https://www.techsolvency.com/pub/bin/mdxfind/#download ------------------------------------------------------------------------------ Usage output cache for mdxfind and mdsplit ------------------------------------------------------------------------------ mdxfind: $Header: /var/data/www/www.techsolvency.com/htdocs/pub/bin/mdxfind/RCS/usage.txt,v 1.1 2020/04/23 15:16:06 royce Exp royce $ Search for MD5x values from a file use: mdxfind [options] [list of text files] < input hash The text file stdin is special, and may be used if -f is supplied, to read candidate passwords from stdin -a Do email address munging -b Expand each word into unicode, best effort -c Replace each special char (<>&, etc) with XML equivalents -d De-duplicate wordlists, best effort -e Extended search for truncated hashes -p Print source (filename) of found plaintexts -q Internal iteration counts for SHA1MD5x, and others -g Rotate calculated hashes to attempt match to input hash -s File to read salts from -u File to read Userid/Usernames from -k File to read suffixes from -n Number of digits to append to passwords -i The number of iterations for each hash -t The number of threads to run -f file to read hashes from, else stdin -l Append CR/LF/CRLF and print in hex -r File to read rules from (concatenated) -R File to read rules from (dot-product form) -v Do not mark salts as found. -w Number of lines to skip from first wordlist -y Enable directory recursion for wordlists -z Enable debugging information/hash results -Z Enable histogram of rule hits ------------------------------------------------------------------------------ mdsplit - processes MDXfind result files -a Process all files, not just .txt, looking for matches -l Do not lock files. If your filesystem can't lock... -r No reverse hashes scanned (default is to scan for reverse) -b 500K Buffer size 500K (or M or G) - default is 500K -f file Reads result file from filename, instead of stdin -t MD5x01 Uses the type MD5x01 for results that have no type mdsplit processes MDXfind result files, separating hash lists into solved files. Unsolved hashes should be in .txt files Typical usage: cat *.txt | mdxfind -i 3 /tmp/words | mdsplit *.txt cat foo.res bar.res | mdsplit /other/unsolved mdsplit -f foo.res biglist ------------------------------------------------------------------------------ MDXFIND is a program which allows you to run large numbers of unsolved hashes of any type, using many algorithms concurrently, against a large number [](https://hashes.org/mdxfind.php "https://hashes.org/mdxfind.php") of plaintext words and rules, very quickly. It’s main purpose was to deal with large lists (20 million, 50 million, etc) of unsolved hashes and run them against new dictionaries as you acquire them. So when would you use MDXFIND on a pentest? If you dump a database tied to website authentication and the hashes are not cracking by standard attack plans. The hashes may be generated in a unique nested hashing series. If you are able to view the source code of said website to view the custom hashing function you can direct MDXFIND to replicate that hashing series. If not, you can still run MDXFIND using some of the below ‘Generic Attack Commands’. MDXFIND is tailored toward intermediate to expert level password cracking but is extremely powerful and flexible. Example website SHA1 custom hashing function performing multiple iterations: $hash = sha1($password . $salt); for ($i = 1; $i <= 65000; ++$i) { $hash = sha1($hash . $salt); } ``` MDXFIND is a program which allows you to run large numbers of unsolved hashes of any type, using many algorithms concurrently, against a large number [](https://hashes.org/mdxfind.php "https://hashes.org/mdxfind.php") of plaintext words and rules, very quickly. It’s main purpose was to deal with large lists (20 million, 50 million, etc) of unsolved hashes and run them against new dictionaries as you acquire them. So when would you use MDXFIND on a pentest? If you dump a database tied to website authentication and the hashes are not cracking by standard attack plans. The hashes may be generated in a unique nested hashing series. If you are able to view the source code of said website to view the custom hashing function you can direct MDXFIND to replicate that hashing series. If not, you can still run MDXFIND using some of the below ‘Generic Attack Commands’. MDXFIND is tailored toward intermediate to expert level password cracking but is extremely powerful and flexible. Example website SHA1 custom hashing function performing multiple iterations: $hash = sha1($password . $salt); for ($i = 1; $i <= 65000; ++$i) { $hash = sha1($hash . $salt); } ``` [[Home]]