Jump to content
Sign in to follow this  
Lord Nikon

MD5 Bruteforcer

Recommended Posts

On my Celeron it produces 13,000 hashes persecond and thats pretty fast. But if it were in C++ it would be much faster :lol:

Unit1

unit Unit1;

interface

uses
 Unit3, Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
 Dialogs, StdCtrls, ComCtrls, Unit2, ExtCtrls, StrUtils;

type

TForm1 = class(TForm)
Label1: TLabel;
Label2: TLabel;
txtLen: TEdit;
Label3: TLabel;
btn_Start: TButton;
btn_Stop: TButton;
txtHash: TEdit;
GroupBox1: TGroupBox;
lblTotal: TLabel;
lblCurHash: TLabel;
lblCurPass: TLabel;
lblSpeed: TLabel;
txtFound: TMemo;
fra_Set: TGroupBox;
chkUpper: TCheckBox;
chkLower: TCheckBox;
chkNums: TCheckBox;
chkSymbols: TCheckBox;
chkCustom: TCheckBox;
txtCustom: TEdit;
tmrTime: TTimer;
btn_Pause: TButton;
btn_About: TButton;
txtSymbols: TEdit;
procedure chkCustomClick(Sender: TObject);
procedure btn_AboutClick(Sender: TObject);
procedure btn_PauseClick(Sender: TObject);
procedure tmrTimeTimer(Sender: TObject);
procedure btn_StopClick(Sender: TObject);
procedure FormCreate(Sender: TObject);
procedure btn_StartClick(Sender: TObject);

 private
{ Private declarations }
 public

end;

var
 Form1: TForm1;
 Hashes: Int64;
 intTemp : Int64;
 Running : Boolean;
 md5 : MD5Client;
 time : Int64;
 dTotal : Double;
implementation

{$R *.dfm}
{$R WindowsXP.RES}

//add comma function from mod-pete
function Comma(dSource : Double) : String;
var
 strTemp, strFinal, str : String;
begin

 strTemp := FloatToStr(dSource);
 str := strTemp;
 repeat
strFinal := ',' + AnsiRightStr(strTemp, 3) + strFinal;
strTemp := AnsiMidStr(strTemp, 1, Length(strTemp) - 2);
 until Length(strTemp) < 4;

 Result := AnsiLeftStr(str,1) + strFinal;
end;

procedure TForm1.btn_StartClick(Sender: TObject);
var
 md5ChrSet : String;
 curHash : String;
 curPass : String;
 speed : Int64;
 iTotal : Int64;
begin
 if Length(txtHash.Text) <> 32 then
 begin
ShowMessage('The hash length must be 32');
Exit;
 end;

 try
if chkLower.Checked = true then md5ChrSet := md5ChrSet + 'abcdefghijklmnopqrstuvwxyz';
if chkUpper.Checked = true then md5ChrSet := md5ChrSet + 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
if chkNums.Checked = true then md5ChrSet := md5ChrSet + '0123456789';
if chkSymbols.Checked = true then md5ChrSet := md5ChrSet + txtSymbols.Text;
if chkCustom.Checked = true then md5ChrSet := txtCustom.Text;
if md5ChrSet ='' then
begin
  ShowMessage('The character set can''t be null');
  Exit;
end;
md5.IsDone := false;
md5.CharacterSet := md5ChrSet;
md5.Lenght := StrToInt(txtLen.Text);
md5.CurrentLength := dTotal;
btn_Start.Enabled := false;
btn_Stop.Enabled := true;
txtHash.Enabled := false;
txtLen.Enabled := false;
fra_Set.Enabled := false;
tmrTime.Enabled := true;
txtFound.Clear;

repeat
  md5.Next;
  curPass := md5.CurrentString;
  curHash := GetMD5Text(curPass);
  if curHash = txtHash.Text then
	begin
	  txtFound.Lines.Add(curPass);
	end;
  if trunc(dTotal) mod 5000 = 0 then
	begin
	  lblCurHash.Caption := 'Current Hash: ' + curHash;
	  lblCurPass.Caption := 'Current Password: ' + curPass;
	  lblTotal.Caption := 'Total Hashes: ' + Comma(dTotal);
	  speed := iTotal div time;
	  lblSpeed.Caption := 'Speed: ' + IntToStr(speed) + ' Hashes per second';
	end;
  dTotal := dTotal + 1;
  iTotal := iTotal + 1;
  Application.ProcessMessages;
until md5.IsDone = true;
 except
on e : Exception do
  begin
	ShowMessage(e.Message);
	Exit;
  end;
 end;
end;

procedure TForm1.FormCreate(Sender: TObject);
begin
 md5 := MD5Client.Create('abc',3);
 Running := false;
 btn_Stop.Enabled := false;
 time := 1;
end;

