hashpwn

Fyi. The OpenCl kernel used by the script has been updated with all Hashcat rules visible at https://hashcat.net/wiki/doku.php?id=rule_based_attack. This slightly increases the rule chain extraction time, but it can also lead to complex rules.

Hi. I have a question, is it possible to automatically export the private key of the wallet we unlocked using your tool? Or the mnemonic by any chance. I cannot send @cyclone a DM because my reputation is too low.

Recap of Record Setting Hyper-Volumetric DDoS Attacks in 2025 (CloudFlare) [image: 1761509944539-c4277848-2b31-4e87-9f51-d319e24bb72d-image.png] Overview: Recent months have seen a dramatic escalation in Distributed Denial-of-Service (DDoS) attacks, both in volume and packet rate. Two ultra-high-volume events stand out: a 7.3 Tbps / 4.8 Bpps attack on May 15 2025, and a later and eye watering 11.5 Tbps / 5.1 Bpps assault on September 3 2025, both successfully mitigated by Cloudflare. Key Details: The 7.3 Tbps attack targeted an unnamed hosting provider in mid-2025 and delivered roughly 37.4 TB of data in ~45 seconds. [image: 1761509961496-e180570d-367f-43cd-aa84-edf39dee410f-image.png] The 11.5 Tbps event occurred in September 2025, lasted about 35 seconds, and was primarily a UDP flood. Sources included cloud providers and massive IoT botnets. [image: 1761509368698-a13c17a4-e515-470f-85fd-e8a0fe7566da-image.png] These attacks reflect a trend: “hyper-volumetric” DDoS defined as >1 Tbps or >1 Bpps are now occurring at disproportionately high rates. Final Thoughts: The sheer rate and short duration (under a minute) make detection and response challenging. Attackers are increasingly deploying multi-vector strategies and exploiting large botnets of compromised IoT/cloud devices. These record-breaking DDoS events signal that we’ve entered a new era of scale in DDoS attacks. The days of only mitigating sub-100 Gbps events are behind us - now it’s multi-Tbps and packet rates in the billions. Sources: https://x.com/Cloudflare/status/1962559687368593552 https://www.tomshardware.com/tech-industry/cyber-security/cloudflare-blocks-record-setting-11-5tbps-ddos-attack-two-months-after-the-previous-record-setting-ddos-attack https://cybersecuritynews.com/record-breaking-ddos-attack-7-3-tbps/

Hey @cyclone and the whole hashpwn crew — sorry for being 10 days late to the party, but congrats on the 1st anniversary! What you’ve built in just a year is straight-up legendary — a global powerhouse for hash cracking minds. Huge respect for keeping the scene alive, open, and fun. Here’s to many more years of cracking, sharing, and pushing limits together. Happy Birthday, hashpwn!

That's great, thank you.

-m20 (superk as pepper) 415_found.txt fixed leftfile 2673389_left.zip

CN passwords International

56221_found.zip 11337696_left Spoiler There is more to be found from this thread using emails rules -> https://raw.githubusercontent.com/A113L/rules/refs/heads/main/a1131/emails.rule stacked with rule "l" (maybe also with swapped numbers and some special characters rules) on bigger dictionaries and more powerful graphic cards.

