Werkzeug Cracker is being developped by @Anataar
This tool aims to perform a wordlist attack on a hash generated by the werkzeug.security
module.
This tool uses the werkzeug.security
library and the check_password_hash
function. The function returns True
if the password matches otherwise it returns False
.
Example of hash:
>>> from werkzeug.security import generate_password_hash
>>> hash = generate_password_hash("password", method='pbkdf2:sha256', salt_length=8)
>>> hash
'pbkdf2:sha256:260000$3LESq315$6f074a3d958ad256ced33cc72dfb79fda306ea53eb4d171d4c1bee4881e778c1'
Hash verification :
>>> from werkzeug.security import check_password_hash
>>> password = check_password_hash("pbkdf2:sha256:260000$3LESq315$6f074a3d958ad256ced33cc72dfb79fda306ea53eb4d171d4c1bee4881e778c1", "password")
>>> password
True
ref : werkzeug.security official documentation
git clone https://github.com/AnataarXVI/Werkzeug_Cracker.git
cd Werkzeug_Cracker
pip3 install -r requirements.txt
usage: werkzeug_cracker.py [-h] [-p PASSWORD] [-w WORDLIST] [-t THREADS]
Werkzeug hash cracker
options:
-h, --help show this help message and exit
-p PASSWORD, --password PASSWORD
load hash file
-w WORDLIST, --wordlist WORDLIST
load wordlist file
-t THREADS, --threads THREADS
number of threads, default=15
Example:
werkzeug_cracker.py -p [hash] -w [wordlist] -t [threads]
For this example, we use a wordlist avaiable here.
python3 werkzeug_cracker.py -p hash.txt -w wordlist.txt
Countdown |██████████████████▊ | 2417/4122
Password found: password
The thread number (-t | --threads) reflects the number of separated brute force processes. The more you increase the number of threads, the more the brute force will increase its speed. By default, the number of threads is 15, but you can increase it if you want to speed up the progress.
python3 werkzeug_cracker.py --password hash.txt --wordlist wordlist.txt -t 20
Copyright (C) Anataar ([email protected])
License: GNU General Public License, version 3
If you liked the project, feel free to share it. I'm open to any suggestions for improvement.