IMPORTANT! You may use this software for the recovery of your own forgotten passwords only!
Demo Version Restriction
This program is designed for recovering passwords to hashes, and supports over 180 algorithms. The software's primary features include:
– 7 types of attacks for recovering passwords to hashes.
– Maximum number of hashes in the licensed version reaches 10 millions.
– Comfortable and quick handling of large hash lists.
– Recovery of passwords of up to 127-characters length long.
– Recovery of passwords for to incomplete hashes of any type.
– Recovery of passwords in Unicode.
– Support for third-party developer's hashing modules.
– Support for using plugins.
– Editing user hashes and other data.
– Adding hashes to the list from a text file using a dialog window or clipboard.
– Copying hashes and found passwords to clipboard.
– Exporting hashes to text or HTML file.
– Searchable list of users with hashes.
– Checking current password against all or selected users on the list.
– Verifying user hashes and their passwords.
– Automatic accumulation of found passwords in the file "PasswordsPro.dic".
– Sorting hash list.
– Exporting hashes with found passwords in the format common for the InsidePro Software forum.
– Support for the "hidden" operating mode – when the program doesn't appear on the taskbar.
Types of attacks supported by the software:
Preliminary Attack – this is a quick check of user hashes for matching to simple passwords like "123", "qwerty", "99999", etc., as well as to passwords found by the program earlier.
Brute Force Attack – this is the exhaustive search through all possible passwords in a certain range; e.g., "aaaaaa"..."zzzzzz".
Mask Attack – this attack is used when some information on the lost password is known. To use the attack, make sure to specify the mask for each character in the password to be recovered in the attack settings. For mask characters you can use the conventional characters for the standard or custom character sets – ?u, ?d, ?2, etc. (see the "Character Sets" tab in the program's settings).
Simple Dictionary Attack – during this attack, the program simply checks hashes against passwords in dictionaries.
Combined Dictionary Attack – during this attack, passwords are made of several words taken from different dictionaries. That allows to recover complex passwords like "superadmin", "admin*admin", etc.
Hybrid Dictionary Attack – this attack allows modifying passwords taken from dictionaries (for example, shift the password to upper case, append '1' to the end of the password, etc.) and validating them as user passwords. The actions performed over source passwords are called "rules", and the full list of those is available in the file "Rules.txt" in the software distributive.
Rainbow Attack – this attack attempts to recover passwords using the pre-calculated Rainbow tables.
The software includes the following plugins (to obtain more information, see the file "ReadMe.txt" in the folder containing each plugin):
Dictionary Generator – generates dictionaries of passwords from a specified range and performs other functions related to using dictionaries – sorting, merging to one file, etc.
Hash Bruteforcing History – codes and decodes history of hash bruteforcing.
Hash Generator – generates hashes of all types loaded in the program.
Hash Queue – handles queues of hashes downloaded from the Internet.
Hidden Passwords Recovery – recovers text hidden behind asterisks.
NTLM Password Finder – attempts to find the NTLM password on the PasswordsPro hash list with a known LM password by checking it in all possible character cases.
Password Generator – generates random passwords with specified parameters.
Password Sender – sends recovered passwords to websites.
SQL Dump Parser – extracts hashes from SQL dumps of various forums.
Text Converter – converts text from Base64 to plain text format and the other way around.
Maximum number of importable users with hashes: 1.
1. All rights for PasswordsPro are reserved to InsidePro Software.
2. The software is available as Demo, with restrictions provided in the program description.
3. To use the software without restrictions, you must register your copy of the software by purchasing a license key (or several license keys) and then entering those in the application.
4. The use of the license keys by any persons that are not registered as authorized users of the software, as well as the distribution of or publishing the license keys are illegal. InsidePro Software reserves the right to revoke the registered user status from such key owners and ban such license keys in the future versions of the software.
5. You shall not modify, disassemble or decompile this software. Any violation of this provision in any part shall lead to the immediate termination of this License Agreement.
