- Brute Force
- Dictionary Attack
- Dictionary File Splitter
- Dictionary Custom Passwords Adder
- HASH Generator
Machine Gun Kelly is a free password cracking software tool in Alpha. It was created to be a basic and light-weight version of John the Ripper.
Did you know? John the Ripper was a serial killer, MGK was a rapper, I mean, a robber and a kidnaper.
It's written in Python as the main coding language, and the GUI it's written using Shell Scripting (BASH).
It's main functionalities are Dictionary Attacks and Brute Forcing.
- *Passwords are stored on web servers as hashes, not plain text (usually), so therefore, I've decided to use the hashlib module on python for secure hashes that supports MD5, SHA1, SHA224, SHA256, SHA384, and SHA512. It usually started only using SHA256 since it's one of the most common used right now on the internet but lately I've ended up adding the 5 other types.
- For the Brute Force I've imported the random module to generate random numbers to perform the attack, the string module to retrieve the decided characters strings that should perform the attack and the pyautogui module to enter the password to bruteforce on a pop-up to give the script a more modern look.
- For the Dictionary Attack, I'll be using the basic configuration of username:password where the password is hashed, I've created a file called Wordlist.txt where all the username with their hashed passwords are stored. So, I used 'with open' to read the Wordlist.txt on read mode as a file and to test each passwords dividided by lines. Then it'll read the Username-Hashed-Passwords.txt file and divide the usernames from the hashed passwords taking the ':' as the entry point, using the 0 and 1 for indexing both username and passwords. Then it'll transform all the passwords stored on PasswordsList.txt and convert them into hashes and compare them with the hashed passwords stored on Username-Hashed-Passwords.txt, if there's a coinicidence, it'll be shown on the console as an output showing that the password has been cracked.
- This adds an extra feature to the script, providing an automated and fastest way to add (append) new and customized passwords to the Passwords Directory to perform a Dictionary Attack without having the need to edit the Wordlist.txt manually.
- This was created after playing with the Dictionary Attack, and after seeing it working, I've downloaded some really-heavy dictionaries with more than 100 MIllon passwords, but when I tried to open it, my computer froze,. So to prevent the script crashing your computer, this feature will avoid that at all costs.
- Simply to be more creative and for more fun.
- This was made using ASCII Art and created a 'css' for the colors.
To start MGK, open the terminal and write sh MGK.sh
The following dependencies are required to run the script:
python3
Supports all the characters availables, including numbers, lowercase and uppercase letters, punctuation and whitespaces (95+)
MGK comes with a dictionary of arround 900 potential passwords.
Theres is also an option to upgrade MGK with two sets of dictionaries. These are located in the folder 'Wordlists/Wordlist Upgrade/' as torrent files.
- Human-Killer: Contains over 64 MILLON Real Human Only passwords leaked from various website databases.
- Bio-Weapon: Contains almost every wordlist, dictionary, and password database leaks, including every word in the Wikipedia databases (pages-articles, retrieved 2010, all languages) as well as lots of books from Project Gutenberg. It also includes the passwords from some low-profile database breaches that were being sold in the underground years ago.
The format of the lists are in an standard text file sorted in non-case-sensitive alphabetical order.
WARNING: Opening a text file that's heavy it may cause your computer to freeze or even crash. To avoid that, use the Dictionary File Splitter. (see below)
Load your MGK with Incendiary Bullets, letting you split big texts files or dictionaries.
Your file to be splitted should be placed in the Wordlists folder.
The recommended maximum lines for a TXT file is 5000 lines.
- That means that the file would never exceed 100KB
- Supports GitHub Uploads
Currently supports ONLY TXT Files.
Improve your Dictionary Attack by adding your custom passwords without having to modify any file.
It lets you convert ANY password into a Secure Hash.
Supported Types: MD5, SHA1, SHA224, SHA256, SHA384, and SHA512