Python Forum

Hello team,

I posted a question on General Coding Help, but eventually figured it out by myself.

Tbh I tweaked the code from this link https://medium.com/@cyberdocks2019/passw...d1b5e064d9.

from urllib.request import urlopen
import hashlib

sha3_512hash = input("[+] Enter sha3-512 Hash value: ")

password_list = str(urlopen('https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt').read(), 'utf-8')
for password in password_list.split('\n'):
    guess = hashlib.sha3_512(bytes(password,'utf-8')).hexdigest()
    if guess == sha3_512hash:
        print("[+] The password is: "+str(password))
        break
    elif guess != sha3_512hash:
        continue
    else:
        print("The password does not matched in the list…")

It can be configured to other hash types by changing sha3_512 on line 8.

I hope it can be of some help.

If I may...

Possibly, this should have been posted in Code Review before it was posted here.

It would be better (IMHO) to d/load the 'dictionary' file (given that this is a so-called 'dictionary attack'), then load one word at a time, for the attempted 'crack'. That way the computer RAM is not filled with the entire file, which is 8.5MB in size; not huge, but it's very large (if one can define the difference). In fact password_list is not a Python list object, as the name would suggest; rather it's a instance of str: len=8529104

So maybe your code should be in two parts: one to d/load and save the file (which may or may not be updated from time to time; I've not checked on that detail) and one to re-load the file, one word at a time, generate the hash digest and check that against the user input.

I've not checked the actual operation (that is to say, I've not hashed a simple and easy-to-crack password, which is all this is good for) to see if it works, but I guess you have?