6. The software is provided on the "AS IS" basis. You use this software at your own risk. Under no circumstances shall the author be held liable for any data loss or damage, lost profits or any other damages caused by using or not using this software.
7. InsidePro Software guarantees that the software does not contain malware, spyware nor any other harmful code designed for performing any functions other than those stated in Program Description.
8. Using the software shall indicate your acceptance of this License Agreement.
9. If you do not wish to be bounded by the terms of this License Agreement, delete all the files of this software from your computer and stop using this software.
Q1: How do I find out the type of my hash?
A: First of all, take a close look at the hash samples here or here; maybe you will find a hash that is similar to yours among those. Also, try to find out which algorithm is used in the program, forum or CMS your hash was extracted from. Finally, you can always inquire about the type of a hash on our forum. Sometimes a hash can be Base64-encoded (e.g., "i+HsaXsUrTpTs3FDYSBkHQ=="); for the purposes of analysis it is better to convert it to the hexadecimal format (in our example – "8be1ec697b14ad3a53b371436120641d"). You can do that with the Text Converter plugin that comes along with the software.
Q2: In which formats can I load my hashes to the program?
A: By default, the program uses the following format:
The software distributive includes the files with hash examples in that particular format, but you can use any other format as well ("Hash", "Hash:Salt", "User name:Hash", etc.) – simply select the required format when importing your hash list.
Q3: If it's so easy to calculate the hash for my password, why can't I recover the password from the hash?
A: Any hashing algorithm is in fact the calculation of a checksum for the source text. That involves one-way math operations over the source message, like AND, OR, etc. For example, even if we do know the Y and the Z in the "X AND Y = Z" equation, we still won't be able to precisely recover the exact X value (the most we can do is to calculate the range of the probable X values that satisfy this equation). The second reason why the source password can't be precisely recovered from the hash is the issue of collisions.
Q4: What are "collisions"?
A: Since the range of all possible hashes for any hashing algorithm is a finite value and is determined by the hash size (for example, the number of possible hashes for the MD5 algorithm is 2128 or 3.4*1038 values), and the number of source messages for hashing is an infinite value, it becomes clear enough that there are source messages that have an identical hash. Those source messages are called collisions.
Q5: What is "salt"?
A: Salt is a number of random characters that are unique for each user and used when hashing passwords, making the recovery of such passwords difficult enough. Hashes and algorithms that use salt are often referred to as "salted".
Q6: Why does attacking on salted hashes go so slow?
A: Since for salted hashes each password to be checked goes through repetitive hashing with different salts (while for unsalted hashes the password is hashed only once for all users), the attack speed will decline proportionally to the number of users. Especially slow goes attacking on a large number of hashes.
Q7: Why for some hashes the attack speed is way too low – just a few passwords per second?
A: In those algorithms the passwords are hashed with the same algorithm multiple times in a loop; e.g. 2000 times with the algorithm MD5 or 5000 times with the algorithm SHA-1. Obviously, this tremendously declines the speed of attacking hashes. And if on top of that the hashes are salted, the attack speed on multiple hashes turns absolutely vain.
Q8: I've been recovering the password to a hash for several days now, but still cannot get it. Why?
A: Since it is impossible to calculate the password from a hash mathematically, the only way to get it is to pick it by generating the hash for each of the passwords being check and then comparing the given hash with the source one. Therefore, you need to try running different attacks on the hash, preferably with different settings. Otherwise, for example, you could spend much time on brute forcing a password with the "a...z" alphabet and never recover it, while the sought password could be numerical. Certainly, your hash could belong to a really complex password (for example, "tGEa+.4W\Z$C"). Unfortunately, it is almost impossible to recover such passwords.
Q9: What recommendations would you give on recovering user passwords from hashes?
A: 1. Launch the recovery attacks in the following order:
– Preliminary attack.
– Simple dictionary attack (with a large number of dictionaries)
– Hybrid dictionary attack (with a small number of dictionaries)
– Brute force attack (with different alphabets and character depth)
– Combined dictionary attack.