procedure TForm1.btn_StopClick(Sender: TObject);
begin
 md5.IsDone := true;
 btn_Stop.Enabled := false;
 btn_Start.Enabled := true;
 txtHash.Enabled := true;
 md5.CurrentLength := 0;
 dTotal := 0;
 txtLen.Enabled := true;
 fra_Set.Enabled := true;
 tmrTime.Enabled := false;
 time := 1;
end;

procedure TForm1.tmrTimeTimer(Sender: TObject);
begin
 time := time + 1;
end;

procedure TForm1.btn_PauseClick(Sender: TObject);
begin
 md5.IsDone := true;
 btn_Start.Enabled := true;
 txtHash.Enabled := true;
 tmrTime.Enabled := false;
end;

procedure TForm1.btn_AboutClick(Sender: TObject);
begin
 ShowMessage('MD5 Cracker made by: Vinces, credits for MD5 algorithm go to Ivan Miraza of PSCode.com');
end;

procedure TForm1.chkCustomClick(Sender: TObject);
begin
 if chkCustom.Checked = true then
begin
chkUpper.Enabled := false;
chkLower.Enabled := false;
chkSymbols.Enabled := false;
chkNums.Enabled := false;
end
 else
begin
chkUpper.Enabled := true;
chkLower.Enabled := true;
chkSymbols.Enabled := true;
chkNums.Enabled := true;
end;
end;

end.

 

Unit2

//written by Ivan Miraza-Pscode.com
unit Unit2;

Interface

uses
Windows;

type
MD5Count = array[0..1] of DWORD;
MD5State = array[0..3] of DWORD;
MD5Block = array[0..15] of DWORD;
MD5CBits = array[0..7] of byte;
MD5Digest = array[0..15] of byte;
MD5Buffer = array[0..63] of byte;
MD5Context = record
	State: MD5State;
	Count: MD5Count;
	Buffer: MD5Buffer;
end;

procedure MD5Init(var Context: MD5Context);
procedure MD5Update(var Context: MD5Context; Input: pChar; Length: longword);
procedure MD5Result(var Context: MD5Context; var Digest: MD5Digest);
function GetMD5Text(Input: string): string;


implementation

var
PADDING: MD5Buffer = (
	$80, $00, $00, $00, $00, $00, $00, $00,
	$00, $00, $00, $00, $00, $00, $00, $00,
	$00, $00, $00, $00, $00, $00, $00, $00,
	$00, $00, $00, $00, $00, $00, $00, $00,
	$00, $00, $00, $00, $00, $00, $00, $00,
	$00, $00, $00, $00, $00, $00, $00, $00,
	$00, $00, $00, $00, $00, $00, $00, $00,
	$00, $00, $00, $00, $00, $00, $00, $00
);

function F(x, y, z: DWORD): DWORD;
begin
Result := (x and y) or ((not x) and z);
end;

function G(x, y, z: DWORD): DWORD;
begin
Result := (x and z) or (y and (not z));
end;

function H(x, y, z: DWORD): DWORD;
begin
Result := x xor y xor z;
end;

function I(x, y, z: DWORD): DWORD;
begin
Result := y xor (x or (not z));
end;

procedure rot(var x: DWORD; n: BYTE);
begin
x := (x shl n) or (x shr (32 - n));
end;

procedure FF(var a: DWORD; b, c, d, x: DWORD; s: BYTE; ac: DWORD);
begin
inc(a, F(b, c, d) + x + ac);
rot(a, s);
inc(a, b);
end;

procedure GG(var a: DWORD; b, c, d, x: DWORD; s: BYTE; ac: DWORD);
begin
inc(a, G(b, c, d) + x + ac);
rot(a, s);
inc(a, b);
end;

procedure HH(var a: DWORD; b, c, d, x: DWORD; s: BYTE; ac: DWORD);
begin
inc(a, H(b, c, d) + x + ac);
rot(a, s);
inc(a, b);
end;

procedure II(var a: DWORD; b, c, d, x: DWORD; s: BYTE; ac: DWORD);
begin
inc(a, I(b, c, d) + x + ac);
rot(a, s);
inc(a, b);
end;

procedure Encode(Source, Target: pointer; Count: longword);
var
S: PByte;
T: PDWORD;
I: longword;
begin
S := Source;
T := Target;
for I := 1 to Count div 4 do begin
	T^ := S^;
	inc(S);
	T^ := T^ or (S^ shl 8);
	inc(S);
	T^ := T^ or (S^ shl 16);
	inc(S);
	T^ := T^ or (S^ shl 24);
	inc(S);
	inc(T);
end;
end;

procedure Decode(Source, Target: pointer; Count: longword);
var
S: PDWORD;
T: PByte;
I: longword;
begin
S := Source;
T := Target;
for I := 1 to Count do begin
	T^ := S^ and $ff;
	inc(T);
	T^ := (S^ shr 8) and $ff;
	inc(T);
	T^ := (S^ shr 16) and $ff;
	inc(T);
	T^ := (S^ shr 24) and $ff;
	inc(T);
	inc(S);
end;
end;

