It can be used with a dictionary or brute force where it will try from a to zzzzzzzz. bruteforce is a very slow process and take very long time for passwords longer than 5 characters.This script can also be used to generate a "rainbow table" which has a form of "hash : password". This tables take a lot of space and you will have to use "sort -u
For any feedback please leave a comment or email me at kalgecin@gmail.com
Hope you will enjoy this script.
A good first effort. Algorithmically, you could have converted the hash to binary:
ReplyDeletepack 'H*', $hash;
and used the md5() and sha1() methods to compare directly. This makes for shorter compares, and more importantly, the ASCII-to-binary conversion only happens once for the original hash, not once for EVERY computed hash.
Take some time to learn the Perl language better. You don't seem to understand lexical (my) variables, your for loops are C-style when they could just loop directly over an array, and you used a dangerous (2 argument vs 3) form of open without checking if it succeeded.
Use http://perldoc.perl.org, http://perlmonks.org, and read the Perl Underground magazines on http://milw0rm.com/author/893 .
I get you point thanks, but i did a bit of testing and this does not however bring a greater performance than the original code.
ReplyDeleteI don't have masters in perl :), I've released v2 of the tool if you have any changes i'd like you to mail them to me.
Thanks
I appreciate your willingness to learn, but it doesn't take a masters in Perl to learn some basic best practices. I've been coding in Perl for less than 2 years.
ReplyDeleteHere is a benchmark script to illustrate the difference. As you can see, binary compare is about 35% faster than string compare, since the hash doesn't have to be converted to hex, and it compares half as many bytes (worst case).
#!/usr/bin/perl
use strict;
use warnings;
use Benchmark qw(cmpthese);
use Digest::MD5 qw(md5 md5_hex);
my @md5s = map { md5_hex($_) }
qw(password aardvark zero asdfqwer zxcvasdf poiuljh);
open my $fh, '<', '/usr/share/dict/words' or die "Can't open words: $!";
chomp(my @input = (<$fh>));
close $fh;
cmpthese(50,
{
packing => sub {
my @hashs = map { pack 'H*', $_ } @md5s;
grep { my $x=md5($_); grep {$x eq $_} @hashs } @input;
},
strcmping => sub {
grep { my $x=md5_hex($_);grep {$x eq $_} @md5s } @input;
},
});
__END__
s/iter strcmping packing
strcmping 1.05 -- -26%
packing 0.782 35% --