-
Notifications
You must be signed in to change notification settings - Fork 54
Extensive overview of Dagon
Dagon is an open source advanced hash cracking and salt manipulation system. What this means is that it is capable of breaking salted hashes and non-salted hashes quickly and efficiently. It provides extensive argument flags to pass that will manipulate the way the salt is arranged, created, placed, and what characters, numbers, unicode, etc.. Is used as the salt.
Apart from the obvious reasons such as that fact that I created it, Dagon is special in the sense that it has so many salting options. With a total of 32 supported hashing algorithms, damn near infinite combinations of characters, numbers, special characters, and unicode characters. Dagon has the ability to crack almost anything given the time and the character opportunity to do so.
Dagon has multiple different approaches to cracking hashes, it will create a wordlist for you the first time you use to which will take everything from aaaaaa to zzzzzzzzz and attempt to crack that hash using each combination. If you prefer to use a wordlist you can use your own, or download a wordlist with the built in download feature. Dagon isn't picky about what you use to crack the hashes, it's main focus is to break encryption and help you discover what was used to hash the password, what the password looks like, and how it was done.
Among those stated above, Dagon is capable of much more. It is possible to automatically verify a hash type using Dagon and attempt to crack that hash, it choose what hash type is to be used. Dagon will run the hash through a verification process using regular expressions to find a match, it will then pull the matches and store them in memory and use those stored in memory as the algorithms to attempt.
I created Dagon as a learning experience. One day I was sitting at my computer while working and was wondering where Windows stores passwords, I dumped the cached credentials, dumped the local passwords, and dumped the stored account passwords. I tried using hashcat, and john to crack the passwords, for some reason I wasn't able to crack them. I knew what the salt was, knew how to crack a hash and even knew what most of the passwords should have been. I tried cracking these for about three days (given that I probably didn't know what I was doing hashcat and john are extremely valuable tools and I have nothing bad to say about them).
So I was trying to figure out why this wasn't working and came up for the idea to crack the hash using my own custom tool. This is where the idea for Dagon began.
At first I named the tool hashpy, during the development phase when I cracked my first basic MD5 hash I changed the name to hashking, after I started getting more intrigued with hashing algorithms, and cracking them, I decided that Dagon would be the best fit. Dagon is a prince of hell, and this tool is hell for those that don't want their passwords cracked.
I'm not going to sit here and lie to you and say my tool is the best available, because well, it simply isn't. There are people out there that know much more then I do about these things, and people who are much smarter then I am. If you feel that Dagon is not fulfilling what you hoped, I suggest you use hashcat. Yes I am advertising another competitor tool on my page, but I'm not going to lie to someone to try and make them use something just because I created it. All I ask is that you give Dagon a shot, it has some cool features that other cracking tools don't have, and I promise that you will like it.