Cracking SHA1 and MD5

In the next few subsections, we will look at how we can use Perl to crack the commonly used SHA1 and less likely used MD5 password hashes. This is a simple task in Perl but, as previously mentioned, requires a lot of CPU power to accomplish and is very slow. We will simply perform the hashing process on each line from a password list file and compare its output to the compromised password hash value.

SHA1 cracking with Perl

In this section, we will use the SHA1 Perl module, Digest::SHA, to create the password hashes for comparison. We will also try to crack the SHA1 hashes that we obtained in Chapter 7, SQL Injection with Perl. If we recall those hashes and usernames, we have the following commands:

Table: users has record ...

Get Penetration Testing with Perl now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.