- input: one SHA1 hash, output: found password
- brute-force tries all combinations of small letters, capital letters and digits
- e.g.
sha1crack.exe 59b7bc438df4f2c39736f84add54036f2083ef60
- password generator tries to add salt to generated passwords (to the beginning and to the end)
- when salt
salt
is defined and passwordPASSWORD
generated, program checks ifsaltPASSWORD
orPASSWORDsalt
matches the hash
- when salt
- define with
--salt
or–S
- e.g.
sha1crack.exe --salt thisIsSalt 59b7bc438df4f2c39736f84add54036f2083ef60
- e.g.
- program tries to crack passwords from the file
- input file format: 1 line = 1 hash
- define with
--input
or-I
- e.g.
sha1crack.exe --input inputFile.txt 59b7bc438df4f2c39736f84add54036f2083ef60
- e.g.
- program tries only passwords matching the pattern
\A
- capital letters\a
- small letters\d
- digits?
- anything from above- symbol without preceding
\
defines that symbol at the position
- repetition of a symbol in a pattern can be defined using range definition
{x,y}
or wildcard*
- range e.g.
\a{1,3}B
represents patterns\aB
,\a\aB
and\a\a\aB
- wildcard
*
represents any number of occurrences of preceding symbol, it is interpreted as range{0,MAX_PASSWORD_LENGTH}
- range e.g.
- define with
--pattern
or-P
- e.g.
sha1crack.exe -P \a\a\A{0,3}?* inputFile.txt 59b7bc438df4f2c39736f84add54036f2083ef60
- e.g.
- program tries passwords defined in dictionary before brute-force
- dictionary file format: 1 line = 1 password
- define with
--dictionary
or-D
- e.g.
sha1crack.exe --D dictionary.txt 59b7bc438df4f2c39736f84add54036f2083ef60
- e.g.
- program uses more threads to crack passwords
- use with
-MT
- e.g.
sha1crack.exe --I input.txt -MT 59b7bc438df4f2c39736f84add54036f2083ef60
- e.g.
- current implementation: 1 hash = 1 thread (so using
-MT
with 1 hash input makes no difference in performance 😐)