[Official] Online Hash Crack

[Whistle Master]

Module: Online Hash Crack

Version: 1.1

Features:

• Send hashes and cap file to Online Hash Crack web service.

Change log:

1.1

• View list of cap files available from other modules
• Bug fixes

Note: I'm not affiliated in any ways with the online service. I just provide the module to send the data to it.

Edited April 30, 2016 by Whistle Master

[WiFiJuice]

Nice! My idea :D Good work!!

[b0N3z]

Having trouble submitting my .cap file. I dont know if im doing it wrong or just overlooking it. I used Site Survey to get a Handshake on my second wifi router I use for hacking. When I submit the path file to the WPA Crack it tells me no file selected. I know this has to be simple and feel a little stupid lol any help would be much appreciated

[Fre@ky Nightmar3]

Is this your service? Im very interested in trying it out,got a cap file on my laptop ready, just need to go home and actually send it, iv been testing out different networks, and so far i csn only crack 1 network here in the uk with pixiewps,it seems all the others need bruting, i seen the module and it looks like your offering just what i need, it says 4 days max, i know the key for the file iv got, i wont say the key as i wanna see if you get it for me ,i will say that its 8 uppercase letters, any idea howlong on that? And if thats succesful ,iv got different network routers that have 8 charecters lowercase and numbers, then 1 is 14 charecters lowercase and specials(ill call em that coz myminds just gone blank) !"':;/- ..... for the price your offering ,its worth just sending a few different 1s and seeing ifyou get em succesfully and how long they will take.

:)

[ZaraByte]

This for paid cracking service or are these free cracking service sites?

[Foxtrot]

This for paid cracking service or are these free cracking service sites?

I think the service is free to use

[b0N3z]

This service is free to use. Ive only used it for WPA2 Handshakes, which must be under 10mb. It took 5 days to run my .cap from my home router and it did not find the password. Ive tryed submitting through pineapple module and had no luck but then figured out that the cap file i was getting from site survey didnt actual have a handshake in it even though site survey said it did. So kinda weird but, you can go to there website and submit hashes or capture files for free and they email you a link and that will show the progress of your hash or cap file. Ive heard it take 4hrs and mine took 5 days w/no results. easy passwords less time.

[Fre@ky Nightmar3]

Free to use if under 8 charecters, 3/$4 for 8 charecters and above, my passwords wont be in a dictionary so will have to be cracked using every possible combo, thats why iv said , 8 uppercase for my first trial, if i send a cap file i will hooefully also say what combo to use which should make it a bit easier to brute

[Fre@ky Nightmar3]

and you only pay to get the password if he is succesful

[Whistle Master]

Note: I'm not affiliated in any ways with the online service. I just provide the module to send the data to it.

[b0N3z]

The password for the router was 15 characters long and they did not crack it so I didnt pay for it.

[Fre@ky Nightmar3]

Ok thanks whistle master,, @b0N3z do you have any idea if they used a password list? (I think these are mainly for passwords that people may have set thereselves) or something like bully or crunch? To go through every possible key for certain charecter sizes ( i think this would be better for the default password that comes on the routers)

[barry99705]

Ok thanks whistle master,, @b0N3z do you have any idea if they used a password list? (I think these are mainly for passwords that people may have set thereselves) or something like bully or crunch? To go through every possible key for certain charecter sizes ( i think this would be better for the default password that comes on the routers)

From their site...

Q. How do you do that?

Our distributed cracking system use several mechanisms : pre-calculated tables, GPU computations, huge wordlists, brute-force, etc.

[Fre@ky Nightmar3]

Ah ok thanks i didnt see that, so my other question to b0N3z is, was it the default password or had you changed it, nit that it really matters if they use all them methods, as brute should do it, its only a matter of time. And also (questions i should be asking them ,i know) iv read that reaver wont break the hash, so did they pipe through pyrit? Im just trying to get an idea if its worth sending the files, obviously people have had sucess, theyve been going a while, and some1 took the time to make the module.

[Purrball]

Has anybody ever received a reply while using this? I've never heard back from submitting my router handshake, with failure or success... just nothing. Checked spam and everything.

