Waraxe IT Security Portal
Login or Register
March 11, 2025
Members List
IRC chat
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
Sql Char Encoder
y3dips ITsec
Md5 Cracker
User Manuals
Recommend Us
Your Account
User Info
Welcome, Anonymous

Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 70
Members: 0
Total: 70
Full disclosure
SEC Consult SA-20250226-0 :: Multiple vulnerabilities in Siemens A8000 CP-8050 & CP-8031 PLC
Re: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
Self Stored XSS - acp2sev7.2.2
Python's official documentation contains textbook example of insecure code (XSS)
Re: Netgear Router Administrative Web Interface Lacks Transport Encryption By Default
Monero 18.3.4 zero-day DoS vulnerability has been droppedpublicly on social network.
Netgear Router Administrative Web Interface Lacks Transport Encryption By Default
[CVE-2024-54756] GZDoom <= 4.13.1 Arbitrary Code Execution viaMalicious ZScript
Re: Text injection on https://www.google.com/so rry/index via ?q parameter (no XSS)
SEC Consult SA-20250211-0 :: Multiple vulnerabilities in Wattsense Bridge
APPLE-SA-02-10-2025-2 iPadOS 17.7.5
APPLE-SA-02-10-2025-1 iOS 18.3.1 and iPadOS 18.3.1
CVE-2024-55447: Access Control in Paxton Net2 software (update)
ChatGPT AI finds "security concern" (XSS) in DeepSeek's code
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Php -> Rainbow Table Query Script
Post new topicReply to topic View previous topic :: View next topic
Rainbow Table Query Script
PostPosted: Wed Jul 20, 2005 11:26 am Reply with quote
Regular user
Regular user
Joined: Jul 20, 2005
Posts: 16
Location: Norway

Okay, probably someone in here who is interested in this..

I was looking for a script for this a couple days ago so I started programming my own lil script..

I have made 2 scripts to allow other users to query your rainbow tables from your webpage/server.

One of them needs MySQL support, and allows only 1 hash submittion at once, and have a simple login system, aswell as saving all hashes to the database, and updating the mainpage every 30 sec with meta tags, and it will say when its done querying, and output results. - So you dont have to edit php.ini and max execution time.

I will only post one script for now, a script that dont need database support, only PHP is required.
This allows submittion of 5 MD5 hashes at once, although I reccomend only 1-2 as it may take some time, and php.ini's max execution time should be set to maximum if you have large tables.

This script uses the system(); command to execute the query, then outputs the result in some premade .txt files.

If anyone interested I can supply you with source for the exact same purpose, only this made in VB/CPP and will same output results into a db/html or .txt but this dont allow execution remotely, unless you further use winsock control.

Anyways, you need to make a few changes to this script yourself, I will explain more of that in the end.

Heres the code:



<center><H2>Rainbow Tables - MD5</H2><bR></center>
<FORM action="crack.php" method="post">
<INPUT type="text" name="hash1_old"><BR>
<INPUT type="text" name="hash2_old"><BR>
<INPUT type="text" name="hash3_old"><BR>
<INPUT type="text" name="hash4_old"><BR>
<INPUT type="text" name="hash5_old"><BR>
<INPUT type="submit" value="Try">





Rainbow table querying in PHP
- Simple example
- No database required



echo "<B>OUTPUT:</B><BR><BR>";
$op_cont = file_get_contents("output.txt");

$filename = 'output.txt'; // Both these will have some
$file = 'temp.txt'; // output temporarily stored in them.


$hash1 = escapeshellcmd($hash1_old); // Using this to avoid
$hash2 = escapeshellcmd($hash2_old); // exploits and vulnerable
$hash3 = escapeshellcmd($hash3_old); // code being passed.
$hash4 = escapeshellcmd($hash4_old); // Just some extra
$hash5 = escapeshellcmd($hash5_old); // security :)

if(empty($hash1)) {
$hashes=array($hash2, $hash3, $hash4, $hash5);
$towrite = "$hashes[1]\r\n$hashes[2]\r\n$hashes[3]\r\n$hashes[4]"; // I know my code looks messy
if(empty($hash2)) {
$hashes=array($hash1, $hash3, $hash4, $hash5);
$towrite = "$hashes[0]\r\n$hashes[2]\r\n$hashes[3]\r\n$hashes[4]"; // This could have been done a easier way
if(empty($hash3)) {
$hashes=array($hash1, $hash2, $hash4, $hash5);
$towrite = "$hashes[0]\r\n$hashes[1]\r\n$hashes[3]\r\n$hashes[4]";
if(empty($hash4)) {
$hashes=array($hash1, $hash2, $hash3, $hash5);
$towrite = "$hashes[0]\r\n$hashes[1]\r\n$hashes[2]\r\n$hashes[4]";
if(empty($hash5)) {
$hashes=array($hash1, $hash2, $hash3, $hash4);
$towrite = "$hashes[0]\r\n$hashes[1]\r\n$hashes[2]\r\n$hashes[3]";
} else {
$hashes=array($hash1, $hash2, $hash3, $hash4, $hash5);
$towrite = "$hashes[0]\r\n$hashes[1]\r\n$hashes[2]\r\n$hashes[3]\r\n$hashes[4]";

$fp = fopen($file, 'w');
fwrite($fp, $towrite);

echo "<pre>";
$crack = system("c:\\rcrack.exe c:\\*.rt -l $file");
echo "</pre>";

if (is_writable($filename)) {
if (!$handle = fopen($filename, 'w+')) {
echo "Cant open ($filename)";

if (fwrite($handle, $crack) === FALSE) {
echo "Failed to write output to ($filename)";

Make these files, and in the same folder make 2 empty textfiles.
Name these 'output.txt' and 'temp.txt'.
You will also need charset.txt in your script folder, aswell as in the folder with your rcrack.exe

Near the bottom of crack.php you will find this line:

$crack = system("c:\\rcrack.exe c:\\*.rt -l $file");

Modify this to the directory of your rcrack. (I have not tested elsewhere) But remember to add two slashes in the directories.

I have added all the hashes to go thru escapeshellcmd(); before its being executed by shell, incase some clever ppl decide to try exploit your box, this is just for increased security. Although you should note that this script cant be 100% secure, its not well tested, this is working without any database support, and last I'm new to this whole rainbow table thing.

If anyone need the other more stable querying script in PHP which currently only allows 1 submittion at once, and stores everything in a database and autorefreshes until its completed. The Visual Basic or C++ version, give me a note.

If anyone got any improvements or better script, please share.
Hope this will be useful for someone
View user's profile Send private message Visit poster's website MSN Messenger
Rainbow Table Query Script
www.waraxe.us Forum Index -> Php
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic

Powered by phpBB © 2001-2008 phpBB Group

Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.053 Seconds