drego85 · November 5, 2024 13:09
diff --git a/bcrypt_dictionary_attack.py b/bcrypt_dictionary_attack.py
 #!/usr/bin/env python3
 #
 # This script performs a dictionary attack on a bcrypt 
 # hash provided by the user.
 # 
 # It reads a list of candidate passwords from a 
 # specified dictionary file (`pass.txt`) and checks 
 # each password against the bcrypt hash using the 
 # Python `bcrypt` library. 
 #
 # Requirements:
 # - pip3 install bcrypt tqdm
 #
 # Made with ♥ by Andrea Draghetti
 #
 # This file may be licensed under the terms of of the
 # GNU General Public License Version 3 (the ``GPL'').
 #

 import bcrypt
 from tqdm import tqdm

 # Path to the dictionary file
 dictionary_file = "pass.txt"

 # Prompt the user for the bcrypt hash to analyze
 bcrypt_hash_input = input("Enter the bcrypt hash to analyze: ").strip()

 # Determine the hash version based on the prefix
 if bcrypt_hash_input.startswith("$2y$") or bcrypt_hash_input.startswith("$2b$"):
    # Use only the $2y$ and $2b$ versions
    bcrypt_hash_y = bcrypt_hash_input.replace("$2b$", "$2y$").encode()
    bcrypt_hash_b = bcrypt_hash_input.replace("$2y$", "$2b$").encode()
    hash_versions = [bcrypt_hash_y, bcrypt_hash_b]
 elif bcrypt_hash_input.startswith("$2a$"):
    # Use only the $2a$ version
    bcrypt_hash_a = bcrypt_hash_input.encode()
    hash_versions = [bcrypt_hash_a]
 else:
    print("Unsupported hash format.")
    exit(1)

 # Calculate the total number of lines in the file for the progress bar
 with open(dictionary_file, "r", encoding="latin-1", errors="ignore") as file:
    total_passwords = sum(1 for _ in file)

 # Read and verify each password in the dictionary with a progress bar
 with open(dictionary_file, "r", encoding="latin-1", errors="ignore") as file:
    for line in tqdm(file, total=total_passwords, desc="Cracking attempts", unit=" password"):
        # Remove whitespace or newline
        candidate_password = line.strip().encode()

        # Check the password only with the necessary hash versions
        if any(bcrypt.checkpw(candidate_password, h) for h in hash_versions):
            print(f"\nPassword found: {candidate_password.decode()}")
            exit(0)
    else:
        print("\nPassword not found in the dictionary.")
	#!/usr/bin/env python3
	#
	# This script performs a dictionary attack on a bcrypt
	# hash provided by the user.
	#
	# It reads a list of candidate passwords from a
	# specified dictionary file (`pass.txt`) and checks
	# each password against the bcrypt hash using the
	# Python `bcrypt` library.
	#
	# Requirements:
	# - pip3 install bcrypt tqdm
	#
	# Made with ♥ by Andrea Draghetti
	#
	# This file may be licensed under the terms of of the
	# GNU General Public License Version 3 (the ``GPL'').
	#

	import bcrypt
	from tqdm import tqdm

	# Path to the dictionary file
	dictionary_file = "pass.txt"

	# Prompt the user for the bcrypt hash to analyze
	bcrypt_hash_input = input("Enter the bcrypt hash to analyze: ").strip()

	# Determine the hash version based on the prefix
	if bcrypt_hash_input.startswith("$2y$") or bcrypt_hash_input.startswith("$2b$"):
	# Use only the $2y$ and $2b$ versions
	bcrypt_hash_y = bcrypt_hash_input.replace("$2b$", "$2y$").encode()
	bcrypt_hash_b = bcrypt_hash_input.replace("$2y$", "$2b$").encode()
	hash_versions = [bcrypt_hash_y, bcrypt_hash_b]
	elif bcrypt_hash_input.startswith("$2a$"):
	# Use only the $2a$ version
	bcrypt_hash_a = bcrypt_hash_input.encode()
	hash_versions = [bcrypt_hash_a]
	else:
	print("Unsupported hash format.")
	exit(1)

	# Calculate the total number of lines in the file for the progress bar
	with open(dictionary_file, "r", encoding="latin-1", errors="ignore") as file:
	total_passwords = sum(1 for _ in file)

	# Read and verify each password in the dictionary with a progress bar
	with open(dictionary_file, "r", encoding="latin-1", errors="ignore") as file:
	for line in tqdm(file, total=total_passwords, desc="Cracking attempts", unit=" password"):
	# Remove whitespace or newline
	candidate_password = line.strip().encode()

	# Check the password only with the necessary hash versions
	if any(bcrypt.checkpw(candidate_password, h) for h in hash_versions):
	print(f"\nPassword found: {candidate_password.decode()}")
	exit(0)
	else:
	print("\nPassword not found in the dictionary.")