Analyzes and displays the top 20 (customizable by def print_top_domains) overall domains (NEW). Ready to use in script. #!/usr/bin/env python3 """ Email-Based Hashcat Rule Extractor This script processes a file containing email addresses, extracts trailing digit sequences from the usernames (before the '@'), filters them by specified domains, and generates Hashcat-compatible rule strings. It first displays the top 20 most frequent domains in the input file to help the user decide which domains to target for rule extraction. Functionality: - Reads email addresses from an input file. - **Analyzes and displays the top 20 overall domains (NEW).** - Filters addresses by user-specified domain(s) (e.g., 'gmail.com', 'yahoo.com'). - Extracts trailing digits from the local-part (e.g., 'user123' -> '123'). - Groups and counts digit-domain combinations. - Generates Hashcat rules from the most common combinations. - Saves rules to an output file. - Displays the top 5 most frequent patterns with example emails. Usage: - Run the script and provide: 1. Path to the input file containing emails (one per line). 2. Comma-separated list of domains to filter (after seeing the top domains). 3. Path to save the output Hashcat rules. """ import sys import re from collections import Counter, defaultdict def get_file_path(prompt): """Handles continuous prompting until a non-empty path is entered.""" while True: path = input(prompt).strip() if path: return path print("Path cannot be empty. Please try again.") def extract_data_from_email(email): """ Extracts the local part and domain from an email. Returns (digits, domain) if the local part ends in digits, otherwise None. """ # Regex to validate email structure and separate user/domain match = re.match(r'^([a-zA-Z0-9._%+-]+)@([a-zA-Z0-9.-]+\.[a-zA-Z]{2,})$', email.strip()) if not match: return None user, domain = match.groups() domain = domain.lower() # Normalize domain to lowercase # Check for trailing digits in the local part (username) digits_match = re.search(r'(\d+)$', user) if digits_match: digits = digits_match.group(1) return digits, domain return None def string_to_hashcat_rule(s): """Converts a string (e.g., '[email protected]') to a Hashcat rule (e.g., '$1$2$3$@$g$m$a$i$l$.$c$o$m').""" return ''.join(f"${c}" for c in s) def print_top_domains(file_path, limit=20): # edit limit if required """Reads the file, counts all domains, and prints the top 'limit' domains.""" domain_counts = Counter() try: with open(file_path, 'r', encoding='utf-8') as f: for line in f: email = line.strip() if '@' in email: # rsplit ensures we only split once from the right _, domain = email.rsplit('@', 1) if domain: domain_counts[domain.lower()] += 1 except FileNotFoundError: print(f"\nError: File not found at '{file_path}'", file=sys.stderr) return False except Exception as e: print(f"\nAn error occurred while reading the file: {e}", file=sys.stderr) return False top_domains = [f"{domain} ({count})" for domain, count in domain_counts.most_common(limit)] print("\n" + "="*50) print(f"🥇 Top {limit} Domains Found in the Input File:") print("="*50) # Print the top domains comma-separated, without spaces, just like the original request's output print(','.join(domain for domain, count in domain_counts.most_common(limit))) print("="*50 + "\n") return True def main(): """Main function to handle user input, file processing, and rule generation.""" print("--- Hashcat Rule Extractor for Email Patterns ---") # 1. Get Input Path and Print Top Domains input_path = get_file_path("Enter path to input file containing emails: ") # Display the top domains before proceeding if not print_top_domains(input_path, limit=20): # Exit if file reading failed in print_top_domains sys.exit(1) # 2. Get Domains to Filter domains_input = input("Enter comma-separated domains to filter (e.g., gmail.com,yahoo.com): ").strip() # 3. Get Output Path output_path = get_file_path("Enter path to save generated hashcat rules: ") domains_to_include = set(domain.strip().lower() for domain in domains_input.split(',') if domain.strip()) if not domains_to_include: print("\nWarning: No domains were specified for filtering. Exiting.", file=sys.stderr) sys.exit(0) counter = Counter() examples = defaultdict(list) print("\nProcessing file...") try: with open(input_path, 'r', encoding='utf-8') as f: for line in f: email = line.strip() extracted = extract_data_from_email(email) if extracted: digits, domain = extracted if domain in domains_to_include: key = (digits, domain) counter[key] += 1 # Store a few examples for display later if len(examples[key]) < 3: examples[key].append(email) except Exception as e: print(f"An error occurred during file processing: {e}", file=sys.stderr) sys.exit(1) sorted_items = counter.most_common() # 4. Write Rules to Output File try: with open(output_path, 'w', encoding='utf-8') as out: for (digits, domain), count in sorted_items: rule = string_to_hashcat_rule(digits + '@' + domain) out.write(f"{rule}\n") except Exception as e: print(f"Error writing to output file '{output_path}': {e}", file=sys.stderr) sys.exit(1) # 5. Display Summary print(f"\nDone! {len(sorted_items)} rules written to {output_path}") print("\nTop 5 extracted rules with examples:") if not sorted_items: print(" No patterns found matching the specified domains and having trailing digits.") return for (digits, domain), count in sorted_items[:5]: rule = string_to_hashcat_rule(digits + '@' + domain) print(f" Rule: {rule} | Count: {count} | Examples: {', '.join(examples[(digits, domain)])}") if __name__ == '__main__': main() https://raw.githubusercontent.com/A113L/Bucket/refs/heads/main/emailr.py

thanks for your work!

I think I did a quick run, just using cpu, currenctly I don't have a gpu, and many sql5 are short in lenght, and also being only numbers. This might help to anyone interested to give a run with only that algo, cleaneaning this kind of specific stuff.

FYI The hashpwn forum experienced a brief outage on 2025-10-07 14:39 UTC - 2025-10-07 15:56 UTC. The incident was caused by an unexpected host server reboot initiated by the datacenter without prior notice, which interrupted an automated database sync and left the forum database in a corrupt state. To minimize downtime, the forum database was restored to a known working state from a recent backup. As a result, approx 12 hours of activity were lost which included several posts from @hashpwn-bot and users. Thanks for your patience while this was sorted out. ~ @cyclone