Edit - ok I just tried submitting manually from the site and now the cap file claims there was no handshake in them, so maybe the Site Survey module which I used, is falsely claiming handshakes.

Edited April 22, 2016 by purrball

[zalamander]

On 4/2/2016 at 7:04 PM, b0N3z said:

Having trouble submitting my .cap file. I dont know if im doing it wrong or just overlooking it. I used Site Survey to get a Handshake on my second wifi router I use for hacking. When I submit the path file to the WPA Crack it tells me no file selected. I know this has to be simple and feel a little stupid lol any help would be much appreciated

module.php, line 200

            exec("find /pineapple/modules/ -type f -name \"*.**cap\" 2>&1", $filesArray);

however, seems it dont like symbolic links so if you are lazy as me, just add this below...

           exec("find /sd/modules/SiteSurvey/capture/ -type f -name \"*.**cap\" 2>&1", $filesArray);

[b0N3z]

On 4/19/2016 at 4:15 PM, Fre@ky Nightmar3 said:

Ah ok thanks i didnt see that, so my other question to b0N3z is, was it the default password or had you changed it, nit that it really matters if they use all them methods, as brute should do it, its only a matter of time. And also (questions i should be asking them ,i know) iv read that reaver wont break the hash, so did they pipe through pyrit? Im just trying to get an idea if its worth sending the files, obviously people have had sucess, theyve been going a while, and some1 took the time to make the module.

I did not use the default password i used a password that i use on my main wifi router, in hopes that it ultimately wouldn't be cracked. Kind of a double check on myself.  I was very new to wifi password cracking and password cracking in general.  Sorry it took so long to responded I had just noticed that you mentioned me in that post

[Whistle Master]

I'll fix that in the next version, thanks !

On 8/19/2016 at 5:24 AM, zalamander said:

module.php, line 200

            exec("find /pineapple/modules/ -type f -name \"*.**cap\" 2>&1", $filesArray);

however, seems it dont like symbolic links so if you are lazy as me, just add this below...

           exec("find /sd/modules/SiteSurvey/capture/ -type f -name \"*.**cap\" 2>&1", $filesArray);

 

[eskip]

On 22/04/2016 at 7:22 PM, Purrball said:

Has anybody ever received a reply while using this? I've never heard back from submitting my router handshake, with failure or success... just nothing. Checked spam and everything.

Edit - ok I just tried submitting manually from the site and now the cap file claims there was no handshake in them, so maybe the Site Survey module which I used, is falsely claiming handshakes.

Same here... Yet another plugin that doesn't work...

[eskip]

Even when I convert the cap file to hccap for oclHashcat support, it says there are no valid handshakes found.

[Br@d]

On 18/08/2016 at 9:24 PM, zalamander said:

module.php, line 200

            exec("find /pineapple/modules/ -type f -name \"*.**cap\" 2>&1", $filesArray);

however, seems it dont like symbolic links so if you are lazy as me, just add this below...

           exec("find /sd/modules/SiteSurvey/capture/ -type f -name \"*.**cap\" 2>&1", $filesArray);

Since I'm a total noob and it took me forever for find module.php  it is found @ modules/OnlineHashCrack/api/module.php

[Battery_]

I was having problems where the OnlineHashCrack module wouldn't submit WPA handshakes properly. In order to fix it, just edit the "submit_wpa.sh".

 

Change the "http://" to "https://"

Easy...

[trashbo4t]

Nice find,
I created an issue on the official repo -> https://github.com/hak5/wifipineapple-modules/issues/24 and submitted a pull request.

 

[n3d.b0y]

There is one drawback, you can not send a handshake that was received through standard feed. The model is looking for a handshake only in the modules folder. Standard functionality saves in tmp/handshake. I can fix it but probably these changes will not get into the release. Please correct this.

[9tile]

I'm running into the same problem experienced by Purrball - I submit the .cap, and nothing happens. No email, no result, nothing.

I've uploaded the exact same .cap to Online Hash Crack manually, and I did receive an email from them immediately, so it's clearly the module's failing.

Does anyone know any alternative to this module? I would really like to be able to freely crack wpa hashes without needing to transfer them to myself then use a browser.