Need to query Google for vulnerable SQL servers and extract MD5 hashes? The sqlscan.py Python script is your tool then. If you are using Backtrack release 5 you will first need install Python 2.4.4 and then fix sqlscan.py by following the instructions here and here. Once you have sqlscan.py functioning without errors proceed to the example below.
As you know we think that oclHashcat is one of the best password crackers available and along with Hashcat and John The Ripper are pretty much the only password crackers we use at this point. Earlier someone asked me to crack some OpenLDAP hashes which come in SHA and SSHA format and the below example includes only the OpenLDAP SHA format hashes.
Recently I needed to find out information about a Juniper router password which is stored as a hash in the router configuration. The tricky part is while the password hash is technically a MD5 hash it is modified to make it unique and make it harder to crack. Luckily there is a way to crack the hash using JTR (John The Ripper) though it will require that you also have the username associated to the password as the username is used as part of the salt for the hash. Below there is first information on how to crack Juniper hashes which are the same as Netscreen hashes followed by more information about the hash itself.
Cisco devices running the Cisco IOS have three types of ways to display passwords in the device configuration which include Type 0, Type 5, and Type 7. Below we describe all three methods of storing passwords in the Cisco IOS device configuration and how to obtain the password from each method either by simply reading the password, by quickly converting the password from the Cisco defined encryption algorithm, or by cracking MD5 UNIX password hashes.
I spent a lot of time the other night trying to find a perl script that would decode Cisco type 7 password hashes and many of them did not work properly. At first I thought I was doing something wrong however I am pretty sure that most of the scripts were just broken. Anyhow I finally located the below script on some site and I can’t remember where I found it so I wanted to post it here mostly for reference however if someone else finds it useful then that would be great. Below is the actual script itself followed by an example of using the script.