procedure Transform(Buffer: pointer; var State: MD5State);
var
a, b, c, d: DWORD;
Block: MD5Block;
begin
Encode(Buffer, @Block, 64);
a := State[0];
b := State[1];
c := State[2];
d := State[3];
FF (a, b, c, d, Block[ 0],  7, $d76aa478);
FF (d, a, b, c, Block[ 1], 12, $e8c7b756);
FF (c, d, a, b, Block[ 2], 17, $242070db);
FF (b, c, d, a, Block[ 3], 22, $c1bdceee);
FF (a, b, c, d, Block[ 4],  7, $f57c0faf);
FF (d, a, b, c, Block[ 5], 12, $4787c62a);
FF (c, d, a, b, Block[ 6], 17, $a8304613);
FF (b, c, d, a, Block[ 7], 22, $fd469501);
FF (a, b, c, d, Block[ 8],  7, $698098d8);
FF (d, a, b, c, Block[ 9], 12, $8b44f7af);
FF (c, d, a, b, Block[10], 17, $ffff5bb1);
FF (b, c, d, a, Block[11], 22, $895cd7be);
FF (a, b, c, d, Block[12],  7, $6b901122);
FF (d, a, b, c, Block[13], 12, $fd987193);
FF (c, d, a, b, Block[14], 17, $a679438e);
FF (b, c, d, a, Block[15], 22, $49b40821);
GG (a, b, c, d, Block[ 1],  5, $f61e2562);
GG (d, a, b, c, Block[ 6],  9, $c040b340);
GG (c, d, a, b, Block[11], 14, $265e5a51);
GG (b, c, d, a, Block[ 0], 20, $e9b6c7aa);
GG (a, b, c, d, Block[ 5],  5, $d62f105d);
GG (d, a, b, c, Block[10],  9,  $2441453);
GG (c, d, a, b, Block[15], 14, $d8a1e681);
GG (b, c, d, a, Block[ 4], 20, $e7d3fbc8);
GG (a, b, c, d, Block[ 9],  5, $21e1cde6);
GG (d, a, b, c, Block[14],  9, $c33707d6);
GG (c, d, a, b, Block[ 3], 14, $f4d50d87);
GG (b, c, d, a, Block[ 8], 20, $455a14ed);
GG (a, b, c, d, Block[13],  5, $a9e3e905);
GG (d, a, b, c, Block[ 2],  9, $fcefa3f8);
GG (c, d, a, b, Block[ 7], 14, $676f02d9);
GG (b, c, d, a, Block[12], 20, $8d2a4c8a);
HH (a, b, c, d, Block[ 5],  4, $fffa3942);
HH (d, a, b, c, Block[ 8], 11, $8771f681);
HH (c, d, a, b, Block[11], 16, $6d9d6122);
HH (b, c, d, a, Block[14], 23, $fde5380c);
HH (a, b, c, d, Block[ 1],  4, $a4beea44);
HH (d, a, b, c, Block[ 4], 11, $4bdecfa9);
HH (c, d, a, b, Block[ 7], 16, $f6bb4b60);
HH (b, c, d, a, Block[10], 23, $bebfbc70);
HH (a, b, c, d, Block[13],  4, $289b7ec6);
HH (d, a, b, c, Block[ 0], 11, $eaa127fa);
HH (c, d, a, b, Block[ 3], 16, $d4ef3085);
HH (b, c, d, a, Block[ 6], 23,  $4881d05);
HH (a, b, c, d, Block[ 9],  4, $d9d4d039);
HH (d, a, b, c, Block[12], 11, $e6db99e5);
HH (c, d, a, b, Block[15], 16, $1fa27cf8);
HH (b, c, d, a, Block[ 2], 23, $c4ac5665);
II (a, b, c, d, Block[ 0],  6, $f4292244);
II (d, a, b, c, Block[ 7], 10, $432aff97);
II (c, d, a, b, Block[14], 15, $ab9423a7);
II (b, c, d, a, Block[ 5], 21, $fc93a039);
II (a, b, c, d, Block[12],  6, $655b59c3);
II (d, a, b, c, Block[ 3], 10, $8f0ccc92);
II (c, d, a, b, Block[10], 15, $ffeff47d);
II (b, c, d, a, Block[ 1], 21, $85845dd1);
II (a, b, c, d, Block[ 8],  6, $6fa87e4f);
II (d, a, b, c, Block[15], 10, $fe2ce6e0);
II (c, d, a, b, Block[ 6], 15, $a3014314);
II (b, c, d, a, Block[13], 21, $4e0811a1);
II (a, b, c, d, Block[ 4],  6, $f7537e82);
II (d, a, b, c, Block[11], 10, $bd3af235);
II (c, d, a, b, Block[ 2], 15, $2ad7d2bb);
II (b, c, d, a, Block[ 9], 21, $eb86d391);
inc(State[0], a);
inc(State[1], b);
inc(State[2], c);
inc(State[3], d);
end;

