# Cracking PBKDF2WithHmacSHA1/160/128000 


# cat crack.py
import base64
import hashlib
import sys

dict = sys.argv[1]
b64e = sys.argv[2]
b64d = base64.b64decode(b64e)
secret = b64d[16:]

f = open(dict)
words = f.read().splitlines()
f.close()

hash_name = 'sha1'
salt = b64d[8:16]
iterations = 128000
dklen = 160 / 8

for word in words:
 dk = hashlib.pbkdf2_hmac(hash_name, word, salt, iterations, dklen)
 if dk == secret:
  print b64e, word
  break

# cat dict.txt
test

# python crack.py dict.txt AAAAoAAB9ADMtinzIX3MlHctwKlZd9XHnTgrworaGp3bNFBp
AAAAoAAB9ADMtinzIX3MlHctwKlZd9XHnTgrworaGp3bNFBp test

References

https://en.wikipedia.org/wiki/PBKDF2
https://docs.python.org/3/library/hashlib.html#key-derivation
Posted by t0n1
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)