md5decrypter API [closed]

问题

Closed. This question is off-topic. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed last year.

So, there's this website (http://md5decrypter.co.uk) which, given an md5 hash, will attempt to return the original string.

Is there an API or has someone made a PHP class to work with it? I can't find one...

Before, you ask, let me assure you that I have no malicious intent.

Thank you in advance.

回答1:

Even so the guy from md5decryptor is nice, he won't make his asset accessible to you via HTTP only because you're asking. As anybody else you can use the publicly available webinterface which requires a captcha - which says everything.

Or in short: No there ain't no PHP API out there.

However, why don't you run your own? It's rather trivial:

$decryptors = array('Google', 'Gromweb');

foreach ($hashes as $hash) {
    echo "$hash";
    foreach($decryptors as $decrytor)
    {
        if (NULL !== ($plain = MD5Decryptor::plain($hash, $decrytor))) {
            echo " - found: $plain ($decrytor)";
            break;
        }
    }
    echo "\n";
}

Output:

fcf1eed8596699624167416a1e7e122e - found: octopus (Google)
bed128365216c019988915ed3add75fb - found: passw0rd (Google)
d0763edaa9d9bd2a9516280e9044d885 - found: monkey (Google)
dfd8c10c1b9b58c8bf102225ae3be9eb - found: 12081977 (Google)
ede6b50e7b5826fe48fc1f0fe772c48f - found: 1q2w3e4r5t6y (Google)

Those you're not able to directly look-up, you can paste at that site manually. Keep in mind if more folks think like you, more and more sites will go down (most of them are already).

abstract class MD5Decryptor
{
    abstract public function probe($hash);

    public static function plain($hash, $class = NULL)
    {
        if ($class === NULL) {
            $class = get_called_class();
        } else {
            $class = sprintf('MD5Decryptor%s', $class);
        }
        $decryptor = new $class();

        if (count($hash) > 1) {
            foreach ($hash as &$one) {
                $one = $decryptor->probe($one);
            }
        } else {
            $hash = $decryptor->probe($hash);
        }
        return $hash;
    }

    public function dictionaryAttack($hash, array $wordlist)
    {
        $hash = strtolower($hash);
        foreach ($wordlist as $word) {
            if (md5($word) === $hash)
                return $word;
        }
    }
}

abstract class MD5DecryptorWeb extends MD5Decryptor
{
    protected $url;

    public function getWordlist($hash)
    {
        $list = FALSE;
        $url = sprintf($this->url, $hash);
        if ($response = file_get_contents($url)) {
            $list[$response] = 1;
            $list += array_flip(preg_split('/\s+/', $response));
            $list += array_flip(preg_split('/(?:\s|\.)+/', $response));
            $list = array_keys($list);
        }
        return $list;
    }

    public function probe($hash)
    {
        $hash = strtolower($hash);
        return $this->dictionaryAttack($hash, $this->getWordlist($hash));
    }
}

class MD5DecryptorGoogle extends MD5DecryptorWeb
{
    protected $url = 'http://www.google.com/search?q=%s';

}

class MD5DecryptorGromweb extends MD5DecryptorWeb
{
    protected $url = 'http://md5.gromweb.com/query/%s';
}

回答2:

BozoCrack is a dead simple ruby script that uses google as a rainbowtable and is frighteningly good at cracking unsalted MD5 passwords. Looking at the code it shouldn't be too hard to migrate it to PHP.

PS: everybody who uses unsalted MD5 as password hashing algorithm should have his passwords cracked, one for one ... don't use md5, use bcrypt!

回答3:

You could always make your own:

<?php 
//From file or some John the ripper piped input
$wordlist=file('some_word_list.lst');

foreach ($wordlist as $word){
    $sql="INSERT INTO table (plain_word,hashed_word)values('$word','".md5($word)."')";
    ...
}
?>

来源：https://stackoverflow.com/questions/10181616/md5decrypter-api