#Trace: 新版本的WordPress和phpbb已经弃用md5，采用phpass加密了（还有其他一些开源WEB程序）。原来DarkC0de上发布了一个phpass.py，是配合字典破解的，这个Phpass_Crack也是。PasswordsPro官方下载的最新版本也已经支持phpass的破解，有字典攻击和暴力破解等方式可选（选择md5(phpbb3) Modul）。

I have written a simple tool for cracking Portable PHP password hashes, which Wordpress uses to hash user passwords. You pipe passwords to it and pass it a passwd file and it tries to crack the hashes.

Download it here: phpass_crack.tar.gz

Update: After testing this program out with various size wordlists and various size passwd files, I realize that it’s very slow. I’m working on an update which will hopefully solve this problem by making things slightly more efficient and multithreading the attempts so lots can be happening at the same time. I’m also planning on making it have more verbosity options, and an output file (so the cracked passwords won’t get lost in the verbosity). Expect an update sometime soon.

Update: Version 0.2 has  been released.

phpass_crack v0.1
programmed by m0rebel

[] What is phpass_crack?
   =====================
phpass_crack is a password cracker for Portable PHP password hashes, which are used by Wordpress
and other web apps to hash passwords. See http://www.openwall.com/phpass/ for more info on
Portable PHP hashes, to get the PHP script.

I wanted to test my Wordpress passwords and John the Ripper wouldn't crack them, and I couldn't
find anything else that could, so I made my own script to do it. I used the python module by
Alexander Chemeris, from http://www.openwall.com/phpass/contrib/phpass-python-0.1.tar.gz. I
modified it slightly to use the hashlib python library instead of the depreciated md5 one it was
using.

[] What do I need to run it?
   =========================
I tested this with Python 2.6 in Windows and Linux. It should run in any operating system though.
I haven't tested it with Python 3.

[] How do I use it?
   ================
You need to pipe passwords into phpass_crack.py from another source, and supply phpass_crack.py
with a passwd file with the phpass hashes. If your wordlist is wordlist.txt and your hashes are
stored in hashes.txt, then you would run this by doing:

cat wordlist.txt | python phpass_crack.py hashes.txt

Or, in Windows:

type wordlist.txt | python phpass_crack.py hashes.txt

Or you can even use John the Ripper to generate your passwords for you, if you don't have a good
wordlist:

john --incremental --stdout | python phpass_crack.py hashes.txt

[] What format should my passwd file be in?
   ========================================
Each line should contain a different user/hash combination. For example, a passwd file with a
single user named "test" with the password "letmein" would look like this:

test:$P$BZrfCqm4v6boi6z0L3t8JTycW.zfI61