-m2600 759_found.txt 206509_left.7z

#!/bin/bash # simple script to save your time on file operations while cracking vBulletin < 3.8.5 hashes without salts using hashcat # popular types of vBulletin salt - ?a?a?a, ?h?h?h?h?h?h, ?d?d?d?d?d # download hashgen - https://github.com/cyclone-github/hashgen (used to convert $[HEX] hashes with colon-containing salts and generating hashed wordlist) # Function to read file paths with validation read_file_path() { local prompt="$1" local result_var="$2" local path while true; do read -r -p "$prompt" path if [ -f "$path" ]; then # Use eval to set the variable passed by name eval "$result_var=\"$path\"" break else echo "ERROR: File not found: $path. Please try again." fi done } echo "--- Interactive vBulletin Salt Cracker Configuration ---" # --- Input Acquisition --- # 1. Hash list path read_file_path "Enter the path to the hash list (e.g., hashlists/main.txt): " HASHLIST_PATH # 2. Wordlist path read_file_path "Enter the path to the wordlist (e.g., wordlists/top1000.txt): " WORDLIST_PATH # 3. Mask (optional, with default value) read -r -p "Enter the mask for salt cracking (e.g., ?h?h?h?h?h?h) [Default: ?a?a?a]: " CRACKING_MASK if [ -z "$CRACKING_MASK" ]; then CRACKING_MASK="?a?a?a" fi # Generate dynamic paths WORDLIST_BASENAME=$(basename "$WORDLIST_PATH") HASHED_WORDLIST_PATH="md5_wordlists/${WORDLIST_BASENAME}.md5" echo "--- Settings Confirmed ---" echo "Hash List: $HASHLIST_PATH" echo "Word List: $WORDLIST_PATH" echo "Mask: $CRACKING_MASK" echo "Hashed Word List Output: $HASHED_WORDLIST_PATH" echo "------------------------------" sleep 2s # --- Tool Verification --- if ! command -v hashcat &> /dev/null; then echo "ERROR: hashcat not found. Ensure it is in your PATH." exit 1 fi if [ ! -f ./hashgen ]; then echo "ERROR: The ./hashgen file was not found. Ensure it is in the current directory and is executable." exit 1 fi # --- STEP 1: Potfile Cleanup --- echo "--- STEP 1: Cleaning potfile ---" if [ -f "hashed.pot" ]; then echo "Creating backup: hashed.pot -> hashed.pot.bak" cat hashed.pot >> hashed.pot.bak 2>/dev/null else echo "hashed.pot not found, skipping backup." fi echo '' > hashed.pot sleep 3s # --- STEP 2: Generate Hashed Wordlist --- echo "--- STEP 2: Generating hashed wordlist ---" mkdir -p md5_wordlists ./hashgen -m 0 -w "$WORDLIST_PATH" -o "$HASHED_WORDLIST_PATH" sleep 3s # --- STEP 3: Crack Salts --- echo "--- STEP 3: Cracking salts (Mode -m0 -a6) ---" hashcat -d1 -m0 -a6 -w4 --hwmon-temp-abort=95 --potfile-path=hashed.pot "$HASHLIST_PATH" "$HASHED_WORDLIST_PATH" "$CRACKING_MASK" --remove sleep 3s # --- STEP 4: Prepare Hashes for Wordlist Cracking --- echo "--- STEP 4: Preparing hashes for cracking (m2611 format) ---" sleep 3s # 1. Process NON-HEX lines (already cracked passwords) # Corrected format: HASH:PLAINTEXT (Single colon) grep -v HEX hashed.pot | sed 's/^\(.\{65\}\)/\1:/' | cut -d: -f1,3 | sed -E 's/^(.{32}):(.*)$/\1:\2/' > 2611_to_crack.txt sleep 3s echo "Converting HEX strings" # 2. Convert HEX strings grep HEX hashed.pot | cut -d: -f2 > hex.tmp grep HEX hashed.pot | cut -d: -f1 > hash.txt ./hashgen -m plaintext -w hex.tmp -o hex.txt sleep 3s # 3. Combine HEX hashes and append to 2611_to_crack.txt # Corrected format: HASH:HEX_SALT (Single colon) paste -d : hash.txt hex.txt | sed -E 's/^(.{32}):(.*)$/\1:\2/' >> 2611_to_crack.txt sleep 3s echo "Deleting temporary files" # 4. Remove temporary files rm -f ./{hash.txt,hex.txt,hex.tmp} sleep 3s # --- STEP 5: Crack Hashes with Wordlist (Mode -m2611) --- echo "--- STEP 5: Cracking hashes with wordlist -a0 -m2611 ---" hashcat -d1 -m2611 -a0 -w4 --potfile-path=hashcat.pot.salted 2611_to_crack.txt "$WORDLIST_PATH" sleep 3s # --- STEP 6: Export Cracked Hashes --- echo "--- STEP 6: Writing/Appending last cracked hashes into file ---" hashcat -d1 -m2611 -a0 -w4 -O --hwmon-temp-abort=95 --hwmon-disable --potfile-path=hashcat.pot.salted 2611_to_crack.txt --show > 2611_cracked.txt sleep 3s echo "Done." Preview