procedure MD5Init(var Context: MD5Context);
begin
with Context do begin
	State[0] := $67452301;
	State[1] := $efcdab89;
	State[2] := $98badcfe;
	State[3] := $10325476;
	Count[0] := 0;
	Count[1] := 0;
	ZeroMemory(@Buffer, SizeOf(MD5Buffer));
end;
end;

procedure MD5Update(var Context: MD5Context; Input: pChar; Length: longword);
var
Index: longword;
PartLen: longword;
I: longword;
begin
with Context do begin
	Index := (Count[0] shr 3) and $3f;
	inc(Count[0], Length shl 3);
	if Count[0] < (Length shl 3) then inc(Count[1]);
	inc(Count[1], Length shr 29);
end;
PartLen := 64 - Index;
if Length >= PartLen then begin
	CopyMemory(@Context.Buffer[Index], Input, PartLen);
	Transform(@Context.Buffer, Context.State);
	I := PartLen;
	while I + 63 < Length do begin
		Transform(@Input[I], Context.State);
		inc(I, 64);
	end;
	Index := 0;
end else I := 0;
CopyMemory(@Context.Buffer[Index], @Input[I], Length - I);
end;

procedure MD5Result(var Context: MD5Context; var Digest: MD5Digest);
var
Bits: MD5CBits;
Index: longword;
PadLen: longword;
begin
Decode(@Context.Count, @Bits, 2);
Index := (Context.Count[0] shr 3) and $3f;
if Index < 56 then PadLen := 56 - Index else PadLen := 120 - Index;
MD5Update(Context, @PADDING, PadLen);
MD5Update(Context, @Bits, 8);
Decode(@Context.State, @Digest, 4);
ZeroMemory(@Context, SizeOf(MD5Context));
end;

function GetMD5Text(Input: string): string;
var
Context: MD5Context;
 I: Byte;
 DigestResult: MD5Digest;
const
Digits: array[0..15] of char =
	('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f');
begin
Result := '';
MD5Init(Context);
MD5Update(Context, pChar(Input), Length(Input));
MD5Result(Context, DigestResult);
for I := 0 to 15 do
  Result := Result + Digits[(DigestResult[I] shr 4) and $0f] + Digits[DigestResult[I] and $0f];
end;

end.

 

Unit3

unit Unit3;

interface

uses
 Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
 Dialogs, StdCtrls, ComCtrls, StrUtils;

type MD5Client = class(TObject)
private
  nextLen : Double;
  curHash : String;
  curPass : String;
  dTotal : Double;
  charSet : String;
  iLen : Integer;
  Done : Boolean;
  function fmod(x:Double; y:Integer) : double;
  function ToString(dec : Double; iBase : Integer):String;
public
  Constructor Create(chrSet:String; Length:Integer);
  procedure Next();
published
  property CharacterSet : String
	read charSet
	write charSet;
  property Lenght : Integer
	read iLen
	write iLen;
  property CurrentHash : String
	read curHash;
  property TotalHashes : Double
	read dTotal;
  property IsDone : Boolean
	read Done
	write Done;
  property CurrentLength : Double
	read nextLen
	write nextLen;
  property CurrentString : String
	read curPass;
end;

implementation

Constructor MD5Client.Create(chrSet:String; Length:Integer);
begin
 iLen := Length;
 charSet := chrSet;
 nextLen := 0;
 curPass := '';
 curHash := '';
 Done := false;
end;  

procedure MD5Client.Next();
var
 iBase : Integer;
 dMax : Double;
 sField : String;
begin
 iBase := Length(charSet);
 dMax := Int(Exp(iLen * ln(iBase)));

 if nextLen = dMax then
 begin
Done := True;
 end;
 sField := DupeString(AnsiLeftStr(charSet,1),iLen);

 curPass := AnsiRightStr(sField + ToString(nextLen, iBase), iLen);
 nextLen := nextLen + 1;
end;

function MD5Client.fmod(x:Double; y:Integer) : double;
var
 quotient : integer;
begin
 quotient := trunc(x/y);
 fmod := x - (quotient * y);
end;

function MD5Client.ToString(dec : Double; iBase : Integer):String;
var
 s : String;
begin
 while (dec > 0) do
begin
  s := AnsiMidStr(charSet, trunc(fmod(dec, iBase)) + 1, 1) + s;
  dec := Int(dec / iBase);
end;
 Result := s;
end;

end.

 

Unit3 can teach you alot about Delphi classes :P

Edited by Lord Nikon

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...