Skip to content

AnataarXVI/Werkzeug-Cracker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

.github/workflows

.github/workflows

 
 

example

example

 
 

tests

tests

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

requirements.txt

requirements.txt

 
 

werkzeug_cracker.py

werkzeug_cracker.py

 
 

Repository files navigation

Werkzeug Cracker

Werkzeug Cracker is being developped by @Anataar

This tool aims to perform a wordlist attack on a hash generated by the werkzeug.security module.

Description

This tool uses the werkzeug.security library and the check_password_hash function. The function returns True if the password matches otherwise it returns False .

Example of hash:

>>> from werkzeug.security import generate_password_hash
>>> hash = generate_password_hash("password", method='pbkdf2:sha256', salt_length=8)
>>> hash
'pbkdf2:sha256:260000$3LESq315$6f074a3d958ad256ced33cc72dfb79fda306ea53eb4d171d4c1bee4881e778c1'

Hash verification :

>>> from werkzeug.security import check_password_hash
>>> password = check_password_hash("pbkdf2:sha256:260000$3LESq315$6f074a3d958ad256ced33cc72dfb79fda306ea53eb4d171d4c1bee4881e778c1", "password")
>>> password
True

ref : werkzeug.security official documentation

Installation & Usage

git clone https://github.com/AnataarXVI/Werkzeug_Cracker.git
cd Werkzeug_Cracker
pip3 install -r requirements.txt

Options

usage: werkzeug_cracker.py [-h] [-p PASSWORD] [-w WORDLIST] [-t THREADS]

Werkzeug hash cracker

options:
  -h, --help            show this help message and exit
  -p PASSWORD, --password PASSWORD
                        load hash file
  -w WORDLIST, --wordlist WORDLIST
                        load wordlist file
  -t THREADS, --threads THREADS
                        number of threads, default=15

Example:
        werkzeug_cracker.py -p [hash] -w [wordlist] -t [threads]

How to use

For this example, we use a wordlist avaiable here.

python3 werkzeug_cracker.py -p hash.txt -w wordlist.txt

Countdown |██████████████████▊             | 2417/4122

Password found: password

Threads

The thread number (-t | --threads) reflects the number of separated brute force processes. The more you increase the number of threads, the more the brute force will increase its speed. By default, the number of threads is 15, but you can increase it if you want to speed up the progress.

python3 werkzeug_cracker.py --password hash.txt --wordlist wordlist.txt -t 20

Licence

Copyright (C) Anataar ([email protected])

License: GNU General Public License, version 3

Contributing

If you liked the project, feel free to share it. I'm open to any suggestions for improvement.

About

Werkzeug password cracker

Topics

python security hacking bruteforce wordlist python3 brute-force cracker brute hacking-tool password-cracker werkzeug pentest-tool redteam red-teaming

Resources

Readme

License

GPL-3.0 license
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

v1.5.0 Latest
Jun 18, 2023
+ 1 release

Packages

No packages published

Languages