1. Forums /
  2. Tech Boards /
  3. Computer Programming /
  4. Cracking MD5 hashes with PHP
Post: Cracking MD5 hashes with PHP
04-14-2012, 10:44 PM #1
TheNyan's Avatar
TheNyan
Save Point
(adsbygoogle = window.adsbygoogle || []).push({}); This function will crack plain Md5 hashes when given a good wordlist file.

    

<?php

function rmd5($hash,$wordlist)

{

    $words = file($wordlist);

    $solve = "Could not crack";

    foreach($words as $word)

    {

        if(md5(trim($word)) == $hash)

        {

            $solve = $word;

            break;

        }

    }

    return $solve;

}

?>


Usage example:
    

echo rmd5("5f17dd871dacc61834234a9cd5aa375d","words.txt");


When used it will return the password if it was matched with a word in your wordlist (in this case words.txt)! If it goes through the whole list and doesn't find it, it will return "Could not crack."

But we all know that everyone wants to crack vbulletin hashes! :carling: The following function will do that. Happy

    

<?php

function rvbmd5($hash, $salt, $wordlist)

{

    $solve = "Could not crack.";

    foreach(file($wordlist) as $word)

    {

        if(md5(md5(trim($word)).$salt) == $hash)

        {

            $solve = $word;

            break;

        }

    }

    return $solve;

}

?>


Usage example:
    

echo rvbmd5("5f17dd871dacc61834234a9cd5aa375d", "309rk23094k", "words.txt");


Have fun making web hash crackers! :blank:
(adsbygoogle = window.adsbygoogle || []).push({});

The following user thanked TheNyan for this useful post:

Mr.MoldyOrange
04-18-2012, 12:06 AM #2
Pichu's Avatar
Pichu
RIP PICHU.
Now what must suck is if they double hash it, MD5->MD5->Text. :/
04-20-2012, 06:38 AM #3
Darth Maul's Avatar
Darth Maul
Banned
Originally posted by Sublimity View Post
Now what must suck is if they double hash it, MD5->MD5->Text. :/


if they md5 to md5 the text it should be crackable by just using the method twice.
now if they were to use any other encryption method e.g. base64->md5 it would be more difficult.
04-20-2012, 07:49 PM #4
TheNyan's Avatar
TheNyan
Save Point
Originally posted by Sublimity View Post
Now what must suck is if they double hash it, MD5->MD5->Text. :/ 


    

<?php

function rmd5md5($hash,$wordlist)

{

    $words = file($wordlist);

    $solve = "Could not crack";

    foreach($words as $word)

    {

        if(md5(md5(trim($word))) == $hash)

        {

            $solve = $word;

            break;

        }

    }

    return $solve;

}

?>


Originally posted by Darth
if they md5 to md5 the text it should be crackable by just using the method twice.
now if they were to use any other encryption method e.g. base64->md5 it would be more difficult. 


    

<?php

function rb64md5($hash,$wordlist)

{

    $words = file($wordlist);

    $solve = "Could not crack";

    foreach($words as $word)

    {

        if(base64_encode(md5(trim($word))) == $hash)

        {

            $solve = $word;

            break;

        }

    }

    return $solve;

}

?>


It's all the same really, you just need to change the algorithm. :p
04-21-2012, 01:44 AM #5
Pichu's Avatar
Pichu
RIP PICHU.
Originally posted by TheNyan View Post 
    

<?php

function rmd5md5($hash,$wordlist)

{

    $words = file($wordlist);

    $solve = "Could not crack";

    foreach($words as $word)

    {

        if(md5(md5(trim($word))) == $hash)

        {

            $solve = $word;

            break;

        }

    }

    return $solve;

}

?>







    

<?php

function rb64md5($hash,$wordlist)

{

    $words = file($wordlist);

    $solve = "Could not crack";

    foreach($words as $word)

    {

        if(base64_encode(md5(trim($word))) == $hash)

        {

            $solve = $word;

            break;

        }

    }

    return $solve;

}

?>


It's all the same really, you just need to change the algorithm. :p


I know. :P I was just making a point. :P
05-31-2012, 07:33 AM #6
Plumm's Avatar
Plumm
#TeamPS
Originally posted by TheNyan View Post
This function will crack plain Md5 hashes when given a good wordlist file.

    

<?php

function rmd5($hash,$wordlist)

{

    $words = file($wordlist);

    $solve = "Could not crack";

    foreach($words as $word)

    {

        if(md5(trim($word)) == $hash)

        {

            $solve = $word;

            break;

        }

    }

    return $solve;

}

?>


Usage example:
    

echo rmd5("5f17dd871dacc61834234a9cd5aa375d","words.txt");


When used it will return the password if it was matched with a word in your wordlist (in this case words.txt)! If it goes through the whole list and doesn't find it, it will return "Could not crack."

But we all know that everyone wants to crack vbulletin hashes! :carling: The following function will do that. Happy

    

<?php

function rvbmd5($hash, $salt, $wordlist)

{

    $solve = "Could not crack.";

    foreach(file($wordlist) as $word)

    {

        if(md5(md5(trim($word)).$salt) == $hash)

        {

            $solve = $word;

            break;

        }

    }

    return $solve;

}

?>


Usage example:
    

echo rvbmd5("5f17dd871dacc61834234a9cd5aa375d", "309rk23094k", "words.txt");


Have fun making web hash crackers! :blank:

PHP crackers take forever to run with larger wordlists. I would just prefer to run hashes in hashcat. Especially an MD5 hash.

The following user thanked Plumm for this useful post:

Mr.MoldyOrange
07-19-2012, 12:35 AM #7
LEzStarz's Avatar
LEzStarz
This is quite nice as plummy said PHP crackers take ages, depends on the server really but also if you were going for a more complicated hash, algorithm or encryption PHP doesn't support rainbow tables so it could be hard. :p nice anyway.

Copyright © 2026, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo