BozoCrackPHP

BozoCrack is a depressingly effective MD5 password hash cracker with almost zero CPU/GPU load. Instead of rainbow tables, dictionaries, or brute force, BozoCrack simply finds the plaintext password. Specifically, it googles the MD5 hash and hopes the plaintext appears somewhere on the first page of results.

It works way better than it ever should.

BozoCrack was originally written in Ruby and published on GitHub by juuso. I liked the idea, and figured I’d do a PHP port:

<?php
/**
 * BozoCrack is a depressingly effective MD5 password hash
 * cracker with almost zero CPU/GPU load. Instead of
 * rainbow tables, dictionaries, or brute force, BozoCrack
 * simply finds the plaintext password. Specifically, it
 * googles the MD5 hash and hopes the plaintext appears
 * somewhere on the first page of results.
 *
 * Original BozoCrack can be found on https://github.com/juuso/BozoCrack
 *
 * Ported from Ruby to PHP by Niklas Femerstrand, qnrq.se, 2011
 * License: http://sam.zoy.org/wtfpl/
 */

if(!isset($_SERVER['argv'][1]))
  die("Usage example: $ php bozocrack.php file_with_md5_hashes.txt\n");

$fileContents = file_get_contents($_SERVER['argv'][1]);
preg_match_all("/\b([a-fA-F0-9]{32})\b/", $fileContents, $hashes);
$hashes = array_unique($hashes[0]);
printf("Loaded %s unique hashes\n", count($hashes));

foreach($hashes as $hash)
{
  $response = file_get_contents("http://www.google.com/search?q={$hash}");
  $wordlist = preg_split("/\s+/", $response);
  foreach($wordlist as $word)
  {
    if($hash == md5($word))
    {
      printf("%s:%s\n", $hash, $word);
      break;
    }
  }
}

2 Responses to “BozoCrackPHP”

  1. Anonymous Says:

    Haha, sad but true! You should put in another pattern that checks if it got 0 results, will be a bit quicker I suppose.

  2. DaveK Says:

    Anyone using unsalted hashes for passwords will get what they deserve. Properly-salted hashes should be immune.

Leave a Reply

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>