kali ane akan ngeshare cara membuat hash cracking sendiri menggunakan pencocokan string di database dengan hash yg dimasukkan :D , tpi dgn cara ane sendiri,, langsung aja gan,,
hash yg ane pilih md5 dan sha1 gan
1. Buat database dgn nama hash, nama DB boleh diganti gan..
hash yg ane pilih md5 dan sha1 gan
1. Buat database dgn nama hash, nama DB boleh diganti gan..
CREATE DATABASE `hash` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
2. Trus buat tabel md5
CREATE TABLE `md5` (
`string` text NOT NULL,
`hash` binary(32) NOT NULL,
PRIMARY KEY (`hash`)
);
CREATE TABLE `sha1` (3. Trus kita buat Trigger yg berfungsi sbg pemicu atau memasukkan data yg sama dari tabel utama ke tabel lain,,soalnya klo masukin datanya satu2 ya kesel donk :ngakak , disini juga akan dibuat trigger untuk memasukkan data `hash` secara otomatis dari `string` yg dimasukkan,,
`string` text NOT NULL,
`hash` binary(40) NOT NULL,
PRIMARY KEY (`hash`)
);
Trigger yg akan dibuat ada 3 jenis yaitu untuk INSERT, UPDATE, dan DELETE
Yang pertama, untuk INSERT yaitu :
DELIMITER //Untuk UPDATE :
CREATE TRIGGER `tr_insert` BEFORE INSERT ON `md5` FOR EACH ROW
BEGIN
SET NEW.`hash` = MD5(NEW.`string`);
INSERT INTO `sha1` VALUES(NEW.`string`, SHA1(NEW.`string`));
END;
DELIMITER //Terakhir, Untuk DELETE
CREATE TRIGGER `tr_update` BEFORE UPDATE ON `md5` FOR EACH ROW
BEGIN
SET NEW.`hash` = MD5(NEW.`string`);
UPDATE `sha1` SET `string` = NEW.`string`, `hash` = SHA1(NEW.`string`) WHERE `string` = OLD.`string`;
END;
DELIMITER //Syntax SQL di atas udah berfungsi menjadikan tabel `md5` sbg tabel utama dalam proses insert, update, dan delete. Jadi jika agan nglakuin ke-3 hal tersebut pada tabel `md5` saja, otomatis tabel `sha1` juga ikut menyimpan data yg sama dari tabel `md5`. Field hash yg berada di tabel `sha1` dan `md5` juga agan terisi data enkripsi dalam bentuk md5 dan sha1 dari setiap data string yg dimasukkan pada tabel `md5`(tabel utama) #jika agan2 nulis syntax sqlnya dari command prompt,, END; diganti END // soalnya itu sbg penutup DELIMITER(pembatas) SS:
CREATE TRIGGER `tr_delete` AFTER DELETE ON `md5` FOR EACH ROW
BEGIN
DELETE FROM `sha1` WHERE `string` = OLD.`string`;
END;
/*Penampakannya gini gan :
Coder : RieqyNS13
Website : devilzc0de.org/forum
E-mail : rieqyns13@hackermail.com
*/
if(!(@$link = @mysql_connect('127.0.0.1', 'root', ''))){
$result = mysql_error()." : ".mysql_errno();
}
mysql_set_charset('utf8', $link);
if(isset($_POST['btnSubmit'])){
if(empty($_POST['db_name']) || empty($_POST['tbl_name']) || empty($_POST['col_name']) || empty($_POST['txList'])){
$result = "Isi data yang masih kosong !";
$db = trim($_POST['db_name']);
$tbl = trim($_POST['tbl_name']);
$col = trim($_POST['col_name']);
$list = trim($_POST['txList']);
}else{
$result = "";
$db = trim(htmlentities($_POST['db_name']));
$tbl = trim(htmlentities($_POST['tbl_name']));
$col = trim(htmlentities($_POST['col_name']));
$list = trim(htmlentities($_POST['txList']));
$exp = explode("\n", trim($list));
if(@mysql_select_db($db, $link)){
for($i=0; $i<count($exp); $i++){
$preg = mysql_real_escape_string(stripslashes(trim(preg_replace("#\n|\r|\r\n#", '', $exp[$i]))));
if(!(@mysql_query("INSERT INTO `$tbl`(`$col`) VALUES('$preg'); \n"))){
$result = mysql_error()." : ".mysql_errno();