2. If you have a video card with a GPU from NVIDIA, it would be desirable to run the brute force attack with Extreme GPU Bruteforcer, as the speed of the attack powered by GPU (depending on its power) is 50...100 times higher than the same powered by CPU.
3. If you've got a computer with a multicore processor, it would be desirable to make several copies of the software (in different folders) and run them simultaneously with different attacks (for example, one copy of PasswordsPro would carry out a hybrid dictionary attack, while the other could run a combined or mask attack). You can use several computers, also launching different attacks simultaneously – all this would essentially raise the chance for recovering the passwords!
4. Certainly, if you have Rainbow-tables, the Rainbow attack should also be used. Also, if you've got any information about the password, try running a mask attack.
Q10: Can anyone help me to recover my password?
A: Yes, of course. Our forum has a special section where you can get quick help on recovering passwords to hashes or detailed recommendations on choosing the best and quickest way to recovering your password.
Q11: What are "dictionaries", and where can I get them?
A: Dictionary is a text file that contains possible user passwords (each line in the file contains one password). Such files can contain frequently used passwords ("admin", "master", etc.) as well as passwords from a required character range ("1111"..."9999"), which could be generated with the "Dictionary Generator" plugin. You can always find dozens of megabytes of such dictionaries that contain real user passwords here.
Q12: During a dictionary attack, the program reports the attack completion while the dictionary hasn't been processed completely. Why?
A: That happens when the dictionary contains a character, which the program interprets as the end of file (EOF) marker and exits. For example, that could be the 0x1F character, which is added by the COPY command after merging several files to one. So, it is recommended to weed such characters, as well as empty lines and other unnecessary data out of all the dictionaries before they are used. All that can be easily done with the "Dictionary Generator" plugin.
Q13: How do I properly import the lines of hashes with the salt contain the ':' character into the program?
A: Before importing such hashes, make sure to change the character to be used as the field delimiter (by default that's the ':'). You can also change the field delimiter character when exporting user hashes.
Q14: Can the TAB character or any other character with the ASCII code below 32 be used as the delimiter when importing hashes?
A: Yes, you can use any character, even with the ASCII code below 32 (tab character, line feed, etc.) and there are two ways to doing that:
1. Copy the TAB character (for example) to clipboard and then insert it in the program settings. Although it will appear as a square, it will do the job.
2. In the PasswordsPro.INI file, find the DlgOptionsMore section, and then in the EditBox1 parameter manually set the ASCII code of the field delimiter character. For example, for the TAB character the line would be:
Q15: "Character replacement tables" in the hybrid dictionary attack – what are those?
A: Those tables (the *.KBT-files) are text files where you can specify which characters of passwords to be checked are to be replaced with other characters. This feature is usually required to users from the countries with 2 keyboard layouts, English and their national. In this case, passwords in their native language can be typed using the English keyboard layout or, vice versa, English words can be typed using the national characters. The software distributive includes the file "Russian.kbt", which contains such tables for users with the Russian keyboard layout.
Q16: How do I use custom character sets?
A: Custom character sets are commonly used when attacking by mask. In other words, if you know for sure, for instance, that the first 5 characters of the password are numbers or capital Latin letters, you can type "?d?u" in the "?1:" field (or just enter whole alphabet to use: "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"), then in the mask describe the first 5 characters: ?1?1?1?1?1.
Q17: I am importing the *.Hashes-file from the previous version of the program (or copying the PasswordsPro.ini file from the old version to the folder with the new-version). Why does the program display wrong hash types or wrong settings, not the ones set in the previous version?
A: The format of the *.Hashes and *.ini files (as well as other work files created by the program) can be changed in the new version due to many reasons; for example, after optimizing the settings stored in the *.ini file, modifying the number of supported hash types, etc. So, it is strongly recommended that you use the *.Hashes and *.ini files created in the version of PasswordsPro that you currently use. The hashes created with the older versions of the software can be imported through the text format.