-get install python-mysqldb", shell=True) # Works with me, tested on Kubuntu 12.04
print "\n[!] MySQLdb installed!"
print "[!] Now exiting, please try script again!"
sys.exit(1)
else:
print "\n[+] If you using Ubuntu based system, try: sudo apt-get install python-mysqldb"
print "[!] Thanks for using script, please visit b4ltazar.wordpress.com & ljuska.org"
print "[!] Now exiting ..."
sys.exit(1)



def logo():
print "\n|---------------------------------------------------------------|"
print "| b4ltazar[@]gmail[dot]com |"
print "| 04/2012 sha1db.py v.0.1 (based on low1z script) |"
print "| b4ltazar.wordpress.com & ljuska.org |"
print "| |"
print "|---------------------------------------------------------------|\n"


if sys.platform == 'linux' or sys.platform == 'linux2':
subprocess.call("clear", shell=True)
logo()
else:
subprocess.call("cls", shell=True)
logo()

dbname = 'sha1db'
#####################################################################
DB = MySQLdb.connect(host='127.0.0.1', user='root', passwd='root') # You should change this line with your login details
#####################################################################

def DBconnect():
consrv = DB.cursor()
return consrv

def setupDB():
consrv = DBconnect()
try:
consrv.execute("CREATE DATABASE "+dbname)
print "[+] Database:", dbname
print "[+] Status : created"
except MySQLdb.Error, e:
print "[-] Error %s" % (e.args[1])
sys.exit(1)
try:
consrv.execute("CREATE TABLE "+dbname+".data (id INT( 255 ) NOT NULL AUTO_INCREMENT ,plain TEXT NOT NULL ,sha1 VARCHAR( 255 ) NOT NULL ,PRIMARY KEY ( id ) , UNIQUE ( sha1 )) ENGINE = MYISAM;")
print "[+] Tables in db:", dbname, "created, Database ready to use!"
except MySQLdb.Error, e:
print "[-] Error %s" % (e.args[1])
sys.exit(1)

def importword():
counter = 0
try:
words = open(wordlist, "r")
except(IOError):
print "[-] Error: check", wordlist
sys.exit(1)
duplicates = 0
print "[+] Inserting wordlist, skipping duplicates ... may take some time"
for word in words.read().split('\n'):
hash = hashlib.sha1(word).hexdigest()
counter = counter + 1
try:
consrv = DBconnect()
consrv.execute("INSERT INTO "+dbname+".data (plain, sha1)VALUES ('"+str(word)+"', '"+str(hash)+"');")
except MySQLdb.Error, e:
duplicates = duplicates + 1
print "\n[+] Duplicates:", duplicates

def single(shash):
consrv = DBconnect()
consrv.execute("SELECT plain FROM "+dbname+".data WHERE sha1 = '"+shash+"'")
dset = consrv.fetchone()
if dset == None:
print "[!]",shash, ":", "not in DB"
else:
print "[!]",shash, ":", dset[0]
consrv.close()

def dropDB():
consrv = DBconnect()
try:
consrv.execute("DROP DATABASE "+dbname)
print "[+] Database:", dbname
print "[+] Status : deleted"
except MySQLdb.Error, e:
print "[-] Error %s" % (e.args[1])
sys.exit(1)

def statusDB():
try:
consrv = DBconnect()
consrv.execute("SELECT COUNT(id) AS num FROM "+dbname+".data")
DBcount = consrv.fetchone()
return DBcount[0]
consrv.close()
except MySQLdb.Error, e:
print "[-] Error %s" % (e.args[1])
sys.exit(1)

if len(sys.argv) <= 1:
print "Usage: "
print "-s initial DB installation"
print "-w insert wordlist into DB"
print "-d delete DB"
print "-sh search DB for given hash"
print "-c count DB entries\n"
print "[!] Thanks for using script, please visit b4ltazar.wordpress.com & ljuska.org"
sys.exit(1)




for arg in sys.argv[1:]:
if arg.lower() == "-s":
setupDB()

if arg.lower() == "-sh":
try:
shash = sys.argv[2]
if len(shash) != 40:
print "[-] Invalid sha1 supplied, check your input!"
sys.exit(1)
single(shash)
except(IndexError):
print "[-] Error: check hash!"

if arg.lower() == "-w":
try:
wordlist = sys.argv[2]
importword()
except(IndexError):
print "[-] Error, check your wordlist path!"

if arg.lower() == "-d":
dropDB()

if arg.lower() == "-c":
print "[+] Checking for number of entries in DB!"
print "[!]", statusDB(), " entries in DB"

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close