}else{$result = "Data berhasil dimasukkan";}
}}elseif(!(@mysql_select_db($db, $link))){
$result = "Gagal menyambung database : \n".mysql_error().":".mysql_errno();
}}}else{
$result = "";
$db = "";
$tbl = "";
$col = "";
$list = "";
}
mysql_close($link);
?>
<html>
<head>
<title>Single Value Inserter</title>
<meta name="coder" content="RieqyNS13">
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
<style type="text/css">
body{
background-color:#000;
color:#0F0;
font-family:"Courier New";
}
.inpText{
background-color:#000;
color:#0F0;
font-weight:bold;
border-color:#F00;
font-family:"Courier New";
border-width:3px;
border-style:groove;
}
textarea{
background-image:url('/images/DevilzC0de.png');
background-repeat:no-repeat;
background-position:center;
}
.inpBtn{
background-color:#000;
box-shadow:5px 8px 10px;
color:#0F0;
font-weight:bold;
border-color:#F00;
font-family:"Courier New";
border-width:3px;
border-style:groove;
width:113px;
}
</style>
</head>
<body>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method=POST>
<table>
<tr><td><label for="tbl_name">Database name:</td><td></label><input type="text" class="inpText" name="db_name" value=<?php echo $db; ?>></td></tr><tr>
<tr><td><label for="tbl_name">Table name :</td><td></label><input type="text" class="inpText" name="tbl_name" value=<?php echo $tbl; ?>></td></tr><tr>
<tr><td><label for="col_name">Column name:</td><td></label><input type="text" class="inpText" name="col_name" value=<?php echo $col; ?>></td></tr>
</table>
<p><textarea class="inpText" name="txList" rows="20" cols="50"><?php echo $list; ?></textarea></p>
<span style="margin-left:130px;"><input type="submit" name="btnSubmit" class="inpBtn" value="Submit"></span>
<p><textarea class="inpText" name="txResult" rows="10" cols="50" readonly><?php echo $result; ?></textarea></p>
</form>
</body>
</html>
<?phpane rekomendasikan eksekusi scriptnya lewat console/cmd gan 5. Yang terakhir,membuat crack.php nya gan
/*
Coder : RieqyNS13
Website : devilzc0de.org/forum
E-mail : rieqyns13@hackermail.com
*/
set_time_limit(0);
$con = mysql_connect("localhost","root","");
if (!$con)
{
die( mysql_error());
}
mysql_select_db("hash", $con);
$lines=file('wordlist.txt');
$line=array_unique(str_replace(array("\n", "\r", "\r\n"),'',$lines));
foreach($line as $line){
$sql = mysql_query("SELECT string FROM md5 WHERE string='$line';");
if(mysql_num_rows($sql)>=1){
continue;
}else{
ob_start();
mysql_query("INSERT INTO md5(string) VALUES ('$line');");
echo $line."\n";
$hasil = ob_get_contents();
ob_end_clean();
echo $hasil;
}
}
mysql_close($con);
?>
<?phpPenampakannya gan :
/*
Coder : RieqyNS13
Website : devilzc0de.org/forum
E-mail : rieqyns13@hackermail.com
*/
if(!($link = @mysql_connect('127.0.0.1', 'root', ''))){
$result = "Gagal menyambung ke server \n".mysql_error().":".mysql_errno();
}
mysql_set_charset('utf8', $link);
if(!(@mysql_select_db('hash', $link))){
$result = "Gagal menyambung ke database \n".mysql_error().":".mysql_errno();
}
if(isset($_POST['btnSubmit'])){
if(empty($_POST['txHash'])){
$result = "Data string belum diisi";
$hash = trim(htmlentities($_POST['txHash']));
}else{
$result = null;
$hash = trim(htmlentities($_POST['txHash']));
$exp = explode("\n", $hash);
for($i=0; $i<count($exp); $i++){
