Cryptohaze.com

Submit hashes, they'll be run through GPUs. No rainbow tables yet, but some hefty GPU power will be coming online soon enough.

I'll be adding APIs to help with this soon enough, and may write a network-aware version of the Multiforcers that would run in the background for distributed cracking - I prefer rainbow tables, but I"m going to have the API for my own systems anyway...

yay thanks bitweasil.

nice work

ok i think i found some minor problems

the database doesn't seem to support unicode? or wateva you call them chars?

ff19f73ebd7c1fa48c6e599aa9c10995 is not the correct MD5 hash for 'http'
f704dd29bb49a5e32a03a28d5b01ce58 is not the correct MD5 hash for 'salomé'
f6cb16ebd0b2eefb85ba242aed3d8d92 is not the correct MD5 hash for 'dsré'
f6f3ab31fc7b6ce629a21447d3d499c7 is not the correct MD5 hash for 'kämpfe'

it also doesn't seem support Websites such as "http://www.vreel.net/getmein.html" as the reversed for ff19f73ebd7c1fa48c6e599aa9c10995 it seems to have chopped of the characters after the http.

Hrm.

It probably doesn't support unicode right now.

I'll look into that. Thanks!

Those characters - are they extended ASCII (8 bit), or UFT16 (16 bit)?

hmm i'm not sure what those chars are, anyway judging from the way it says incorrect hash does it mean your script checks each hash to make sure its correct before adding it to the dbase coz i must say thats a damn good idea to prevent rouge solutions.

I trust the internet about as far as I can throw it. Of course I'm checking values before putting them in my database.

I'll see if I can work out the Unicode issues, though.

Not sure if you wanted to add more formats to the solution submission page i've put the format and the php code to extract the hash and plain-text for a line. Juz figured i'll save you some time.

Format 1:
Direct copy and paste from Cain & Abel status box

Output: "Plaintext of 7993D83DF456A856FE06FC209F6780A9 is CryptoHaze";

16 Byte Hash extract: (substr(string,13,32));

Any Hash extract: (substr(string,13,strpos(string," ",13)-13));
Plain extract: (substr(string,strripos(string," ")+1,strlen(string)-strripos(string," ")));

Format 2:
PasswordsPro Export

Output: ":7993D83DF456A856FE06FC209F6780A9::CryptoHaze:";

16 byte Hash extract: (substr(string,1,32));
16 byte Plain extract: (substr(string,35,strripos(string,":")-strripos(string,":",-2)-1));

Any hash extract: (substr(string,1,strpos(string,":",1)-1));
Any plain extract: (substr(string,strripos(string,":",-2)+1,strripos(string,":")-strripos(string,":",-2)-1));


Format 3:
RTI Multithred Results

Output: "7993D83DF456A856FE06FC209F6780A9:CryptoHaze:437279746f48617a65";

16 Byte Hash extract: (substr(string,0,32));

Any hash extract: (substr(string,stripos(string,":")+1,strripos(string,":")-stripos(string,":")-1));
Plain extract: (substr(string,stripos(string,":")+1,strripos(string,":")-stripos(string,":")-1));

Not sure if they're the most efficient methods but they seem to work.
Hope their of use.

Ooh. Yes, I was planning to add more. That's very helpful.

I'm probably not going to get them done today, but I'll work on them this week while I'm on a business trip. Hopefully things will be significantly upgraded in a week or two.

*votes* for user accounts with hashlistfuntion and a notice when a hash is found.also votes for some less ugly colors.

Yes, there will be individualuseraccountstouploadhashlists.

Probably file upload as well (upload a list of hashes or solutions), email notification, etc.

It'll be nice.