$preg = mysql_real_escape_string(stripslashes(trim(preg_replace("#\n|\r|\r\n#", '', $exp[$i]))));
$md5 = @mysql_query("SELECT string FROM md5 WHERE hash ='$preg';");
$sha1 = @mysql_query("SELECT string FROM sha1 WHERE hash ='$preg';");
while($row = mysql_fetch_array($md5)){
$cek1 = (mysql_num_rows($sha1)>=0 && mysql_num_rows($md5)>=1) ? $result.= $preg." : ".$row['string']."\n" : null ."\n";
}
while($row = mysql_fetch_array($sha1)){
$cek1 = (mysql_num_rows($sha1)>=1 && mysql_num_rows($md5)>=0) ? $result.= $preg." : ".$row['string']."\n" : null ."\n";
}if(mysql_num_rows($sha1)==0 && mysql_num_rows($md5)==0){
$result.= $preg." : "."!!NOT FOUND!!"."\n" ;}
}
}}else{
@$result = $result;
$hash = null;
}
mysql_close($link);
?>
<html>
<head>
<title>Hash Cracker</title>
<meta name="coder" content="RieqyNS13">
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
<style type="text/css">
body{
background-color:#000;
color:#0F0;
font-family:"Courier New";
}
h2{
text-decoration:none;
text-align:center;
}
fieldset{
border:solid #0F0 2px;
width:413px;
-webkit-border-radius: 8px;
-moz-border-radius: 8px;
border-radius: 8px;
}
fieldset#field2{
width:650px;
size:cover;
}
legend{
border-style:solid;
border-color:#F00;
border-width:2px;
text-align:center;
}
textarea{
background-color:#000;
border:solid #F00 2px;
color:#0F0;
font-weight:bold;
background-image:url('/images/DevilzC0de.png');
background-repeat:no-repeat;
background-position:center;
}
input{
width:150px;
font-weight:bold;
text-shadow:8px 8px 10px;
color:#F00;
background-color:#000;
box-shadow:5px 5px 10px;
}
</style>
</head>
<body>
<h2>./Hash Cracker</h2>
<center>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method=POST>
<fieldset>
<legend>Hash</legend>
<textarea cols="50" rows="20" name="txHash"><?php echo $hash; ?></textarea>
</fieldset><br>
<input type="submit" value="Crack" name="btnSubmit"><br><br>
<fieldset id="field2">
<legend>Result</legend>
<textarea cols="80" rows="20" name="txResult"><?php echo $result; ?></textarea>
</fieldset>
</form>
</center>
</body>
</html>
<?phpDan dah selesai gan,,tinggal nyoba doank. Maaf klo tutorialnya kurang jelas gan
/*
Coder : RieqyNS13
Website : devilzc0de.org/forum
E-mail : rieqyns13@hackermail.com
*/
$kon = mysql_connect('127.0.0.1' ,'root', '') or die(mysql_error());
mysql_select_db('hash', $kon) or die(mysql_error());
$file = file("list.lst");
$str = array_unique(str_replace(array("\n", "\r", "\r\n"), "" , $file));
foreach($str as $ke){
$key = trim($ke);
$sql1 = mysql_query("SELECT string FROM md5 WHERE hash = '$key';");
$sql2 = mysql_query("SELECT string FROM sha1 WHERE hash = '$key';");
$row = mysql_fetch_array($sql1);
$row2 = mysql_fetch_array($sql2);
if(mysql_num_rows($sql1)>=1 && mysql_num_rows($sql2)>=0){
ob_start();
echo $key.":".$row['string']."\n";
$crack = ob_get_contents();
ob_end_clean();
echo $crack;
}
if(mysql_num_rows($sql1)>=0 && mysql_num_rows($sql2)>=1){
ob_start();
echo $key.":".$row2['string']."\n";
$crack = ob_get_contents();
ob_end_clean();
echo $crack;
}
/*Jika tidak ada*/
if(mysql_num_rows($sql1)==0 && mysql_num_rows($sql2)==0){
echo $key.":"."HASH NOT FOUND"."\n";
ob_start();
$crack = ob_get_contents();
ob_end_clean();
echo $crack;
}
}
mysql_close($kon);
?>
Full coded by RieqyNS13
0 Komentar untuk "[php+sql]Membuat hash cracking sendiri"